urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-li...
Submission: On November 10 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 115 IPs in 13 countries across 102 domains to perform 585 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 99821.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
16 74.125.24.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.200 4637 (ASN-TELST...)
16 104.26.3.91 13335 (CLOUDFLAR...)
36 74.125.24.156 15169 (GOOGLE)
2 69.16.175.42 20446 (STACKPATH...)
3 64.120.88.131 133752 (LEASEWEB-...)
20 13.33.33.27 16509 (AMAZON-02)
13 74.125.68.155 15169 (GOOGLE)
2 142.251.12.97 15169 (GOOGLE)
3 216.239.38.178 15169 (GOOGLE)
2 34.95.67.231 396982 (GOOGLE-CL...)
16 203.75.214.136 3462 (HINET Dat...)
2 4 35.201.76.93 15169 (GOOGLE)
6 74.125.24.154 15169 (GOOGLE)
1 74.125.200.94 15169 (GOOGLE)
2 18.155.68.87 16509 (AMAZON-02)
6 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
11 142.250.4.154 15169 (GOOGLE)
3 142.251.12.156 15169 (GOOGLE)
2 52.196.174.187 16509 (AMAZON-02)
11 182.161.73.129 55569 (CRITEO-AS...)
2 34.117.219.39 ()
2 103.132.192.30 138552 (RTBHOUSE-...)
4 210.59.219.181 3462 (HINET Dat...)
8 16 34.96.119.68 396982 (GOOGLE-CL...)
8 8 139.162.40.113 63949 (LINODE-AP...)
34 172.217.194.132 15169 (GOOGLE)
2 4 103.229.10.171 16509 (AMAZON-02)
1 104.16.87.20 13335 (CLOUDFLAR...)
1 35.213.117.18 15169 (GOOGLE)
5 21 51.79.234.101 16276 (OVH)
9 182.161.73.145 55569 (CRITEO-AS...)
11 54.75.88.22 16509 (AMAZON-02)
1 104.71.49.155 16625 (AKAMAI-AS)
1 54.255.147.224 16509 (AMAZON-02)
3 9 104.18.19.126 13335 (CLOUDFLAR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
9 14 68.67.160.114 29990 (ASN-APPNEX)
3 54.150.245.94 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 44.239.168.124 16509 (AMAZON-02)
2 3 145.40.89.200 54825 (PACKET)
8 34.98.64.218 396982 (GOOGLE-CL...)
1 8 74.125.24.103 15169 (GOOGLE)
2 104.211.156.162 8075 (MICROSOFT...)
1 13.33.33.127 16509 (AMAZON-02)
2 142.251.12.157 15169 (GOOGLE)
3 20.212.157.225 8075 (MICROSOFT...)
5 172.217.194.155 15169 (GOOGLE)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
2 172.253.118.95 15169 (GOOGLE)
1 74.125.68.94 15169 (GOOGLE)
17 53 142.251.10.155 15169 (GOOGLE)
4 16 139.5.84.243 27381 (CASALE-MEDIA)
3 13.237.117.95 16509 (AMAZON-02)
1 2 34.96.105.8 396982 (GOOGLE-CL...)
1 1 54.84.84.112 14618 (AMAZON-AES)
5 8 13.229.186.111 16509 (AMAZON-02)
5 6 35.213.12.39 15169 (GOOGLE)
8 13 69.173.158.64 26667 (RUBICONPR...)
8 8 103.229.206.240 30419 (MEDIAMATH...)
2 2 35.247.47.28 396982 (GOOGLE-CL...)
3 4 185.84.60.29 198622 (ADFORM)
2 3 96.17.188.24 16625 (AKAMAI-AS)
1 35.213.109.249 15169 (GOOGLE)
1 1 54.249.220.92 16509 (AMAZON-02)
1 1 52.74.74.2 16509 (AMAZON-02)
4 142.250.4.101 15169 (GOOGLE)
1 142.251.12.101 15169 (GOOGLE)
4 172.253.118.102 15169 (GOOGLE)
10 172.217.194.149 15169 (GOOGLE)
1 3 104.18.24.173 13335 (CLOUDFLAR...)
3 3 202.241.208.52 4694 (IDCF IDC ...)
1 124.146.215.4 2514 (INFOSPHER...)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 1 18.177.11.95 16509 (AMAZON-02)
1 1 13.230.132.255 16509 (AMAZON-02)
1 1 52.77.9.69 16509 (AMAZON-02)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 2 162.19.138.120 16276 (OVH)
12 52.95.129.116 16509 (AMAZON-02)
1 182.161.73.132 55569 (CRITEO-AS...)
4 4 151.101.66.49 54113 (FASTLY)
5 13 35.71.178.8 16509 (AMAZON-02)
13 182.161.73.135 55569 (CRITEO-AS...)
2 182.161.73.142 55569 (CRITEO-AS...)
3 182.161.73.136 55569 (CRITEO-AS...)
10 11 52.223.40.198 16509 (AMAZON-02)
1 104.18.12.76 13335 (CLOUDFLAR...)
1 151.101.193.108 54113 (FASTLY)
8 23.75.85.227 16625 (AKAMAI-AS)
9 104.71.48.26 16625 (AKAMAI-AS)
1 108.157.109.114 16509 (AMAZON-02)
1 74.125.68.156 15169 (GOOGLE)
3 3 50.116.239.135 6336 (TURN-US-ASN)
2 4 35.244.159.8 15169 (GOOGLE)
2 2 13.33.88.98 16509 (AMAZON-02)
1 2 69.173.144.139 26667 (RUBICONPR...)
1 3 23.106.127.38 59253 (LEASEWEB-...)
2 3 35.190.60.146 15169 (GOOGLE)
5 11 52.46.155.104 16509 (AMAZON-02)
8 67.199.150.82 3257 (GTT-BACKB...)
5 6 52.74.162.2 16509 (AMAZON-02)
2 3 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.99.194 13335 (CLOUDFLAR...)
2 2 35.213.93.179 15169 (GOOGLE)
1 13.107.21.200 8068 (MICROSOFT...)
3 172.217.194.94 15169 (GOOGLE)
2 2 68.67.161.208 29990 (ASN-APPNEX)
1 23.106.69.72 59253 (LEASEWEB-...)
1 104.18.13.76 13335 (CLOUDFLAR...)
3 3 23.41.65.80 16625 (AKAMAI-AS)
2 2 198.8.71.131 ()
4 23.78.217.19 16625 (AKAMAI-AS)
3 3 52.220.190.140 16509 (AMAZON-02)
2 182.161.73.146 55569 (CRITEO-AS...)
2 2 3.126.222.143 ()
2 50.16.238.86 14618 (AMAZON-AES)
2 35.73.244.105 16509 (AMAZON-02)
2 2 209.191.163.210 32475 (SINGLEHOP...)
2 2 209.191.163.209 32475 (SINGLEHOP...)
2 2 13.115.196.111 ()
1 1 185.183.112.148 ()
1 67.199.150.81 ()
1 1 54.211.207.107 ()
1 4 23.106.127.52 ()
11 13.112.54.241 ()
1 1 74.214.196.131 ()
1 150.136.26.45 ()
1 38.91.45.7 ()
2 2 18.139.44.145 ()
7 8 103.231.98.194 ()
1 1 34.193.201.64 ()
1 202.131.200.84 ()
1 2 35.186.193.173 ()
1 54.64.204.37 ()
1 13.250.207.233 ()
2 103.231.98.195 ()
585 115
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
16    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
76d80a4312d81001005c23532a6c38d7.safeframe.googlesyndication.com
a3634f3cb0b4767cba36538c2be5a2c5.safeframe.googlesyndication.com
de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
3    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.200 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-200.pacnet.net
cdn.adpushup.com
16    104.26.3.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
36    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
pagead2.googlesyndication.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
20    13.33.33.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-27.sin2.r.cloudfront.net
cdn.holmesmind.com
13    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
3    216.239.38.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
16    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
e19a34cd-4cdd-4d91-822a-d2499a5b1a8b.t.ssp.hinet.net
4    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
6    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
adservice.google.com
1    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
d-40497817543308984597.ampproject.net
2    18.155.68.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-87.sin52.r.cloudfront.net
adcdn.holmesmind.com
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
11    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
googleads.g.doubleclick.net
adservice.google.co.nz
3    142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net
adservice.google.co.nz
2    52.196.174.187 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
11    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    34.117.219.39 (None, )

ASN- ()
fp.holmesmind.com
2    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
4    210.59.219.181 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
16    34.96.119.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
8    139.162.40.113 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1453-113.members.linode.com
gocm.c.appier.net
34    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
tpc.googlesyndication.com
4    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    104.16.87.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
21    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
9    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
11    54.75.88.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    104.71.49.155 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-49-155.deploy.static.akamaitechnologies.com
a.teads.tv
1    54.255.147.224 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-147-224.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
9    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
14    68.67.160.114 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
3    54.150.245.94 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-245-94.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    44.239.168.124 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-168-124.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
3    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
8    74.125.24.103 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f103.1e100.net
www.google.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    13.33.33.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-127.sin2.r.cloudfront.net
rules.quantcount.com
2    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
partner.googleadservices.com
3    20.212.157.225 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bi.adpushup.com
5    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
www.googletagservices.com
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
2    172.253.118.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f95.1e100.net
fonts.googleapis.com
1    74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net
www.gstatic.com
53    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
cm.g.doubleclick.net
16    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    13.237.117.95 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-237-117-95.ap-southeast-2.compute.amazonaws.com
www.adtrek.co
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    54.84.84.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-84-112.compute-1.amazonaws.com
fksnk.com
8    13.229.186.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-186-111.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
6    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
13    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
8    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    35.247.47.28 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.47.247.35.bc.googleusercontent.com
um.simpli.fi
4    185.84.60.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    96.17.188.24 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-188-24.deploy.static.akamaitechnologies.com
cs.media.net
1    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
1    54.249.220.92 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-220-92.ap-northeast-1.compute.amazonaws.com
google.dap.fw-ad.jp
1    52.74.74.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-74-2.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
4    142.250.4.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f101.1e100.net
encrypted-tbn0.gstatic.com
1    142.251.12.101 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f101.1e100.net
encrypted-tbn2.gstatic.com
4    172.253.118.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f102.1e100.net
encrypted-tbn1.gstatic.com
10    172.217.194.149 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f149.1e100.net
s0.2mdn.net
3    104.18.24.173 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    202.241.208.52 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    124.146.215.4 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
gdn.socdm.com
1    202.232.238.37 (Itabashi-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    18.177.11.95 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com
cs.r-ad.ne.jp
1    13.230.132.255 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-132-255.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    52.77.9.69 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
12    52.95.129.116 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com
s3-ap-southeast-2.amazonaws.com
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
13    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
13    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
2    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
11    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
8    23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
9    104.71.48.26 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-48-26.deploy.static.akamaitechnologies.com
contextual.media.net
1    108.157.109.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-109-114.mad56.r.cloudfront.net
public.servenobid.com
1    74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net
googleads4.g.doubleclick.net
3    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
jp-u.openx.net
2    13.33.88.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-98.sin2.r.cloudfront.net
cr-p3.ladsp.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
3    23.106.127.38 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
11    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
8    67.199.150.82 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
6    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.99.194 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
fonts.gstatic.com
2    68.67.161.208 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    23.106.69.72 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
1    104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
3    23.41.65.80 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-65-80.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    198.8.71.131 (None, )

ASN- ()
p.rfihub.com
4    23.78.217.19 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-217-19.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    52.220.190.140 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-190-140.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    3.126.222.143 (None, )

ASN- ()
rtb.mfadsrvr.com
2    50.16.238.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-238-86.compute-1.amazonaws.com
cs.emxdgt.com
2    35.73.244.105 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-73-244-105.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    209.191.163.210 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
2    209.191.163.209 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    13.115.196.111 (None, )

ASN- ()
match.prod.bidr.io
1    185.183.112.148 (None, )

ASN- ()
sync.adotmob.com
1    67.199.150.81 (None, )

ASN- ()
image6.pubmatic.com
1    54.211.207.107 (None, )

ASN- ()
a.audrte.com
4    23.106.127.52 (None, )

ASN- ()
rtb-csync.smartadserver.com
11    13.112.54.241 (None, )

ASN- ()
usersync.gumgum.com
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
1    150.136.26.45 (None, )

ASN- ()
sync.technoratimedia.com
1    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
2    18.139.44.145 (None, )

ASN- ()
ad.360yield.com
8    103.231.98.194 (None, )

ASN- ()
simage2.pubmatic.com
1    34.193.201.64 (None, )

ASN- ()
sync.srv.stackadapt.com
1    202.131.200.84 (None, )

ASN- ()
sync-dsp.ad-m.asia
2    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    54.64.204.37 (None, )

ASN- ()
dps.jp.cinarra.com
1    13.250.207.233 (None, )

ASN- ()
cm.adgrx.com
2    103.231.98.195 (None, )

ASN- ()
image4.pubmatic.com
Apex Domain
Subdomains		 Transfer
76 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294
600 KB
76 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
76d80a4312d81001005c23532a6c38d7.safeframe.googlesyndication.com
a3634f3cb0b4767cba36538c2be5a2c5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
809 KB
32 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 147046
fcm.holmesmind.com — Cisco Umbrella Rank: 161307
c.holmesmind.com — Cisco Umbrella Rank: 106536
adcdn.holmesmind.com — Cisco Umbrella Rank: 144780
ad.holmesmind.com — Cisco Umbrella Rank: 95735
fp.holmesmind.com
112 KB
30 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 922
fastlane.rubiconproject.com — Cisco Umbrella Rank: 439
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2024
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 861
token.rubiconproject.com — Cisco Umbrella Rank: 544
pixel-us-east.rubiconproject.com Failed
54 KB
26 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
pix.as.criteo.net — Cisco Umbrella Rank: 15906
csm.as.criteo.net — Cisco Umbrella Rank: 15767
431 KB
25 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 491
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
dsum.casalemedia.com — Cisco Umbrella Rank: 1372
21 KB
24 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 44139
gocm.c.appier.net — Cisco Umbrella Rank: 1971
4 KB
23 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 561
ads.pubmatic.com — Cisco Umbrella Rank: 458
image6.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
40 KB
21 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 723
11 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
acdn.adnxs.com — Cisco Umbrella Rank: 579
secure.adnxs.com — Cisco Umbrella Rank: 426
34 KB
17 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 691
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 20361
ads.as.criteo.com — Cisco Umbrella Rank: 15481
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 16096
gum.criteo.com — Cisco Umbrella Rank: 390
dis.criteo.com — Cisco Umbrella Rank: 631
61 KB
17 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15170
e3.adpushup.com — Cisco Umbrella Rank: 16671
campaign.adpushup.com — Cisco Umbrella Rank: 29370
aplogger.adpushup.com — Cisco Umbrella Rank: 16187
bi.adpushup.com — Cisco Umbrella Rank: 17664
313 KB
17 bg3.co
www.bg3.co — Cisco Umbrella Rank: 99821
static.bg3.co
15 KB
16 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 84382
e19a34cd-4cdd-4d91-822a-d2499a5b1a8b.t.ssp.hinet.net
13 KB
14 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
6 KB
14 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 554
eb2.3lift.com — Cisco Umbrella Rank: 339
16 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
4 KB
13 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1324
usersync.gumgum.com
rtb.gumgum.com
5 KB
13 gstatic.com
www.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn1.gstatic.com
fonts.gstatic.com
335 KB
13 media.net
prebid.media.net — Cisco Umbrella Rank: 1201
cs.media.net — Cisco Umbrella Rank: 1349
contextual.media.net — Cisco Umbrella Rank: 535
19 KB
12 amazonaws.com
s3-ap-southeast-2.amazonaws.com
119 KB
12 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13712
u.openx.net — Cisco Umbrella Rank: 656
us-u.openx.net — Cisco Umbrella Rank: 407
jp-u.openx.net — Cisco Umbrella Rank: 10594
7 KB
12 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1592
public.servenobid.com — Cisco Umbrella Rank: 3158
8 KB
11 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
7 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
6 KB
10 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
248 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 353
217 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
5 KB
7 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1720
ssbsync.smartadserver.com — Cisco Umbrella Rank: 807
rtb-csync.smartadserver.com
3 KB
7 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 899
x.bidswitch.net — Cisco Umbrella Rank: 281
4 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27807
sync.aralego.com — Cisco Umbrella Rank: 2762
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
237 KB
5 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 150757
1 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 862
ap.lijit.com — Cisco Umbrella Rank: 599
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 533
1 KB
4 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 883
gdn.socdm.com — Cisco Umbrella Rank: 78863
4 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 582
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 917
pixel.quantserve.com — Cisco Umbrella Rank: 664
cms.quantserve.com — Cisco Umbrella Rank: 615
11 KB
4 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 73497
242 B
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9020
46 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
1 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 540
512 B
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 708
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 745
s.tribalfusion.com — Cisco Umbrella Rank: 1840
2 KB
3 adtrek.co
www.adtrek.co
19 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 881
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
430 B
2 ctnsnet.com
ipac.ctnsnet.com
673 B
2 360yield.com
ad.360yield.com
624 B
2 bidr.io
match.prod.bidr.io
1 KB
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 942
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 rfihub.com
p.rfihub.com
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2194
971 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 471
479 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25501
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 587
cdn.indexww.com — Cisco Umbrella Rank: 1490
2 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 479
3 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1763
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 752
1 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2182
184 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
1007 B
2 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18067
344 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
78 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 669
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 16217
10 KB
1 adgrx.com
cm.adgrx.com
230 B
1 cinarra.com
dps.jp.cinarra.com
220 B
1 ad-m.asia
sync-dsp.ad-m.asia
243 B
1 stackadapt.com
sync.srv.stackadapt.com
617 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 contextweb.com
bh.contextweb.com
662 B
1 audrte.com
a.audrte.com
655 B
1 adotmob.com
sync.adotmob.com
705 B
1 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 924
215 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 241
667 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 618
515 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 16779
566 B
1 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 127091
735 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 68712
716 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 498
388 B
1 fw-ad.jp
google.dap.fw-ad.jp — Cisco Umbrella Rank: 139648
559 B
1 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 2930
218 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4678
613 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 847
632 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3711
517 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1371
sync.teads.tv Failed
520 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
2 KB
1 ampproject.net
d-40497817543308984597.ampproject.net
0 dotomi.com Failed
pubmatic-match.dotomi.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 iprom.net Failed
core.iprom.net Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 admedo.com Failed
pool.admedo.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 agkn.com Failed
aa.agkn.com Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
585 102
Domain Requested by
53 cm.g.doubleclick.net 17 redirects googleads.g.doubleclick.net
de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
www.bg3.co
u.openx.net
onetag-sys.com
eb2.3lift.com
g2.gumgum.com
ads.pubmatic.com
36 pagead2.googlesyndication.com cdn.ampproject.org
securepubads.g.doubleclick.net
www.bg3.co
tpc.googlesyndication.com
pagead2.googlesyndication.com
de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
34 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
21 onetag-sys.com 5 redirects cdn.adpushup.com
de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
onetag-sys.com
public.servenobid.com
ads.pubmatic.com
20 cdn.holmesmind.com ads.aralego.com
cdn.holmesmind.com
ad.holmesmind.com
16 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
16 ad2.apx.appier.net 8 redirects www.bg3.co
16 static.bg3.co www.bg3.co
14 ib.adnxs.com 9 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
14 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
13 pix.as.criteo.net ads.as.criteo.com
13 eb2.3lift.com 5 redirects cdn.adpushup.com
eb2.3lift.com
public.servenobid.com
12 s3-ap-southeast-2.amazonaws.com www.adtrek.co
s3-ap-southeast-2.amazonaws.com
www.bg3.co
12 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
11 usersync.gumgum.com g2.gumgum.com
eus.rubiconproject.com
11 s.amazon-adsystem.com 5 redirects onetag-sys.com
eb2.3lift.com
ssum-sec.casalemedia.com
www.bg3.co
11 match.adsrvr.org 10 redirects cdn.adpushup.com
11 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
ssbsync.smartadserver.com
g2.gumgum.com
11 static.criteo.net cdn.holmesmind.com
cdn.adpushup.com
static.criteo.net
ads.as.criteo.com
10 s0.2mdn.net www.bg3.co
www.adtrek.co
googleads.g.doubleclick.net
s0.2mdn.net
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 contextual.media.net cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
ads.pubmatic.com
9 pixel.rubiconproject.com 4 redirects onetag-sys.com
www.bg3.co
9 bidder.criteo.com cdn.adpushup.com
static.criteo.net
9 googleads.g.doubleclick.net cdn.ampproject.org
pagead2.googlesyndication.com
de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
8 simage2.pubmatic.com 7 redirects ads.pubmatic.com
8 image8.pubmatic.com onetag-sys.com
ads.pubmatic.com
8 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
8 sync.mathtag.com 8 redirects
8 pr-bh.ybp.yahoo.com 5 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
8 www.google.com 1 redirects tpc.googlesyndication.com
de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
googleads.g.doubleclick.net
8 gocm.c.appier.net 8 redirects
6 ups.analytics.yahoo.com 5 redirects onetag-sys.com
6 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
6 x.bidswitch.net 5 redirects onetag-sys.com
ads.pubmatic.com
6 e3.adpushup.com www.bg3.co
6 adservice.google.com cdn.ampproject.org
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 us-u.openx.net 2 redirects u.openx.net
5 www.googletagservices.com de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 adservice.google.co.nz securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
4 token.rubiconproject.com 4 redirects
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 sync-tm.everesttech.net 4 redirects
4 encrypted-tbn1.gstatic.com de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
4 encrypted-tbn0.gstatic.com de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adpushup-d.openx.net cdn.adpushup.com
4 prebid.scupio.com cdn.holmesmind.com
4 c.holmesmind.com 2 redirects cdn.holmesmind.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 pm.w55c.net 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 id.rlcdn.com 2 redirects onetag-sys.com
3 ad.turn.com 3 redirects
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 tg.socdm.com 3 redirects
3 cs.media.net 2 redirects contextual.media.net
3 www.adtrek.co de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
www.adtrek.co
s3-ap-southeast-2.amazonaws.com
3 bi.adpushup.com www.bg3.co
3 prebid.a-mo.net 2 redirects cdn.adpushup.com
public.servenobid.com
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 image4.pubmatic.com ads.pubmatic.com
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 ad.360yield.com 2 redirects
2 cms.quantserve.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 ap.lijit.com 2 redirects
2 ce.lijit.com 2 redirects
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com contextual.media.net
ads.pubmatic.com
2 p.rfihub.com 2 redirects
2 secure.adnxs.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 googleads4.g.doubleclick.net www.bg3.co
2 csm.as.criteo.net ads.as.criteo.com
2 id5-sync.com 2 redirects
2 sync.inmobi.com 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 um.simpli.fi 2 redirects
2 tr.blismedia.com 1 redirects de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
2 fonts.googleapis.com googleads.g.doubleclick.net
s3-ap-southeast-2.amazonaws.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 aplogger.adpushup.com cdn.adpushup.com
2 e19a34cd-4cdd-4d91-822a-d2499a5b1a8b.t.ssp.hinet.net www.bg3.co
t.ssp.hinet.net
2 htlb.casalemedia.com cdn.adpushup.com
2 prebid-asia.creativecdn.com cdn.holmesmind.com
2 fp.holmesmind.com cdn.holmesmind.com
2 ad.holmesmind.com cdn.holmesmind.com
2 adcdn.holmesmind.com cdn.holmesmind.com
2 fcm.holmesmind.com cdn.holmesmind.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 rtb.gumgum.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 dps.jp.cinarra.com ads.pubmatic.com
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 bh.contextweb.com 1 redirects
1 a.audrte.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 sync.adotmob.com 1 redirects
1 ssbsync.smartadserver.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 gu.dyntrk.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 c.bing.com eb2.3lift.com
1 public.servenobid.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 ads.yieldmo.com 1 redirects
1 ds.uncn.jp 1 redirects
1 cs.r-ad.ne.jp 1 redirects
1 sync.fout.jp 1 redirects
1 gdn.socdm.com googleads.g.doubleclick.net
1 s.tribalfusion.com googleads.g.doubleclick.net
1 encrypted-tbn2.gstatic.com de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
1 match.sharethrough.com 1 redirects
1 google.dap.fw-ad.jp 1 redirects
1 y.one.impact-ad.jp de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
1 fksnk.com 1 redirects
1 www.gstatic.com googleads.g.doubleclick.net
1 ads.as.criteo.com de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
1 rtb.jp2.as.criteo.com www.bg3.co
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 a3634f3cb0b4767cba36538c2be5a2c5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 76d80a4312d81001005c23532a6c38d7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 campaign.adpushup.com www.bg3.co
1 d-40497817543308984597.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 pubmatic-match.dotomi.com Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
0 cs.admanmedia.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 pool.admedo.com Failed g2.gumgum.com
0 sync.teads.tv Failed onetag-sys.com
0 sync.go.sonobi.com Failed public.servenobid.com
0 b1sync.zemanta.com Failed contextual.media.net
ssbsync.smartadserver.com
0 aa.agkn.com Failed contextual.media.net
0 sync.targeting.unrulymedia.com Failed contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
585 170

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
*.google.co.nz
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-26 -
2023-10-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
www.adtrek.co
Amazon		 2022-10-22 -
2023-11-20		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2022-03-04 -
2023-03-25		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon		 2022-09-21 -
2023-09-05		 a year crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.dyntrk.com
R3		 2022-10-21 -
2023-01-19		 3 months crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh

This page contains 96 frames:

Primary Page: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Frame ID: 54D22F0181AB5F8CB0C24E2C2BE5B4DA
Requests: 97 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: F4976CC4D301F571394588A96B1126A3
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: E8827A8CB9794E35E71B73165A5B2978
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 5ED7948F9851F34B2854E08B9CC79F1D
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 11D8EBBFBA56280F6589BE9F66E4BCBC
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 7C70017DF9BA057A213B81FDB4DF915B
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: E4D88A2B239227ABCF422420980278D6
Requests: 25 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 3B6BA3EF40222D11480516B695BCB79E
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 10C1C90884CB01BCFF46DAEB3B1E9A0B
Requests: 27 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: B7A22854F0AF387D673FDC1613CE3846
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 53D8C0C5E81260BCBABB7AF47CEA7DF7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-22356909702278556805&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3069&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=475001194&ga_cid=amp-BHIgVAiGkraFXl475dMEqA&ga_hid=1194&dt=1668081583843&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&bdt=4216&dtd=573&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 7D55DC119A104BEB7673D48CC8E86F7F
Requests: 1 HTTP requests in this frame

Frame: https://76d80a4312d81001005c23532a6c38d7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=1
Frame ID: D2ECC1E73EC661CB5774F96AABA5AAA4
Requests: 1 HTTP requests in this frame

Frame: https://a3634f3cb0b4767cba36538c2be5a2c5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=1
Frame ID: C16DE3A7ABC4373E95CD2915C3E2F6C4
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3016-y7NCkBQ2izDZ09Gy2eRsnPWqDI5wIyPR&CFFPCKUUID=9750-ROQS9ww2tOvxh1bjqzgPUfC6uUJaxiQa&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&maindomain=www.bg3.co
Frame ID: 541D7A85555B63BB3DD859155ECF3E9A
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3016-y7NCkBQ2izDZ09Gy2eRsnPWqDI5wIyPR&CFFPCKUUID=9750-ROQS9ww2tOvxh1bjqzgPUfC6uUJaxiQa&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&maindomain=www.bg3.co
Frame ID: 1B0B1DCC6A8188804F617713C7E4C816
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 79D261056D912DD4FA0B2027F09022CC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB768AC0F251FEA3F9D560342A419177
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E2DFA813B0636939E597D7D83A92035F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B7228AD062CBDC5AC240328A00B8768C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 12977BC14C57AED16F55053F2D171C97
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 598E3795D7B148A13F9845CD11C484BC
Requests: 7 HTTP requests in this frame

Frame: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: B4EFDC8DDB9C9AF1A2B067DBBCF00EF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Frame ID: 7CEE722041E6E78FB4C0B78B2F4B2CD0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Frame ID: 1A82A8F3F939B9D21C13315961306640
Requests: 16 HTTP requests in this frame

Frame: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 6D950FFC5F0D8D627853DFB91529DC36
Requests: 10 HTTP requests in this frame

Frame: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: A65F39565633881964BB8E46F643D076
Requests: 7 HTTP requests in this frame

Frame: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: EB8A991F174F552527190EB6969AF9B0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICELGQ6u0CGOeI-9UBMAE&v=APEucNV10AEphfZn8-7kfXWWzk0V3sGqaybPVhXBlGqWJwikbt-8Xra2ClDDdPtBscs2hKenkFX6vg2fTSrPvaIP8_IgSIxZBA
Frame ID: 701E92E135E258122557EC538D92EBD4
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13885821050941341696/index.html
Frame ID: 4FFB23B52FC2BD72D31FC60EA2514987
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8874060E682ADC3CAB14E327973FF229
Requests: 2 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 91D98E63662A284D92956A32B7DBA70F
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5C1D3A4E240B8F27562B5BFD85C98C19
Requests: 9 HTTP requests in this frame

Frame: https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCIG04tOdsY8e0IIaSvQSq1rrACtKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKCnxr7QrejPqgDAaoE2AFP0FKmk82LS20KF3dYjXTIBLjeY3lIwXT3M8BOrsWG-AO0mzukNik3dkuHV99gj1BBK5SGbZacKhBic6pNv0zIVHIfu9X8HXIPZhZ6_qIO0fJaElA_1sLA8lM53O49CeFlTqWxnVqyXH8xMDc0XBamAt-bMx6pYnpzLnm3sPZR_lqrvQ2cT1_9rhh4Ot4htpdBYf0XslOh_i-iuE0ZHVwmoQOWsEEqLu597Ru7trgVoXVqXaOGIUBoP5WSCtCOWooHD3UEBpnILnCmy2LddDZyMGuFV4uY0mfABM3vyeyGBOAEA5AGAaAGTYAHuP3U7AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBsBPb6fEQyBO3jKThA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9HNW44CzpZTSqc_TntLnjq-M8IJg28VUFMDTzFyiEZCqo2HtbinccDZfqKvYjco_ORxjmODjLGAEgEw%26sig%3DAOD64_2x27y4DsoLGq2wE1AeDDaXNhby-Q%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CiNHTL3QoSfzinSV6EWjqbyQ4GKR_W45HH7Oeh0tSShWdYiFUfMufvYIrJF-i9VFAqQOJGUASJcd3hwpTG6vOeNsQr1HJwqkOGPgbcRKTIlIF3C0OXIvQJZMG_jN6gzVzt2Xbjj1RPSKCoBpiZn4oQ_JqYZ5E34VlgI4cKPnmkGPLySMw%26cry%3D1%26dbm_d%3DAKAmf-D2TXzJdoXyRK3vfjX4AMseO5662jf53wI3j5RekBt95xOC9haZqiRX5GkecuyeimU45_dYKmb1EwbUce4PvF_U_j1FR_VwyNnj4s-FUlkx_dGMdRip5lF3VWksSK_e1xvFvlgfbrWVRiE4GhFu1Rkgnt_dY9jhFrXJZU_Fd4IJQSaUK5WBqscbMY-xYCqBZCEO_vUs1YPEVaUQw-_2LhYGNvUTsdFEO04UarLIZZu9oMRMqqSMwQyVIeXQHUo0gOhtOiY1hi1eyqT4m1nJV5Q-eIbwfsIpzXMmwLctCMgIwGcN7naX_N0IqiTUAx4Zf7igyWg1o9ikI0_LjHhwa7kX4Wm7JBZOPXOYX1ypsdXgL2ZxrD4wmZV6PyWQ0AJ85ehRHiEL5BSEEyNQ9IebF8RM-RO2hvuhtOnEAZqIlv_JAf7YQcTMojrmDEVmmrKG6zJ5Btqq-WWuI7yLDZ73Rr_Ewo86yYTv0kKy6SA2KYG5i4qGibie-_NFvTDFwe-1lsqAtJJt4_r7b5cjXOrMZJFF-Sjh5rdU6K3ksf0jyCdZmoU4fudTSchS0bbXoYl3is8R8o5cH2lubOZFyV1pf-cSF9-nkSHLVglnB3WAEaQF5M7bAIrtzHK_Zt1cyGwmOGNHO8A8DHzVUtLM3AZf91f88cdsm6VEISykof2qSdBZfpe4hxs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1668081588531015
Frame ID: 416C1D86BA2C20BB58D03AEA7FA69C63
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7F6AB4707A426733226ED353D62CFFDE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGO3C9tcBMAE&v=APEucNWB1EkRAaQtGx9yX6iweGtMjkO7LSqmn848of_8EpGZzrNbCkrZCaIwZRVvY4SD_0bZlmJgXSSuNk_ZMamhI0zadesi9A
Frame ID: 283F85DB363E9629EC41D9DF2EC5C9CD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cfbe2ai62HdkSqAurSFA4CyQ2aUwEiBie9tin3puJxCp5MFa4_ayV6jjKTc0dkqEnQW2RdQfiXyCuKq_sIlbvrXV44swhsQQkCYI7EP4iA60u4_3PmuEpZo1VlOZMUl5TSzKhAEVVgiwceT5g7WAHo00R0IzkIqrddhzYRUtBA1vrR6F8&cry=1&dbm_d=AKAmf-C1xGSg-SdcqDCAzOBYaGwI7i2_AaGjjL5cN73eVP2aTNOgCLw7QFiOaijodu4BQjf_kRN3O_dYCo3ReJIXUT47gqwoTYkK-FG7NDD25h3G_WwmtpbSYsPQMx_Mf3RWPAubpjCQe5rBtzgNGqZRnUASPuHSlkQ1_Uaq1i9x-sBGg4pgw95iKqbwok6hrG0Q2_xPHKSwSC-4cNZyYmkFriwmbTCxjNYc7xtxO7S9rLLsxxJ_GYduo07xdQZAw_PDDS3Ivh9v3BsCRV2akAL0MNSNZBwFCns8F8HevW3kGC1N85MaO5Xr9mXU9ZuIZbJMKMfO-TMZsqW3xicWokNtdQPqudJOzbQ-9zIyP297sx_g_8FtMyFiPsCMI1h6ObsVmsF5e52QS1NghwUb2p2ATQJFdp5l5FZkvJU0cFFx1xwdfrmVa96lGDyIiHMXctQu4zOr2x5mMR7t90kn6qMNTiXQgbr2i5evedrwPA_pKgF5qvgVor_LxOWpGqpC3Lf-C7ReBqCw__ha4GtFuvAJCTM6FcOWSH400_x8Poj2IvOasHkwZB6prBUBOXs685gc2R_P5IZrVX81XStt5qSQxx9Ix2xbuwt1RUbHOQUOE43TfKLUidWWTb-_9DeHSO9GA-bX0j6gvV86AzMuu4lK-MLGHtLP9t8-QK9RAWzSjzFrPUL0rnCngIRLSyOKej5Yuc5GpEK_Cuj5zRh8G1BhBjyVOOycoWdKkrjMVCiHgPTzIlP8d6ydGY-DtDJOa-xEaWPkUuDBgfDfNKixJmM9Z-bysRHL9OVe5mcgWNQSoTYMCw9jbDL_XBy7mM2iE62WRmdFJsno8T6LqR5I9c7kOxsGMLtfdSVt8Q0g788QUOMVJ1PhzMjIgbEijlU3YDVHzZl5D-iwqM6bgPqV1_bQKdLlG-_u72_p0iss4schGDj0u7mZulmEDn2m3XcVn2WF3NwwX8Qr8A5C_qSXZn-2YcExEvx1j980WajvPDW1lCOe9svowUFBrYRr1pcZxmBtPj2ArIwv3aFgZIqi5XMLOf9EnLjpixcjaF0Z6IuwsNASdFXG4JtLzBM2E6Gvr0lWp_IQOmHM3a4_va-0-FHfh3YKM1n4IU7gSN43UYonOJihWsMdqRBJ3wcaVKrSvAooSMaR-2yftfwjK6trGQtIuglht9l7LhA3B6HQDJYJcsDTC5S4Au_bUESTjPoXHfgSqy1UAkRf5oyQTsdj0rdHOoMh7akF2xF6mNpoN8yRdsBFUARMU65XN7w94EZCqjs9vsabGPCl0xsZ9T3HoaSo0ItFHVXbkPvQRdgbo_QQdzJ2N4uyQoYlMlITimifslJuHda0hrC4Pkfkcnx0y-JGaEmAGGw_184TkysxQmmxLzZk7AaYeGv-efagiwWZ1FmC1mapnF_m6DQ_MfagnJET1eqTLk7_trO0ifQHsAXfOKlDyMwHJk0JuOC0wv1lWq4qhOJZPlDBTosBvsqT8HYrrAPfezdq9Mi4SXFhqW5j13XJ3o5vKa0kNbj6Ba9PtyG4XvQfV76Ay6I9kzSZ0ugRG6kxRK8CtRDzjkreZLwnN65FjQRxwmuqm1dlUthO71UfPRgIkFOhM9XXynw__IwdkOOaeVOsPA5L-PUaYcN46KVkXTYNYh_TyS2le55VmvaWO1O7ascXYDnOH5MGQZIC1FP7GREyctiEvr9PM03gOLgtgw3e6Gjo-ImoWsKtgZvrXqYi7atOeZ_foZZM7ca8vzrE-ojyQJQsDs-k4xnN-Z7fQ14HSK2Seml2VaYYmOj8fpOFIAum9VQuYYygCtqHi6xVjmLhUQp8jNyhBFGL11tga9wSnp91Wcm6jTvlo15Mxnp7ZJK1ZTO9Z3xLUfz1SMmj_5p4bLwHl9jYhVI5uEYWhg-6rZwXA2cYEMRcxqM1Bqk81VooOtnTx4X99tHxdZuIHq9yCv70JIncenyB4FaXsI3oRhq4m8Kmy9IHJehsGzl4zamJk3q41w4ONt99GBnihrPR1An8WVZSCf6uD1nZUy2s1c-Hym1qfuuqc3_98zhNpFdVokZq9jv4WOcjzzKyYwtCmey80TKeNVW7G4JSQzuT4dduJkQ6kZg6cP84uuw8eSM8_3QqvRvb9MXa0MUoyt1l65NHj4xAEPWxx3atr-h1tuybP2r_EkM1K4r_6hoh7Fc_itOKJ8_ZnJed3pl1BPi4uSY5rScaxTcATiSB4Da_wxYo-Ii7gtydKlcq82Qy0vU1s3KJ6JBrjM7-eHWXhuXtznARPtocvvY7Ve7LF9xjwCivWCP-tblk9UqZ5r7Pv58j1pCbwjQzlYygyj9GRKXjBeAhiXd9FtfODn0sA-2JihO3D18uM4809ikFSVLiCDJXkDJLfYhUnwwPTcNqedJzC4J9JzAhCfV-9oo1Gsf-ibzZDO6WiltAf5o5g1JwzBH6ssxBRV6fDU21insnMmQGhn-Vv_15tdHQgKfMZPpmmCwZt21IegHnh_ZrsqGR_8KC3pGFRenoOIqagazE-HN1Z8palBeeJCZaI9hUNyujD_CsQ8Zr9DCtQ9npRz-dWIinMxDzyDuz69dLa-SSxhjAik7VCd93bhrbUF3fgZ7t7qUDcPrxysvcfuEVdoBZuHR7ryTzTMXUj5Iigz5z5_QhD_-c4t7RCbk65WL1Oe7kXBMaIjcRty1VOX-Y2E8UzZIww_tZBT6_T20ceEV-UAC86UIJwsOVUEqN6xfJYawvdQ3NW0O_y43lrWpYd0pUAWPoJjH51nBBerhU324GEytsahI9AdVnE4LXS2ccLaUO9jo-mgVTp3Zn1EbBLNVMP5qn6O0sbyGL06T_z7IvvFkM7yCrxZve-bmN61LomY2TcK22btGgyLi4Ag0ruAP8e-9TSGUOL2_aIn14VUdiIXP3L0XzF1D2t4TUBcuowFvUAV2MmFVpPEibkqLFUdkzSeqof5sJ8_bGujumkxdAR-CGNm81qoxI3jsE9iRQe39OjzLz970FJsGFBkOf796uZmR4BAQkKj7xHPsFdg8iY3a0XqKQp3E9VshHBDaOOiSB2Rx6kLRN71XRmtVnTY8uLbpB_gQHW8Usq-a_zjSt748qDICElR0roP7y45U8HFvs3OHmQ82EipoCwhi8caPOwWZU2LeTXj7lXbrPL46Z6d6jqdp7lpjAdRTRtKEJYpP2F-33NmAk3ZFfAC5IOEbnHMl9t_nzU1FFYvN-5aQTwSsWCUcg1OYpq6N0LpDztK8GsNBa6_5I6WUzslm7HIJpKnEPndtLTLk07isdPLCwRF-msHOnNfR2A1_JNFJtWK-1HUa9VR4j1uOIEZ-oNwhaDhS9lWwBZytsxR7mLlt37klPolhIY6aVNFBwdNQbxK4Aowu7ujRWmLqzCIhquCX9kPjxoJdpPGMPqtR_F426B5sNi8gtqXHtfxGKmJ7XdGVCCm4rVgMZx86Z4nekTu8dKpaqNC1dl8QKG9HSJVqH5udhejutXyW9RI0vX7y1ndLqpYbojZK1zZ1l4Zz1QNjlG4Zne5QfcETRtobyUJBX_ZJVKyCK1flC_MakP-UfGKDhnSP7O7txqyaq5r2vOTaRNUIvs4sZpZOC-347RaFDMInmiCoFm5U5ee_7gec_fRZcnt0&cid=CAQSKQDq26N9TEn4bqrK5A8mAmcfrp3yqdRATveADkf76NWYhKAUDIlicPL0GAEgEw&rfl=5%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2C%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Frame ID: 872F958A75FD511ED642E2E536C1BB8E
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F19E8CB57F3476AE5870386354C3354E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ED7B8F1F3B56931EFE93E41A290A4BE8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FA18E550D55907ED6B6FFBD04321C4BD
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1702EBC7009B720DBE5A71455AB15CEB
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D3E37576A4E91BFE592E6FBD77CC7A1E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BC2088529ACF85F4D782FF18AE7819F4
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 5CBB0D10670D215DB94B29BA6793818E
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4568D43DE0DC18524F46111E8F093E66
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: B87DC6921636643F62767E89A653C375
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1668081588307
Frame ID: 9F9E1E3ACE40F00031D4704329796A0E
Requests: 14 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: D6C838348E805EEF073A5532627FD229
Requests: 13 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 329AE3D1EC117C52DFA7B2EAC36F60C5
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E2106F5F00055E9A7344DBF02CE83CC9
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 0BCE6C5645E8C04190C719E701CFE031
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: A95E94DCE5E8466B6F4E9B06DC822F24
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3110831917443676000V10&type=rkt&refUrl=&vid=80815922343110831917443676000V10&ovsid=1972928490934502827
Frame ID: B076952F67E6E4D507BA8191A4D6003F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Frame ID: C38E2B03480D60E92FFB814CD230B670
Requests: 17 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Frame ID: B52B6D1D7003890F2A981CC08CB91B13
Requests: 7 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 55A4791890AA9ED81C7385147270315F
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 95E6FEDEDB3A9574DDCA3A299AB9B2B3
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: B46252C1EF752924158455040990489D
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: F06088C012B5030233878D963F0877E9
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 0706F0B5905B93D9B295678606437143
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 8DB6D37E98B204610A2DFC1D81F7B310
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 58A569446F558582975A4390717AF139
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d
Frame ID: 13DE7FD83C0026E53A74B96E0E60AFEB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=9fec636c-e7b6-4900-95eb-292c64b1d1d7&gdpr=0&gdpr_consent=
Frame ID: 76A8826C406936ADF9CB6CBF639B93CD
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y2zntwAHCQ8i2QAO&gdpr=0&gdpr_consent=
Frame ID: C3823F67DD8B62F087035CA08F54398F
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84ZTcwNDRmZi1hNzk1LTQ0NWItOWY1YS04NmM4ZWY3ZTljZjI=&gdpr=0&gdpr_consent=
Frame ID: 4F694C82A7C735A53028C1DEA1076360
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 665239C50424DFD16E6E31177FCB8443
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y2znt8Co5ugAAP59RpwAAAAA
Frame ID: 9F125292315092F8655C65099719FB3D
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Frame ID: FA0003B80DC9CECD4AE29A7725F8F9C7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y2zntpX8d22C7tHk7dTWjAAA%264894
Frame ID: 1B0A26D3FBA93A333498D9930319158F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=sh4mXtEJvgo169K6UtYw&pi=gumgum&tc=1
Frame ID: 0DCADFD09C4064418E25396AB3B78F62
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 29A0143B65996C7F50ADF893ADD88A4A
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF&gdpr=0&gdpr_consent=
Frame ID: D1119272A125FC8372B5CB005FF5F675
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: B7917B2892DE28966CF636AEA0FC3E8A
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: DB86093DB928B5C772AFE16FE22874F1
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 099131E207673219A2A349BF142549F6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Frame ID: F66A1D3D4777A7BA56202385192EEF7C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Frame ID: 3111C82BC46AEB17201BC3518816189F
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A80A43E078DCD6E3D4F5D36CA6FBBF28
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3s9OYmxLQyt3HO7y9fI7qnRaSsQ
Frame ID: 9187DD06239000EC5E068C7C5FAA2A3A
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 1B5F34B6A37662ED5E7EDA6F34DCE487
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Frame ID: 7DD9A001075B2F4C3AE8298A6BF19DAE
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 7E1F70838E555FD3B63388646D362106
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: D942251646C1FE48FF9FC8EBB9A770D2
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Frame ID: 77FE5728B88414007130EB3C2CF558B1
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: D8E79A95F1B519B12C3C671A14DFDFB6
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 3DEC9A5B9DEBB8FA2D65938BF7AA418F
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004
Frame ID: B6F046A77F37DBFED56D37471606FF0E
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 7895380D9D6B303C2056CF064D3D3336
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: F067ACD0FE18E1662E5BC4198A7E5303
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: C69A3149A31AC24D4D992EF58670E36C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3110831917443676000V10&type=pba&refUrl=&vid=80815922343110831917443676000V10&ovsid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Frame ID: 055D3821E924B68BB6596716BF6AFC09
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2134FBDE586853A0B5A5C12501FB86FF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7026B6BEFC472E79B7C0A74DC64E00A0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CB1ECAADA9B1AF09A5A0746DDE46C33A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52CE7944703F2F6FC881C1E5049101A4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

270萬卡友注意!「好市多聯名卡」確定換人發 業者首度發聲了 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

585
Requests

71 %
HTTPS

0 %
IPv6

102
Domains

170
Subdomains

115
IPs

13
Countries

3945 kB
Transfer

10092 kB
Size

130
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 56
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 60
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 115
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=3nSf-EMoA1qVOe02s-dsYw
Request Chain 116
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=JgxkkY6ACOavjhU7s-dsYw
Request Chain 117
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=xymqdyNfDiC048bDs-dsYw
Request Chain 119
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Smy2IJSrDWOUslVos-dsYw
Request Chain 120
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=7vHZJRumDbKqBhl3s-dsYw
Request Chain 121
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=o3XC-YpdBvWgafP6s-dsYw
Request Chain 122
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Wj6jd72CCZS1EhUxs-dsYw
Request Chain 123
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=aindr3gNAPijndTJs-dsYw
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1
Request Chain 239
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2zntpi6Oq2k.CyHZ.pljgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1&google_hm=2
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKnE9JNN4wI8erXVGw19YHQ&google_cver=1
Request Chain 241
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2ODgxNzU5NjIxNjYwODcxOQ%3D%3D
Request Chain 246
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 250
  • https://fksnk.com/cs/google?google_gid=CAESEMcSPllpGvwZI1FEBp5dzis&google_cver=1&google_push=ASkJ3FY8dwc6FCPDpx0RyaTWhDSlVgQfJB_gF21o66xslwzvmFJIrhCrAe1baIjgD3ftQBOybcnAR3590Si1NZJSpesbOpDRrsntHWbY7z-dF0I5EsYuXQYmnHEKnYB48zJHVSLuL3d9ssdm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEE0NjRFOTBERDQ4OTkwMA==
Request Chain 251
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAdxhU9g7-lcFMXtlrMver0&google_cver=1&google_push=ASkJ3FZLjLLeQXutzt4Kw10aPaH9PvQQEkOV2h9Lc4x3h4fUepMWtO3RQKKJ7V3khmD0F2iB1q7q3aLtuQOT0GYpJ_2_m-Dit52wvmfVPixeGhsmSR2_VsgEiaxgANnnymwcMbCBK4mBDF6B HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZLjLLeQXutzt4Kw10aPaH9PvQQEkOV2h9Lc4x3h4fUepMWtO3RQKKJ7V3khmD0F2iB1q7q3aLtuQOT0GYpJ_2_m-Dit52wvmfVPixeGhsmSR2_VsgEiaxgANnnymwcMbCBK4mBDF6B&google_hm=NTU1ODM5Mjg3Njc5NDY3MzIzMw%3D%3D
Request Chain 252
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEAlCwIcsQuc5NxNNg3VJJWw&google_cver=1&google_push=ASkJ3FbX_jCa5lqR-GVqm8ZS7gdL54bKelVCdWjNSZrfg33wDY3U_IiXQAlZ--RiWMnJrS2HSq5fBybTTDGkvKCcrHzsWsXU1UoCvBfCvG0ISxb9MiOi0nlZ3j79bQR7QABn3Mw61OEaFU6F HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEAlCwIcsQuc5NxNNg3VJJWw&google_cver=1&google_push=ASkJ3FbX_jCa5lqR-GVqm8ZS7gdL54bKelVCdWjNSZrfg33wDY3U_IiXQAlZ--RiWMnJrS2HSq5fBybTTDGkvKCcrHzsWsXU1UoCvBfCvG0ISxb9MiOi0nlZ3j79bQR7QABn3Mw61OEaFU6F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ASkJ3FbX_jCa5lqR-GVqm8ZS7gdL54bKelVCdWjNSZrfg33wDY3U_IiXQAlZ--RiWMnJrS2HSq5fBybTTDGkvKCcrHzsWsXU1UoCvBfCvG0ISxb9MiOi0nlZ3j79bQR7QABn3Mw61OEaFU6F&google_hm=cm7UR5nyQSywXq8yRqMetg==
Request Chain 253
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHD3Mr1dMW3DE4tgWvKS1Yo&google_cver=1&google_push=ASkJ3Fajg2MLVwMdRQn2Mjec6b8RM8ios3mGMLRlHG8QWWzIa584Z72T9cwL0hllqZf9kmmanatnABYoo7dGUt0f__kFJyNZmM89ldovnCzY73WIdOeShHDPWKmcKtX3srS3R1ibl_5Lt7cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCMFBJRUYtMU8tTFE0RA==&google_push=ASkJ3Fajg2MLVwMdRQn2Mjec6b8RM8ios3mGMLRlHG8QWWzIa584Z72T9cwL0hllqZf9kmmanatnABYoo7dGUt0f__kFJyNZmM89ldovnCzY73WIdOeShHDPWKmcKtX3srS3R1ibl_5Lt7cm
Request Chain 254
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKLDQlTW_opjyDqiQ4eyQLY&google_cver=1&google_push=ASkJ3FZOKtXot0qGyYKPmKVK4tnm4-A22FMTuCI28aQi-EcJqJLXuG2rcKz76Mz2w348bRgBCaNUxwrqFgHdTq6cA8mkqbJfibmC1Hivmc2mXw4JVgZUA-l9ciL2MH6CaFcR9Lsuuqhp_p_7 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKLDQlTW_opjyDqiQ4eyQLY&google_push=ASkJ3FZOKtXot0qGyYKPmKVK4tnm4-A22FMTuCI28aQi-EcJqJLXuG2rcKz76Mz2w348bRgBCaNUxwrqFgHdTq6cA8mkqbJfibmC1Hivmc2mXw4JVgZUA-l9ciL2MH6CaFcR9Lsuuqhp_p_7&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKLDQlTW_opjyDqiQ4eyQLY&google_hm=Y2zntpi6Oq2k-CyHZ-pljgAAFMIAAAIB&google_nid=index&google_push=ASkJ3FZOKtXot0qGyYKPmKVK4tnm4-A22FMTuCI28aQi-EcJqJLXuG2rcKz76Mz2w348bRgBCaNUxwrqFgHdTq6cA8mkqbJfibmC1Hivmc2mXw4JVgZUA-l9ciL2MH6CaFcR9Lsuuqhp_p_7
Request Chain 255
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKqBNQQcykBryjmw6XbdoZg&google_cver=1&google_push=ASkJ3FZWe-dDPSD4XBLqNjU-XlA_FtNBOY-Uq6lgLpOEqpl49rbOGpTgm6CeYZN1GgkRFNMVHYBn4S1UPKXvxBKxO1-qqZVhn8oTax3V-Pe_2-x53yofKAWr4bv1SVvEIsXfG5uw75DBUwT5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGFpIFJUJVgA2HjWoWMJbUq6IyDWxM6bdw&google_push=ASkJ3FZWe-dDPSD4XBLqNjU-XlA_FtNBOY-Uq6lgLpOEqpl49rbOGpTgm6CeYZN1GgkRFNMVHYBn4S1UPKXvxBKxO1-qqZVhn8oTax3V-Pe_2-x53yofKAWr4bv1SVvEIsXfG5uw75DBUwT5 HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 264
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEID9V0Q_-WkaGXzwwBEYV9w&google_cver=1&google_push=ASkJ3FaMBIjkanvipD-ODWqC7c3hvjsLlnzS7rtoPnuwB5eApoOSdQ6pOblF8wc8NhLJvoACWdWbubtuds8ue_fany3fBH_ghSS9p8YE305LvuGrka3fgW-WUYeAGhIzPH2mlByp9q_lrMU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaMBIjkanvipD-ODWqC7c3hvjsLlnzS7rtoPnuwB5eApoOSdQ6pOblF8wc8NhLJvoACWdWbubtuds8ue_fany3fBH_ghSS9p8YE305LvuGrka3fgW-WUYeAGhIzPH2mlByp9q_lrMU
Request Chain 265
  • https://um.simpli.fi/gp_match?google_gid=CAESEFBN0D9j7PQAx9jWM0RawPk&google_cver=1&google_push=ASkJ3FZHJqpHnsJNmZu8RqYzpza-JNivZWA0cLtbb8ppE7n70oHC4uPCyS3jRf1xcQRxTiiS4qJNs12oO_mi69gPLhDatvwd2eAROzngkZ510xn2E1jp0IqI50wS7uj942CbxTChM8_hUl0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CBB3449584FC457981FF4C30C539177B&google_push=ASkJ3FZHJqpHnsJNmZu8RqYzpza-JNivZWA0cLtbb8ppE7n70oHC4uPCyS3jRf1xcQRxTiiS4qJNs12oO_mi69gPLhDatvwd2eAROzngkZ510xn2E1jp0IqI50wS7uj942CbxTChM8_hUl0
Request Chain 266
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO2A7AEHLAvJMbOgOP5lRHs&google_cver=1&google_push=ASkJ3Fb3HqlX54gNcoDV7Dotjh7H4OBYYFl9LgXkcbS08qz6nzBGvZYzBGCt0fJxHwmFkcfLk1OOggTAibVqRFHJ-lOdx5BSZhMAt7ZeZ-3REdjkKSSVrKIot_L14rayw24yx2dtxuc0bJ1V HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO2A7AEHLAvJMbOgOP5lRHs&google_cver=1&google_push=ASkJ3Fb3HqlX54gNcoDV7Dotjh7H4OBYYFl9LgXkcbS08qz6nzBGvZYzBGCt0fJxHwmFkcfLk1OOggTAibVqRFHJ-lOdx5BSZhMAt7ZeZ-3REdjkKSSVrKIot_L14rayw24yx2dtxuc0bJ1V HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMwNzgxNTU5Mjg5NTY0Nzc1MQ&google_push=ASkJ3Fb3HqlX54gNcoDV7Dotjh7H4OBYYFl9LgXkcbS08qz6nzBGvZYzBGCt0fJxHwmFkcfLk1OOggTAibVqRFHJ-lOdx5BSZhMAt7ZeZ-3REdjkKSSVrKIot_L14rayw24yx2dtxuc0bJ1V
Request Chain 267
  • https://cs.media.net/cksync?type=g&google_gid=CAESEB73yg0VgQJOIVLp7hajwHM&google_cver=1&google_push=ASkJ3FagxDOozKObL7rLgcIdTebX17ufRyX6BEIds1glKQDj00h-8YrZsHQ9SX6iH_vHMPaNejvh3eC8M1xqc5ugESZEm4ABa9FFXKgeKFi9UiQ8WNOevaD53n_3ci0zeSTaU8SfBhPrvDye HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExMDgzMTkwNzQ0MzYwNjAwMFYxMA%3d%3d&mn_hm=MzExMDgzMTkwNzQ0MzYwNjAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FagxDOozKObL7rLgcIdTebX17ufRyX6BEIds1glKQDj00h-8YrZsHQ9SX6iH_vHMPaNejvh3eC8M1xqc5ugESZEm4ABa9FFXKgeKFi9UiQ8WNOevaD53n_3ci0zeSTaU8SfBhPrvDye&gdpr=&gdpr_consent=
Request Chain 269
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEN_zp8jkdGw9pWgDsmUCNaA&google_cver=1&google_push=ASkJ3FZENRvYjSPkJpSh4COA2LYwMHACo6f2La43sKoBynpF_O3I6TAVOtsELcC009BYYZDllPDDaoew93y68KEcXVx6TQwfVPbY2J13O5opBElLITObG3FwvnM90ePjF_duioPbNLSQ4RU HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FZENRvYjSPkJpSh4COA2LYwMHACo6f2La43sKoBynpF_O3I6TAVOtsELcC009BYYZDllPDDaoew93y68KEcXVx6TQwfVPbY2J13O5opBElLITObG3FwvnM90ePjF_duioPbNLSQ4RU&google_hm=MjQ0NjRiY2UtNzMwNS0zOWE5LWI5OTctOWJhNDM5NDZlOGI3
Request Chain 270
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEOwuDJe6kgsJXUURYMRO31c&google_cver=1&google_push=ASkJ3FbITshuHotj8Y0lriu85KLsvEZb0cH8lRN0Y7miUfo6Ag0CgBhKlzrl1rkesnUTwunwgqsDfCa_z86SM7QaFP8MU37x5Ci4JwdmkjXXajVaJzAXrhvoedJJbnkeRVxTzF3jEi3wEV4bKw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=M2ZhMDg3MTAtZmYzYS00ZmNlLTg2ZjItMzRiNTc1YTk4MTEz&google_push=ASkJ3FbITshuHotj8Y0lriu85KLsvEZb0cH8lRN0Y7miUfo6Ag0CgBhKlzrl1rkesnUTwunwgqsDfCa_z86SM7QaFP8MU37x5Ci4JwdmkjXXajVaJzAXrhvoedJJbnkeRVxTzF3jEi3wEV4bKw
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1
Request Chain 275
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2zntpX8d22C7tHk7dTWjAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKnE9JNN4wI8erXVGw19YHQ&google_cver=1
Request Chain 277
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2ODgxNzU5NjIxNjYwODcxOQ%3D%3D
Request Chain 293
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKAxe8yXg2e2S_qyObQazNQ&google_cver=1&google_push=ASkJ3FYV6UybECwxSnnbrLIZDuCaXlbc3_oMPDNhjLATmwRd15VMwptaU7T4gOgIZ7mgdFMLV10RuxktVRIyAhcLfwJIbTaGX5-_8tDiNM819EyZFmj7H_BGBNpSqN9LcJxOmQu8loIORdyGJAFimNmrMsc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FYV6UybECwxSnnbrLIZDuCaXlbc3_oMPDNhjLATmwRd15VMwptaU7T4gOgIZ7mgdFMLV10RuxktVRIyAhcLfwJIbTaGX5-_8tDiNM819EyZFmj7H_BGBNpSqN9LcJxOmQu8loIORdyGJAFimNmrMsc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKAxe8yXg2e2S_qyObQazNQ&google_cver=1&google_push=ASkJ3FYV6UybECwxSnnbrLIZDuCaXlbc3_oMPDNhjLATmwRd15VMwptaU7T4gOgIZ7mgdFMLV10RuxktVRIyAhcLfwJIbTaGX5-_8tDiNM819EyZFmj7H_BGBNpSqN9LcJxOmQu8loIORdyGJAFimNmrMsc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FYV6UybECwxSnnbrLIZDuCaXlbc3_oMPDNhjLATmwRd15VMwptaU7T4gOgIZ7mgdFMLV10RuxktVRIyAhcLfwJIbTaGX5-_8tDiNM819EyZFmj7H_BGBNpSqN9LcJxOmQu8loIORdyGJAFimNmrMsc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 294
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEL-zakWC_edWHs5Fkk1g5A4&google_cver=1&google_push=ASkJ3FYv0K1tV4NVOtwGXZwPJ_mVxaKuasb2ebVJT--oLoF_sHflB4P27aYDMJlJMdlzIoozk9o3oFW_m3lj6kto-r9PsusXaMWbiXAy38RIUFeM9fys2PMXhOmx8Z1N9t9KuI6ovajeMIhKbok4I8tqSQI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTJ6bnQ4Q281dWdBQVA1OVJwd0FBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESELnx1uoYl1RD4iXniB_lhjQ&google_cver=1
Request Chain 295
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEBGEH6bMZjxV_DbrBp2TPv8&google_cver=1&google_push=ASkJ3FZK8GdLUqKWLYVBKz5gpH9q6v3_8_K5JaBa2Nzj2bU5QKmJAOTTSXPvDqGJziX2ILOpKxr28Qw7uFLQqqeomcnfTsYv79rcOCWmpgO8O6BMyHoqUgqajkWdczPD4h42k73plTYlvUhM3fuLZRrWHWc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FZK8GdLUqKWLYVBKz5gpH9q6v3_8_K5JaBa2Nzj2bU5QKmJAOTTSXPvDqGJziX2ILOpKxr28Qw7uFLQqqeomcnfTsYv79rcOCWmpgO8O6BMyHoqUgqajkWdczPD4h42k73plTYlvUhM3fuLZRrWHWc&google_hm=US1xTWhwc3BRcEhXb0VyNldMcDctcEFxNHFr&from_google=sp1
Request Chain 296
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEKc7vx2Xf-jSURGIt5N4xAY&google_cver=1&google_push=ASkJ3Fab9YSFt7tQg6vGNKs6w21lgHtMmX1SyEYIpBWkoRZnD-FqPCNxRIhy8ZFI5w-LrY26WOBnX-A2N-EPIusHRXm4LUN56LymL6aE352jnSojStlkyxgvTqHQ7j0e3KJxP7bldInjXY957CpmLZpuwNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ASkJ3Fab9YSFt7tQg6vGNKs6w21lgHtMmX1SyEYIpBWkoRZnD-FqPCNxRIhy8ZFI5w-LrY26WOBnX-A2N-EPIusHRXm4LUN56LymL6aE352jnSojStlkyxgvTqHQ7j0e3KJxP7bldInjXY957CpmLZpuwNw&google_hm=NTFPQnhwMDBtQkRHYTAwN1V2dW4
Request Chain 297
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEGvrIcKp4zjn9iUfzawSysM&google_cver=1&google_push=ASkJ3FbIX-IRQ5zAigu06qji3cr3eo7rpv_9xFXS6qExXRpGNwhOJzaCUHJd81pZR3tviXdAM8dtsuXrAdTzzXWWGct9Rq9mapKE4dvv3aIt6I8K9UWDxdIsssazbkRHPgUqYpp2iePg4JiYUBiz9pgFYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FbIX-IRQ5zAigu06qji3cr3eo7rpv_9xFXS6qExXRpGNwhOJzaCUHJd81pZR3tviXdAM8dtsuXrAdTzzXWWGct9Rq9mapKE4dvv3aIt6I8K9UWDxdIsssazbkRHPgUqYpp2iePg4JiYUBiz9pgFYg&google_hm=AcJaq9PiakosnHLcgtA6Qrc
Request Chain 298
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEMOp_FbrRg5rz7tq5YCMjZU&google_cver=1&google_push=ASkJ3FbmFlx5sB8P_i2pa15G4UP1hnrnGNQ0ec8S3byknD0L-yzgDlUPrbefCVUzX3RvjXKdBFYoez2TN_CNsFmOyIzjZ9pst4PFijVyCNZbhTE0bZWULQC6FvOxRzUECIGG2xjJqnDuncoOWFZCXxLGGRw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbmFlx5sB8P_i2pa15G4UP1hnrnGNQ0ec8S3byknD0L-yzgDlUPrbefCVUzX3RvjXKdBFYoez2TN_CNsFmOyIzjZ9pst4PFijVyCNZbhTE0bZWULQC6FvOxRzUECIGG2xjJqnDuncoOWFZCXxLGGRw&google_hm=ZzEwMjE1MzBjY2M3MTk5YjYxN2Y=
Request Chain 299
  • https://sync.inmobi.com/gob?google_gid=CAESEGysZkhCXRUGS2RVsILLwSs&google_cver=1&google_push=ASkJ3FZ_GT67FSkN8LLetRP-1dzb7StDbTiYp-Lf8n_AHpKhPT9Mn38Vm5wqkfvQ5YRegDi479rMhrPwto3v7wjHuaBNjjW7LqIFqAv2tWs2z9whH0j-D_m6R9lKOzqOirxdvXdzbVZYsyPsQWCe7nnjIBUl HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FZ_GT67FSkN8LLetRP-1dzb7StDbTiYp-Lf8n_AHpKhPT9Mn38Vm5wqkfvQ5YRegDi479rMhrPwto3v7wjHuaBNjjW7LqIFqAv2tWs2z9whH0j-D_m6R9lKOzqOirxdvXdzbVZYsyPsQWCe7nnjIBUl HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOLn6TKfm_i7VlViX1WQnXOL4dkGKAsIi8au9YBA&google_push=ASkJ3FZ_GT67FSkN8LLetRP-1dzb7StDbTiYp-Lf8n_AHpKhPT9Mn38Vm5wqkfvQ5YRegDi479rMhrPwto3v7wjHuaBNjjW7LqIFqAv2tWs2z9whH0j-D_m6R9lKOzqOirxdvXdzbVZYsyPsQWCe7nnjIBUl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=8daVGgcg74ew2DpgNgR3&google_push=ASkJ3FZ_GT67FSkN8LLetRP-1dzb7StDbTiYp-Lf8n_AHpKhPT9Mn38Vm5wqkfvQ5YRegDi479rMhrPwto3v7wjHuaBNjjW7LqIFqAv2tWs2z9whH0j-D_m6R9lKOzqOirxdvXdzbVZYsyPsQWCe7nnjIBUl&google_nid=inmobi_new_eb
Request Chain 317
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECVriGTw6VI_DpXDLSBnnAQ&google_cver=1&google_push=ASkJ3FbA9FcOAQMwAyKBlJffeTedvBKFKmYeIiNPzmBM7xwUf18VF6OuUuc8X6HCDkcYSBG3LdDTsNNA1aOqrW0NUN2fGhzNSmBnEB_SJL78xSZi8z9RNnC3tdmZjiuqght7yLW6hBZ0sZaV6bcjqCV8WdU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECVriGTw6VI_DpXDLSBnnAQ&google_push=ASkJ3FbA9FcOAQMwAyKBlJffeTedvBKFKmYeIiNPzmBM7xwUf18VF6OuUuc8X6HCDkcYSBG3LdDTsNNA1aOqrW0NUN2fGhzNSmBnEB_SJL78xSZi8z9RNnC3tdmZjiuqght7yLW6hBZ0sZaV6bcjqCV8WdU
Request Chain 318
  • https://um.simpli.fi/gp_match?google_gid=CAESEH19qq_eDb8wx8YBicdQRZU&google_cver=1&google_push=ASkJ3FbACSStV2hweecY7FzmTN0Tq-a9s0W8HX21Kbe2pEBTFVKp4cAnXXQEx7H9XHDKAy_umanuKibHzyc7Lu_EQpLhIH_xEhbupPwtcqUxsIBoyOjIK_1LRbdmJbxFBo_Vr7aWnzJ4Cn2reh1zhHHhiaw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92A6B737A16741888CE33D46A33B58A8&google_push=ASkJ3FbACSStV2hweecY7FzmTN0Tq-a9s0W8HX21Kbe2pEBTFVKp4cAnXXQEx7H9XHDKAy_umanuKibHzyc7Lu_EQpLhIH_xEhbupPwtcqUxsIBoyOjIK_1LRbdmJbxFBo_Vr7aWnzJ4Cn2reh1zhHHhiaw
Request Chain 319
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE6dIyEH7Zl5dpuPJiS1N8w&google_cver=1&google_push=ASkJ3FbsP7bPWyqoZaetdbxX8qbzOWkZmq8j6uC4tJt7mTr5BzXyTQn8i6JuZlkwAZx-aJNimDBB5G6o-QDF_EJqp_ZDVntUBjTAMtqw-26ZCH4dCSYqHurOKxXrC214KVxF4EKIwrcL9cjbzzoOHG5dJw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FbsP7bPWyqoZaetdbxX8qbzOWkZmq8j6uC4tJt7mTr5BzXyTQn8i6JuZlkwAZx-aJNimDBB5G6o-QDF_EJqp_ZDVntUBjTAMtqw-26ZCH4dCSYqHurOKxXrC214KVxF4EKIwrcL9cjbzzoOHG5dJw&google_hm=hmNs57ZzdhKWYttoJQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D636CE7B67376129662DB6825BLIS
Request Chain 320
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPbCNeQip84T7hFaCpdkFmg&google_cver=1&google_push=ASkJ3FZBX-NRaKh0J2wFEYLRUEpACzIBK9JSWlIPa1GetjUWTMn5JvqDnkxvxvq-hfCG6xJbHbrMIUksnY2Ax2H24okMo3aavYcvrNsk_a8waAxVw8KhIoxRAMFx1NLdaFM5xCJM49vDuBE3a8ZMpZRn1Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZBX-NRaKh0J2wFEYLRUEpACzIBK9JSWlIPa1GetjUWTMn5JvqDnkxvxvq-hfCG6xJbHbrMIUksnY2Ax2H24okMo3aavYcvrNsk_a8waAxVw8KhIoxRAMFx1NLdaFM5xCJM49vDuBE3a8ZMpZRn1Q&google_hm=NTU1ODM5Mjg3Njc5NDY3MzIzMw%3D%3D
Request Chain 321
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFEIEqNlputElwdQ9vQWGMI&google_cver=1&google_push=ASkJ3FaZunRoXuR2Bmsi8SP6Kv7SzLv0Zkhf9zBv7D4bCo-m_lxexOU60kHT_I8VZhO-_LFZu2s3xjgQtHJ9ux6W-ygGFX2CXzRaAQ3GZvMpN8jEoo5yM_JWB-FVBB_21Yi0nP8B-FEkrwOlI73C8ELhZA HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FaZunRoXuR2Bmsi8SP6Kv7SzLv0Zkhf9zBv7D4bCo-m_lxexOU60kHT_I8VZhO-_LFZu2s3xjgQtHJ9ux6W-ygGFX2CXzRaAQ3GZvMpN8jEoo5yM_JWB-FVBB_21Yi0nP8B-FEkrwOlI73C8ELhZA&google_gid=CAESEFEIEqNlputElwdQ9vQWGMI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE0ODgxMjE5MDE4MTc4NzA1MjYzNg%3D%3D&google_push=ASkJ3FaZunRoXuR2Bmsi8SP6Kv7SzLv0Zkhf9zBv7D4bCo-m_lxexOU60kHT_I8VZhO-_LFZu2s3xjgQtHJ9ux6W-ygGFX2CXzRaAQ3GZvMpN8jEoo5yM_JWB-FVBB_21Yi0nP8B-FEkrwOlI73C8ELhZA
Request Chain 322
  • https://cs.media.net/cksync?type=g&google_gid=CAESEIXo9g2Zut3TPDIIhBiZD90&google_cver=1&google_push=ASkJ3FZ-CGb2JRvkeJLVDk29davsx_l8qywDyiaujsEYnt6LxaamyZE4Maz503Njcy1ButMW7s5kJgVlOSgaPnB66l1o2nZbgB-E2_VuA1wLbGAqhYRSGQ8FQED9LRSbWo0lqZ2GLognTESPRN6LDm1GaPk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExMDgzMTkxNzQ0MzY3NjAwMFYxMA%3d%3d&mn_hm=MzExMDgzMTkxNzQ0MzY3NjAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FZ-CGb2JRvkeJLVDk29davsx_l8qywDyiaujsEYnt6LxaamyZE4Maz503Njcy1ButMW7s5kJgVlOSgaPnB66l1o2nZbgB-E2_VuA1wLbGAqhYRSGQ8FQED9LRSbWo0lqZ2GLognTESPRN6LDm1GaPk&gdpr=&gdpr_consent=
Request Chain 323
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FYAAmPxEFHkmUZA2ZZebz-CgvXxed6FnNwOkI7QE8FGCPADep92MPRVdeW02EJT7PyewlBAENigf0ITd_WNBZRkd7OqVnErq7GpPAwZfTG-okb0tBNQxVg9jdRzTkQwfWrctBfj1PVbQt7OkKZ1sf_2?google_gid=CAESEDD12pn8wzgxNZ8JCTp2Nro&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=&&google_push=ASkJ3FYAAmPxEFHkmUZA2ZZebz-CgvXxed6FnNwOkI7QE8FGCPADep92MPRVdeW02EJT7PyewlBAENigf0ITd_WNBZRkd7OqVnErq7GpPAwZfTG-okb0tBNQxVg9jdRzTkQwfWrctBfj1PVbQt7OkKZ1sf_2
Request Chain 352
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 362
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3086834813664652045&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 363
  • https://match.adsrvr.org/track/cmf/openx?oxid=24c52c87-2417-7879-f115-7b2f012fb54d&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=24c52c87-2417-7879-f115-7b2f012fb54d&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&ttd_puid=24c52c87-2417-7879-f115-7b2f012fb54d&gdpr=0&gdpr_consent=
Request Chain 364
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2znt8Co5ugAAP59RpwAAAAA
Request Chain 365
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVXjHOzSOeL3ks8ADv76QE3QyM8AAAGEYWko6A
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDFjlqrmMEaO_rsOTOkI_F8&google_cver=1
Request Chain 368
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=9fec636c-e7b6-4900-95eb-292c64b1d1d7&gdpr=1&gdpr_consent=
Request Chain 370
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5268817596216608719
Request Chain 372
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGFpJr_EvY84Y1jjUU0zYOGOkP-VV0GF6w
Request Chain 374
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCLjPs5sGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 375
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eaQbPb9yXdK4JcpZRPbBxLhCRzf1x5MW5uP0wW42AVs
Request Chain 377
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMH1BFQdQGohpwm8tkW6CAs&google_cver=1
Request Chain 379
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&gdpr=0&gdpr_consent=
Request Chain 382
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&dongle=0cfd
Request Chain 383
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzk0MTc3NjU3MjE5NzE4NzUwOTQ4OQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKXOb8d7kZbVKb6fl2QGC0s&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 385
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzk0MTc3NjU3MjE5NzE4NzUwOTQ4OQ%3D%3D
Request Chain 386
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3941776572197187509489&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3941776572197187509489&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a3d9308c-d702-430f-bccc-da6abfdd182b&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a3d9308c-d702-430f-bccc-da6abfdd182b&_noobservation=1&_expected_cookie=044854d6e64ba43ed3d2455940739e4e
Request Chain 387
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3941776572197187509489&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d5fd2c13-9351-405b-a8d8-4842d40520de&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=726ed447-99f2-412c-b05e-af3246a31eb6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 388
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3941776572197187509489?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-rzECfdlE2oSt7m9uD7ZG5bTb9TkfDvnPxJiJ9WzIDg--~A&dongle=0883
Request Chain 389
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3941776572197187509489 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3941776572197187509489&dcc=t
Request Chain 391
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5268817596216608719&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED9OupTgtWk7fqBkhmkimSU&google_cver=1
Request Chain 402
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB&dcc=t
Request Chain 403
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&expiration=1670673592&gdpr=0&gdpr_consent=
Request Chain 404
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5268817596216608719
Request Chain 405
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=M3T2fVLYPT3xfyum3JlZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TJTKQZGMVSMLFIFIM3YMZ4XK3JTJJWFU HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TJTKQZGMVSMLFIFIM3YMZ4XK3JTJJWFU HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=M3T2fVLYPT3xfyum3JlZ
Request Chain 406
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5268817596216608719
Request Chain 408
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y2zntwAHCQ8i2QAO
Request Chain 411
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 412
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Drkt%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3110831917443676000V10&type=rkt&refUrl=&vid=80815922343110831917443676000V10&ovsid=1972928490934502827
Request Chain 414
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dapx%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110831917443676000V10&type=apx&refUrl=&vid=80815922343110831917443676000V10&ovsid=5268817596216608719
Request Chain 415
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dopx%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3110831917443676000V10&type=opx&refUrl=&vid=80815922343110831917443676000V10&ovsid=ece94518-8f17-4299-925a-0541b3c02791
Request Chain 416
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dmma%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110831917443676000V10&type=mma&refUrl=&vid=80815922343110831917443676000V10&ovsid=9fec636c-e7b6-4900-95eb-292c64b1d1d7
Request Chain 417
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dr1%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dr1%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3D%5BRX_UUID%5D&cb=1668081593145 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=226185385 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dr1%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DRX-f15b192a-1fae-4246-9349-f0bfd64d658f-004
Request Chain 418
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110831917443676000V10&type=dxu&refUrl=&vid=80815922343110831917443676000V10&ovsid=S4TmoWoO1OT6dP5
Request Chain 420
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=726ed447-99f2-412c-b05e-af3246a31eb6&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522238326756569765&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522238326756569765&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=755914e5-0f48-4956-8b26-13cf51e1f6b0&ssp=medianet&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522238326756569765&ssp=medianet&gdpr=0&gdpr_consent=
Request Chain 421
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dzem%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=QQl5j8PC9D2QFXCkfpjq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKRKFWDK2RYKBBTSRBSKFDFQQ3LMZYGU4JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4DAOBRGU4TEMRTGQZTCMJQHAZTCOJRG42DIMZWG43DAMBQKYYTAJTWONUWIPJTGEYTAOBTGE4TCNZUGQZTMNZWGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKRKFWDK2RYKBBTSRBSKFDFQQ3LMZYGU4JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4DAOBRGU4TEMRTGQZTCMJQHAZTCOJRG42DIMZWG43DAMBQKYYTAJTWONUWIPJTGEYTAOBTGE4TCNZUGQZTMNZWGAYDAVRRGA
Request Chain 422
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3110831917443676000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3110831917443676000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=fd967afe-d045-48c6-92de-17bc98f44411&cs=1
Request Chain 424
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d
Request Chain 431
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCMFBJRUYtMU8tTFE0RA==
Request Chain 432
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAYMdpTumuSa0lSlg9R4--Q&google_cver=1
Request Chain 433
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzgwYmFmYjUwNmQ0NTlmZGQyNDBiNDE5ZDUyMmUwYzgxNTc1ZTJmOA
Request Chain 434
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAB0PIEF-1O-LQ4D
Request Chain 435
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/UTW7Luge3__gnX1IkzRGRsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5558392876794673233
Request Chain 436
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-Mc76GyKTgOjOYtNPtiblA&rk=usync-other
Request Chain 437
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MFOOH1ibRN6lHH6ujMypIA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MFOOH1ibRN6lHH6ujMypIA
Request Chain 438
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&gdpr=0&gdpr_consent=&expires=30
Request Chain 443
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 445
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=5268817596216608719
Request Chain 446
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FoLPERZHj52U3WTTTNanIO2H
Request Chain 447
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FoLPDLZH3bsTBgKSQQuqr85R
Request Chain 448
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1668081593145 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3323676669 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dr1%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DRX-f15b192a-1fae-4246-9349-f0bfd64d658f-004
Request Chain 449
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1917759394694553746
Request Chain 451
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3866%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D22d39604-5410-4628-b3e4-bafb6793a5fd%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/3866?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=22d39604-5410-4628-b3e4-bafb6793a5fd&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=5268817596216608719 HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3866%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D22d39604-5410-4628-b3e4-bafb6793a5fd%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
Request Chain 452
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-E7dFAwNE2uFFxx5Kp2MqS9KvZfGrXG6zkSIUWT4-~A
Request Chain 453
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtM2I0MTRhMmUtMmExNS0zNmMxLWI5OWQtMDg4ZDQ5YzIyMjFlMgEGOAE=%26buyeruid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F22053%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D22d39604-5410-4628-b3e4-bafb6793a5fd%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB6WWpReE5HRXlaUzB5WVRFMUxUTTJZekV0WWprNVpDMHdPRGhrTkRsak1qSXlNV1VxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE0ySTBNVFJoTW1VdE1tRXhOUzB6Tm1NeExXSTVPV1F0TURnNFpEUTVZekl5TWpGbE1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/1/22053?gdpr=0&gdpr_consent=&us_privacy=&A=22d39604-5410-4628-b3e4-bafb6793a5fd&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB6WWpReE5HRXlaUzB5WVRFMUxUTTJZekV0WWprNVpDMHdPRGhrTkRsak1qSXlNV1VxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE0ySTBNVFJoTW1VdE1tRXhOUzB6Tm1NeExXSTVPV1F0TURnNFpEUTVZekl5TWpGbE1nRUdPQUU9JmJ1eWVydWlkPQ%3D%3D&uid=Y2zntpX8d22C7tHk7dTWjAAA%264894
Request Chain 454
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-E7dFAwNE2uFFxx5Kp2MqS9KvZfGrXG6zkSIUWT4-~A
Request Chain 465
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB
Request Chain 466
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAOVRk7G2c8AACFDjQ7ocA&expiration=1669291194
Request Chain 467
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9fec636c-e7b6-4900-95eb-292c64b1d1d7
Request Chain 468
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=TEss4x9PeLNXHHm0H0834UNAeeNXGy25Hx7dbk1v
Request Chain 469
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3086834813664652045
Request Chain 470
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=085b220419038e9163f4f0cb&expiration=[EXPIRATION]
Request Chain 471
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB&dcc=t
Request Chain 473
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGFpK3oBvIlqBfqMeqUoqStqSPdgASIv9w
Request Chain 475
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=9fec636c-e7b6-4900-95eb-292c64b1d1d7&gdpr=0&gdpr_consent=
Request Chain 476
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LAB0PIEF-1O-LQ4D&gdpr=0
Request Chain 477
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5268817596216608719
Request Chain 479
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=5311625886874947398
Request Chain 480
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=zsqQdgl_mdZeUD76_aPH-BVLBHFd7pYzsM0ipUWMmNg
Request Chain 481
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUI4OUEzRDEtRjREOC00NzgwLTlGRUItRDU1MzI1MUI2ODQ4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Request Chain 482
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMH1BFQdQGohpwm8tkW6CAs&google_cver=1
Request Chain 483
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-E7dFAwNE2uFFxx5Kp2MqS9KvZfGrXG6zkSIUWT4-~A
Request Chain 484
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&gdpr=0&gdpr_consent=
Request Chain 485
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=726ed447-99f2-412c-b05e-af3246a31eb6&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171249737&expires=5 HTTP 302
  • https://sync.teads.tv/um?eid=20&uid=726ed447-99f2-412c-b05e-af3246a31eb6&gdpr=&gdpr_consent=&us_privacy=
Request Chain 489
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=9geUITQ3mV6RMiyD66rOsdVyA
Request Chain 490
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=IZVa23vh6Ef2RuPAQcOj&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5JFNFMYJSGN3GQNSFMYZFE5KQIFIWGT3K&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5JFNFMYJSGN3GQNSFMYZFE5KQIFIWGT3K
Request Chain 491
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=ODE1NTMxNTcyMjkwNzIxMzQ=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEB1uJnKwQo46u-2IA0s3170&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 492
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=gNv5RdPfrRWbjKwS09_iR4_QrEWbi_gf044ZX_97
Request Chain 495
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5268817596216608719
Request Chain 496
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_8e7044ff-a795-445b-9f5a-86c8ef7e9cf2&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=726ed447-99f2-412c-b05e-af3246a31eb6 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=726ed447-99f2-412c-b05e-af3246a31eb6
Request Chain 497
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-93bc378b-df8f-46d7-64eb-bd3e933d7953$ip$116.90.74.196
Request Chain 498
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_8e7044ff-a795-445b-9f5a-86c8ef7e9cf2&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=mnwKITnnwMYqdSjqabcF&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23LOO5FUSVDONZ3U2WLRMRJWU4LBMJRUMJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23LOO5FUSVDONZ3U2WLRMRJWU4LBMJRUMJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=mnwKITnnwMYqdSjqabcF&us_privacy=1---
Request Chain 499
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1668081593491 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=780831010 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-f15b192a-1fae-4246-9349-f0bfd64d658f-004
Request Chain 500
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=7lVctOWxxRJo&ev=1&pid=558355
Request Chain 501
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28oxKLqhFzJL7PUSEH9XCs3BkSlfOrsOR8-PdSPztg7Zi5JXcKxkN84Wad6_QoaP8Y%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28oxKLqhFzJL7PUSEH9XCs3BkSlfOrsOR8-PdSPztg7Zi5JXcKxkN84Wad6_QoaP8Y%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_8e7044ff-a795-445b-9f5a-86c8ef7e9cf2&obuid=ENC(oxKLqhFzJL7PUSEH9XCs3BkSlfOrsOR8-PdSPztg7Zi5JXcKxkN84Wad6_QoaP8Y)
Request Chain 502
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=d3f888f7-0c02-402f-966e-6bc2c97fb40b
Request Chain 503
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-bw88tDxE2pfXAzA_UdsX9SmMR2qc_zyCqQfP~A
Request Chain 504
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=2e332aa3-4fdd-4524-b495-8998e0874392
Request Chain 507
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=e8122a17-f734-491b-9cbe-2b5f2c1523d8
Request Chain 508
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=81553157229072134
Request Chain 511
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d
Request Chain 512
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=9fec636c-e7b6-4900-95eb-292c64b1d1d7&gdpr=0&gdpr_consent=
Request Chain 513
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y2zntwAHCQ8i2QAO&gdpr=0&gdpr_consent=
Request Chain 516
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y2znt8Co5ugAAP59RpwAAAAA
Request Chain 518
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y2zntpX8d22C7tHk7dTWjAAA%264894
Request Chain 519
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=sh4mXtEJvgo169K6UtYw&pi=gumgum&tc=1
Request Chain 520
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 522
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LAB0PIEF-1O-LQ4D HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAB0PIEF-1O-LQ4D
Request Chain 527
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9fec636c-e7b6-4900-95eb-292c64b1d1d7&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 528
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2zntwAHCQ8i2QAO&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 529
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xrgnv70ycuo HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 530
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CmmJhFlt3dQRPtzTWW2ShgVi3IQROYjeWTyobY4X HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Request Chain 531
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5268817596216608719&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Request Chain 533
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3s9OYmxLQyt3HO7y9fI7qnRaSsQ
Request Chain 535
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Smy2IJSrDWOUslVos-dsYw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Request Chain 536
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=5cd34a27133544ca83df1e7ff01312d1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 539
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:S4TmoWoO1OT6dP5&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 541
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7824538253 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004
Request Chain 546
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kODejRB9SwOj7oqZge9-vw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 547
  • https://idsync.rlcdn.com/420486.gif?partner_uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=cd504a75403f5e99a88e793416ab09c0cb6d316e88876dd14717b1eab8d5f114791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBjZDUwNGE3NTQwM2Y1ZTk5YTg4ZTc5MzQxNmFiMDljMGNiNmQzMTZlODg4NzZkZDE0NzE3YjFlYWI4ZDVmMTE0NzkxNDI2YjU0MTdkY2UyMRAAGgwIus-zmwYSBAgCEABCAEoA
Request Chain 548
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9fec636c-e7b6-4900-95eb-292c64b1d1d7
Request Chain 549
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTBFMERFOEQtMTA3RC00QjAzLUEzRUUtOEE5OTgxRUY3RUJG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Request Chain 550
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKwxadLwJAZi2nWX8yNhpjA&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Request Chain 551
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:92A6B737A16741888CE33D46A33B58A8 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Request Chain 553
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 554
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4307815592895647751 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 555
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d5fd2c13-9351-405b-a8d8-4842d40520de&ssp=pubmatic
Request Chain 556
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Xj5U93NE2uXGbE.qwBUBKKsxmgCQKkw-~A&gdpr=0&gdpr_consent=
Request Chain 557
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3086834813664652045&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 558
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5268817596216608719 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 559
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=157887a089322062&is_secure=true&networkId=17100&version=1&nuid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF&gdpr=0&gdpr_consent=
Request Chain 567
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LAB0PIEF-1O-LQ4D HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LAB0PIEF-1O-LQ4D

585 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
www.bg3.co/a/ 		51 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
340bfbdf380cc93c957cdc41afd82b19a8ac39137de60e1e5058130823acbc60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 10 Nov 2022 11:59:39 GMT
ETag
"cca1-dyAoKWXMNa50kYkr+ynaykofs9s"
Expires
Thu, 10 Nov 2022 12:59:39 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
188e573bf1e6355ef4c477989d3871b5bad7e45ac71628ad3a3139284b1e0229
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 11:59:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72561
x-xss-protection
0
server
sffe
etag
"8c5dc74afc4fee5e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 11:59:40 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
2a6b050dfbee40d9b3dec339c654771ddd057faa8cec3cb3ae9b5b03be10f50f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 11:59:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9659
x-xss-protection
0
server
sffe
etag
"4254571f41355952"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 11:59:40 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
ec587886fb7850e267d7d17b2c4611caa8b798b95fbacf7a3a6b77f42c848c65
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 11:59:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7581
x-xss-protection
0
server
sffe
etag
"39279299a806cd29"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 11:59:40 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
c3e473d479b570c98cb31c0e98bb2d7ae6284dbfd0e2631bfa4718b9157fdf8d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 11:59:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31984
x-xss-protection
0
server
sffe
etag
"1fa26b097e24ff6d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 11:59:40 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
843
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44539
last-modified
Thu, 27 Oct 2022 03:15:18 GMT
server
cloudflare
etag
"6359f7c6-adfb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=668BhMWmETk45oGvV0F0l%2BuW7PLKECuUDDVAXKjtFQn4nKw5yZsfwEWmfGsq9Wv2bm04CCoCr%2FEYIAFC5aaB0B%2F19GxhyKAwuLf1CIXtuXURguyHAACAYhDMxI9%2B8EIT4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
767e9f990e81a967-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 11:59:40 GMT
content-encoding
br
last-modified
Thu, 10 Nov 2022 07:00:33 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=8
x-cf-geodata
NZ
content-length
9035
expires
Thu, 10 Nov 2022 12:59:40 GMT
adpushup.js
cdn.adpushup.com/42753/ 		867 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
0e74fbb4c49a44d222a938012bf4284b6f9484ceb05c828d39b7c84828f1629e

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 11:59:40 GMT
content-encoding
br
last-modified
Thu, 03 Nov 2022 17:05:29 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
x-cf-geodata
NZ
content-length
194623
expires
Thu, 10 Nov 2022 12:59:40 GMT
50b5e9ed53fe23d53d20754a141d8986.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/50b5e9ed53fe23d53d20754a141d8986.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
17b6af381326850d4e6c8dfd55ed2424.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/17b6af381326850d4e6c8dfd55ed2424.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
98133df26070e5ac3de866674c620413.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/98133df26070e5ac3de866674c620413.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4e1141951e6b15fd167a99eb3d56153a.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4e1141951e6b15fd167a99eb3d56153a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
b3a56a0b9269b847f35d2d92cbe62651.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b3a56a0b9269b847f35d2d92cbe62651.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
3b6e525b788406b1a1871637f0640459.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/3b6e525b788406b1a1871637f0640459.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a50a6e93c3e7e522b8c304c8b36c79d2.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a50a6e93c3e7e522b8c304c8b36c79d2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
34faec0f7c7deb3fdb5d7b9f6cdb98a7.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/34faec0f7c7deb3fdb5d7b9f6cdb98a7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e2d94e1a37c3cabbdd966ce2cce3c33a.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/e2d94e1a37c3cabbdd966ce2cce3c33a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e993dbd1e8669aab0f48e752c78084d3.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e993dbd1e8669aab0f48e752c78084d3.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a028490a79d92d01b8f584b1df0dbbc5.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a028490a79d92d01b8f584b1df0dbbc5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
620e77af52328fe2c2d3c3d6650b4e53.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/620e77af52328fe2c2d3c3d6650b4e53.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a796f194bcdbb6c7f6878bd0c5fc78bb.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a796f194bcdbb6c7f6878bd0c5fc78bb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ff8be0fc1a61f7171e6b87cd15e37f6a.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ff8be0fc1a61f7171e6b87cd15e37f6a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
b1e72afec2eea3bf8449208005d1d184.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/b1e72afec2eea3bf8449208005d1d184.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
0e43d0838afb8375335f0e0fb5e6e25d.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/0e43d0838afb8375335f0e0fb5e6e25d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
fda78dd6d350cd0f3175f0b9f88accd05c1a821199d84b63d9680553d501bc1f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:52:52 GMT
age
76010
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2997
x-xss-protection
0
server
sffe
etag
"b5d6bb1d52a8f322"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:52:52 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
3c1886ac9867da46d6c05ca1a0df4d0634b055826d142b12387e0b4fb483ae39
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 15:15:56 GMT
age
74626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23047
x-xss-protection
0
server
sffe
etag
"ba2717cd44fdea30"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 15:15:56 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		2 KB
894 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
89a3cd86231932c1f0588ac9327257c7e7102f9a4252fcaa4ad2269c486a53b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
9d10843b73211d37c1e21416b91114de626394eec8fdfd3ee51ad4de8de89107
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:52:53 GMT
age
76009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3863
x-xss-protection
0
server
sffe
etag
"409244e9f59114f0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:52:53 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:43 GMT
content-encoding
gzip
x-sp-metadata
HS256.CL/rs5sGEogBCiRlMDgyZmFhOC1lZTc1LTQxZDAtYWVlYi1mNzRhOGNjOTRlOTcQ6JCNkN3O+gIaBgivz7ObBiINMTE2LjkwLjc0LjE5NiiwwQMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDcwNTQwN2Y4LWFlNDktNDVjMC1iYjNlLTg5NTk2N2ZkODZmMBi46QE=.yUbBm/dauBPCS+9MWNVgMRuRTL5XD+3Ovsn3xNwNTAY=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1668081583.dop059.la3.t,1668081583.cds239.la3.hn,1668081583.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
641 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3457
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V42m1S2AYCQXBIo0I5CYAw48SNe2SDlmogYhBuYPkatscrDttzZ%2FmmI5XiqE5WXO3GBoJDb8ZnkXmFCvsL%2BOtQaa4Z%2B0K%2F%2Fot7hQ1xxLtOJEfpj0ewYb7ghttETA3M6WKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
767e9f9ae89fa967-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:42 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:42 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		412 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.3622205603161204&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
43651d9987d330a8113243857b3e376194303e4ec962c2590676657b639ae99e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:42 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
412
ad_request
ads.aralego.com/ 		412 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.7817174158221076&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
43651d9987d330a8113243857b3e376194303e4ec962c2590676657b639ae99e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:41 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
412
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
92ed147fc15d3c39f07e271e6f81abbc19e102bddfd92deea299d5b84bef38a1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 15:02:19 GMT
age
75443
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10265
x-xss-protection
0
server
sffe
etag
"23bc4ca8e6d97223"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 15:02:19 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:43 GMT
content-encoding
gzip
x-sp-metadata
HS256.CL/rs5sGEogBCiQwYTA1ZjlhYi1iZWU0LTRjODItYjVlZS03ZWNjZjdlZjNiNGMQ6JCNkN3O+gIaBgivz7ObBiINMTE2LjkwLjc0LjE5NiiwwQMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGMyNzY0MTY0LThkNzktNDQyOS1iYmQ0LWQxYWI5NjhmOTUzMRib8QE=.TWLSc+aL3eYNV9UhlUKZnJbVZvS7aSYmmpO1ypbdugU=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1668081583.dop059.la3.t,1668081583.cds239.la3.hn,1668081583.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
gtag.json
cdn.ampproject.org/rtv/012210272257000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:58:26 GMT
age
75676
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"0617c6e185be6e0c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:58:26 GMT
init.js
cdn.holmesmind.com/js/ Frame F497 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Thu, 10 Nov 2022 11:59:43 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
27
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
hqgO2sLICdm_cyRKYNE44bAYgm9u1jJMjRavRXrtW1oUc9myvrVasA==
init.js
cdn.holmesmind.com/js/ Frame E882 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Thu, 10 Nov 2022 11:59:43 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
27
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
uj4m1LTfQetdkwiv-1lpegip9c2b02dZcECk2OKfEBSObHfYcoPkRA==
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 5ED7 		714 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3785
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
767e9fa27875aacf-SYD
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 11:59:42 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufWpD4%2FsYMwzxzcu99GA4jZKo4wo2zBHa4B5xV07KSiFo8zu4X2Dok8T8tiPW45kKC2hjrYvNLZqF2l3iLtiA%2B586r0AdU4DP8WKua62ca%2Bp%2FHELfEbTuyP%2BV3M3GdlKsg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:43 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 11D8 		714 B
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3785
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
767e9fa27876aacf-SYD
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 11:59:42 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hv%2F8sJ4Excpf8XuLRtg6TkaYJ8F2RJoQlTdm353ynFt1Dxxgt23HtzOy%2Fj7yaFJSZVANY9jUYcmAVghh3kgvUfUdrXXDBLgL%2FCO5Pvztnhtn%2Bc2aagdt6RE8BLC4%2F3jdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 11D8 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
45c2af6cf00270892b997265755b086541910d9f5192864a0903eea6b3101aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27365
x-xss-protection
0
server
sffe
etag
"1389 / 460 of 1000 / last-modified: 1668080142"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Nov 2022 11:59:43 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5ED7 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
d989d660e37338ede9ee8746a41f6c67bf628aeb5270ca47e93be75ef4c8d59c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27341
x-xss-protection
0
server
sffe
etag
"1389 / 327 of 1000 / last-modified: 1668080142"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Nov 2022 11:59:43 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Thu, 10 Nov 2022 11:59:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
7b1748e516872d3ec44b5f5dd98131d5cf81f6e1821a7a6d0f886bc28720aa23
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:56:32 GMT
age
75791
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57848
x-xss-protection
0
server
sffe
etag
"223b6842b827a21f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:56:32 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=270%E8%90%AC%E5%8D%A1%E5%8F%8B%E6%B3%A8%E6%84%8F%EF%BC%81%E3%80%8C%E5%A5%BD%E5%B8%82%E5%A4%9A%E8%81%AF%E5%90%8D%E5%8D%A1%E3%80%8D%E7%A2%BA%E5%AE%9A%E6%8F%9B%E4%BA%BA%E7%99%BC%E3%80%80%E6%A5%AD%E8%80%85%E9%A6%96%E5%BA%A6%E7%99%BC%E8%81%B2%E4%BA%86%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-BHIgVAiGkraFXl475dMEqA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.4132477782092032&gjid=0.443200115857709&_r=1&a=1194&z=0.4837987885789208&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 7C70 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
21
content-length
4730
content-type
text/html
date
Thu, 10 Nov 2022 11:59:25 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
x-amz-cf-id
DGKJM1YWvJUbKVHG6spG5oySFHOzbWIwd4r2a25b4AGhBdr7Baf6Vg==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame E882 		662 B
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 11:59:43 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
40
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
sEHXkInFNhtT3L2yDNYlPxtII8Q53OpqQSO-ysKwY8Y4sXfpj22Ceg==
presetfn.js
cdn.holmesmind.com/js/ Frame E4D8 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VaSpewhnvI6bFcTAqatFk5SqvLFpxvJd
date
Thu, 10 Nov 2022 11:59:26 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 05:58:48 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
18
etag
"760acffabe0db50f11b07aec24b247c5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9628
x-amz-cf-id
IurEt5B5cqnmo2Z1YA9iviiHSFzKhqBlelX0PVA6Emv2t5FYtpRw0A==
capmapping.htm
cdn.holmesmind.com/js/ Frame 3B6B 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
21
content-length
4730
content-type
text/html
date
Thu, 10 Nov 2022 11:59:25 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
x-amz-cf-id
GFixeazCg4w4VJ-Kri-VhJgKE3F5xJch5tnsPoC4f2pn5_E7bRilpQ==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame F497 		662 B
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 11:59:43 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
40
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
mEn3QDoFt3-GLUJWjZWRIrRP99eye1s-oUoDbzdxo5UIyfNet-3VVQ==
presetfn.js
cdn.holmesmind.com/js/ Frame 10C1 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VaSpewhnvI6bFcTAqatFk5SqvLFpxvJd
date
Thu, 10 Nov 2022 11:59:26 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 05:58:48 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
18
etag
"760acffabe0db50f11b07aec24b247c5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9628
x-amz-cf-id
yFFpt_9wgKQ0yBI3RI5c25GqN7PCNxUZRbl0e4jBHkrWrENTQsEPAw==
pubads_impl_2022110301.js
securepubads.g.doubleclick.net/gpt/ Frame 11D8 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 11:42:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131019
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 08:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Nov 2023 11:42:58 GMT
pubads_impl_2022110701.js
securepubads.g.doubleclick.net/gpt/ Frame 5ED7 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
480c6d422ac35b202cb5c0ff3e440a24c46c4d598282004216321f24544ae625
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 11:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131675
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 09:35:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Nov 2023 11:40:43 GMT
cm.php
fcm.holmesmind.com/ Frame B7A2 		39 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 11:59:44 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 7C70 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:44 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 12:09:44 GMT
cm
c.holmesmind.com/ Frame 7C70
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:45 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Thu, 10 Nov 2022 11:59:45 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-40497817543308984597.ampproject.net/2210272257000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-40497817543308984597.ampproject.net/2210272257000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Preset.js
adcdn.holmesmind.com/adserver/ Frame E4D8 		1 KB
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14006
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-87.sin52.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:54:22 GMT
content-encoding
gzip
via
1.1 e0a25dd43c42c3d534f35d394e12b204.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
322
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
x-amz-cf-id
K-2sTv3BrjSvRPyaKj33OyeFNnP_o7emZtBLV_6g6d-p_ln2hKt7mw==
cm
c.holmesmind.com/ Frame 3B6B
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:45 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Thu, 10 Nov 2022 11:59:45 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
cm.php
fcm.holmesmind.com/ Frame 53D8 		332 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 11:59:54 GMT
referrer-policy
no-referrer
utag.js
t.ssp.hinet.net/ Frame 3B6B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:44 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 12:09:44 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 10C1 		1 KB
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14006
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-87.sin52.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:54:22 GMT
content-encoding
gzip
via
1.1 e0a25dd43c42c3d534f35d394e12b204.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
322
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
x-amz-cf-id
A9YyzrPzBgB5kXGYJGf5gV9kJ6cuLyY3Td7TsfbfsBIKkxXDq_seLA==
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1668081583855
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 11:59:44 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=6
accept-ranges
bytes
content-length
631
expires
Thu, 10 Nov 2022 12:59:44 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 11:59:45 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=4
content-length
94168
expires
Fri, 10 Nov 2023 11:59:45 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 11:59:45 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-length
211
expires
Fri, 10 Nov 2023 11:59:45 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 11:59:45 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=4
content-length
17440
expires
Thu, 10 Nov 2022 12:59:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
c590106c538d6a794d33b08be9570898a47529098712f14a8f55b55f7d189f2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27363
x-xss-protection
0
server
sffe
etag
"1389 / 977 of 1000 / last-modified: 1668080062"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Nov 2022 11:59:44 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:45 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjgwODE1ODQxOTMsInBhY2tldElkIjoiMDAwMEE3MDEtZGE3N2M5ODYtMzg0YS00NTU3LWIyNjQtZjgyNjFjZmMzYTUzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzI3MG1vLXFpYS15b3Utemh1LXlpLWhhby1zaGktZHVvLWxpYW4tbWluZy1xaWEtcXVlLWRpbmctaHVhbi1yZW4tZmEteWUtemhlLXNob3UtZHUtZmEtc2hlbmctbGlhby5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=6155
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:45 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjgwODE1ODQxOTQsInBhY2tldElkIjoiMDAwMEE3MDEtZGE3N2M5ODYtMzg0YS00NTU3LWIyNjQtZjgyNjFjZmMzYTUzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzI3MG1vLXFpYS15b3Utemh1LXlpLWhhby1zaGktZHVvLWxpYW4tbWluZy1xaWEtcXVlLWRpbmctaHVhbi1yZW4tZmEteWUtemhlLXNob3UtZHUtZmEtc2hlbmctbGlhby5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=6155.60000038147
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:45 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjgwODE1ODQxOTQsInBhY2tldElkIjoiMDAwMEE3MDEtZGE3N2M5ODYtMzg0YS00NTU3LWIyNjQtZjgyNjFjZmMzYTUzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzI3MG1vLXFpYS15b3Utemh1LXlpLWhhby1zaGktZHVvLWxpYW4tbWluZy1xaWEtcXVlLWRpbmctaHVhbi1yZW4tZmEteWUtemhlLXNob3UtZHUtZmEtc2hlbmctbGlhby5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=6156
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:45 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:45 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
754
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Thu, 10 Nov 2022 15:59:45 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjgwODE1ODQxOTksInBhY2tldElkIjoiMDAwMEE3MDEtZGE3N2M5ODYtMzg0YS00NTU3LWIyNjQtZjgyNjFjZmMzYTUzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzI3MG1vLXFpYS15b3Utemh1LXlpLWhhby1zaGktZHVvLWxpYW4tbWluZy1xaWEtcXVlLWRpbmctaHVhbi1yZW4tZmEteWUtemhlLXNob3UtZHUtZmEtc2hlbmctbGlhby5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=6160.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:45 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjgwODE1ODQyMDEsInBhY2tldElkIjoiMDAwMEE3MDEtZGE3N2M5ODYtMzg0YS00NTU3LWIyNjQtZjgyNjFjZmMzYTUzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzI3MG1vLXFpYS15b3Utemh1LXlpLWhhby1zaGktZHVvLWxpYW4tbWluZy1xaWEtcXVlLWRpbmctaHVhbi1yZW4tZmEteWUtemhlLXNob3UtZHUtZmEtc2hlbmctbGlhby5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=6162.89999961853
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:45 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7D55 		603 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-22356909702278556805&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3069&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=475001194&ga_cid=amp-BHIgVAiGkraFXl475dMEqA&ga_hid=1194&dt=1668081583843&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&bdt=4216&dtd=573&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210272257000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:45 GMT
expires
Thu, 10 Nov 2022 11:59:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 11D8 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 11D8 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 11D8 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1282009759529532&correlator=709794257128512&eid=31070787%2C21065725%2C31061690&output=ldjh&gdfp_req=1&vrg=2022110301&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-39&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1668081584478&lmt=1644386353&dlt=1668081582560&idt=1898&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=b7qw3pfe865j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=947531050.1668081584&ga_sid=1668081584&ga_hid=256056543&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
5359a5d1904791206d41de0e2c7b9c2ba9eab011833e2f5a474be252979c7e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
76d80a4312d81001005c23532a6c38d7.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame D2EC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://76d80a4312d81001005c23532a6c38d7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:45 GMT
expires
Fri, 10 Nov 2023 11:59:45 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
t.ssp.hinet.net/ Frame 3B6B 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
999ec0b6b043fe0c44810a1484da546db599402645b13f1d6563a70a07d4af7c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:44 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 7C70 		37 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1b918ab7ac683bfde6f789a81b77ffcaec1b7239fa1972c921e09cb5b28afe8e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:44 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
integrator.js
adservice.google.co.nz/adsid/ Frame 5ED7 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5ED7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5ED7 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1876437168037523&correlator=3810790904999064&eid=31070788&output=ldjh&gdfp_req=1&vrg=2022110701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-39&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1668081584673&lmt=1644386353&dlt=1668081582567&idt=2086&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=ejrzq2bm1a61&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1468175856.1668081585&ga_sid=1668081585&ga_hid=1744909554&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
b81e2f9fd1425cfdb286de3f8c48da17b58ea35644eec07802406f73d0b410ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a3634f3cb0b4767cba36538c2be5a2c5.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame C16D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a3634f3cb0b4767cba36538c2be5a2c5.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:45 GMT
expires
Fri, 10 Nov 2023 11:59:45 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022110301.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3175
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131019
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 08:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 10 Nov 2023 11:06:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Thu, 10 Nov 2022 11:59:45 GMT
ads.js
ad.holmesmind.com/adserver/ Frame E4D8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&n=758&o=1&d=1&b=2&ts=1&ii=2&FPCK=9750-ROQS9ww2tOvxh1bjqzgPUfC6uUJaxiQa&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.174.187 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6aec8ac2a7b20e7548ea318fd21f136c8e4167a99dc261562e7b8998f8c6977e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 10 Nov 2022 11:59:46 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame E4D8 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 11:59:25 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
25
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
CXCF9GRhmeQ1hG1pet9s5kv4k7pauqRIsaG0xUH622JXi-ZZ9tOerw==
publishertag.js
static.criteo.net/js/ld/ Frame E4D8 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 11:59:46 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame E4D8 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 11:59:25 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
32
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
GXieK4oZrEI0zGqCkle23IC1TpFrDB-Y3SUCzD2mM7KGWWEY75GDTw==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame E4D8 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 11:59:25 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
60
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
Y6Pnv6wNeBgVI0QKJL8nbSDAjAj2dJu4bYovGn-4yHSbsNZ8yF-LXQ==
appierV2.js
cdn.holmesmind.com/js/ Frame E4D8 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 11:59:37 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
10
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
syyhfFvlzBW_mDGrUHVHSgrZ1Qa_zrwwoS1aSTNT7yFbZcxNnAjYEg==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame E4D8 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QNf_HVa__9WDJ9903hLaQWAhMnzhWu2z
date
Thu, 10 Nov 2022 11:59:29 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 09:50:43 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
17
etag
"b678af4b54f33f8ef194167ea87bc296"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5925
x-amz-cf-id
0jjoLl4Mn4Y4Wvwlrusfmjut1W3tKUrZVVFNO_pTQuMR1c-7n-3sGQ==
ads.js
ad.holmesmind.com/adserver/ Frame 10C1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&n=135&o=1&d=1&b=2&ts=1&ii=2&FPCK=9750-ROQS9ww2tOvxh1bjqzgPUfC6uUJaxiQa&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.174.187 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7ab9a81460eec19771cfeddbfbe776142581358496b394f2259ff4f4dcefbefa

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 10 Nov 2022 11:59:46 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 10C1 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 11:59:25 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
25
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
_6-e7XG9zSRe1hqG7dsEcGWT-n9_0qn1H_ijE2pmLk-uXlVQAk-JrQ==
publishertag.js
static.criteo.net/js/ld/ Frame 10C1 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 11:59:46 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 10C1 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 11:59:25 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
32
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
vy1eenFwi8IEkuh5PiJ8ADthqAvj5jYqGF0Y7kHxvxD_H3YYVA5vxA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 10C1 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 11:59:25 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
60
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
X0R2vhSYv4oCBcH4bjuQAXmX8wO7R6Zgg-4NXonRIKF1nmLDe9xZDg==
appierV2.js
cdn.holmesmind.com/js/ Frame 10C1 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 11:59:37 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
10
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
YE_4T0vjWdCPUf0cUR52eC4c8kPp58Yn1BFtvhOmSDxgFACwnss-ng==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 10C1 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QNf_HVa__9WDJ9903hLaQWAhMnzhWu2z
date
Thu, 10 Nov 2022 11:59:29 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 09:50:43 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
17
etag
"b678af4b54f33f8ef194167ea87bc296"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5925
x-amz-cf-id
SdasDgVLM4aCehuarj0K3Z0GLX5i_tRM2_LzUnjIP0UEEbKKtBsuwg==
emome2
t.ssp.hinet.net/ Frame 3B6B 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=77367ad1-cdef-4fc3-ad2b-475201ec3499
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:44 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 7C70 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=e19a34cd-4cdd-4d91-822a-d2499a5b1a8b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:44 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
landing.php
fp.holmesmind.com/ Frame 541D 		332 B
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3016-y7NCkBQ2izDZ09Gy2eRsnPWqDI5wIyPR&CFFPCKUUID=9750-ROQS9ww2tOvxh1bjqzgPUfC6uUJaxiQa&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&maindomain=www.bg3.co
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 11:59:54 GMT
referrer-policy
no-referrer
utag.js
t.ssp.hinet.net/ Frame E4D8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:45 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 12:09:45 GMT
landing.php
fp.holmesmind.com/ Frame 1B0B 		332 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3016-y7NCkBQ2izDZ09Gy2eRsnPWqDI5wIyPR&CFFPCKUUID=9750-ROQS9ww2tOvxh1bjqzgPUfC6uUJaxiQa&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&maindomain=www.bg3.co
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 11:59:54 GMT
referrer-policy
no-referrer
utag.js
t.ssp.hinet.net/ Frame 10C1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:45 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 12:09:45 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 11D8 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
21cae797f98ffb57af916d8cc1240a57ba56acffca7064cf03b8a71eb7ae2610
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12449
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5ED7 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
dd043f2f6b13ee8d7e7a04b0f7eaf247899d0d987a1d6dee72b56fdc447a2916
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12522
x-xss-protection
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame E4D8 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 10 Nov 2022 11:59:46 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 10C1 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 10 Nov 2022 11:59:46 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame E4D8 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.05974936104781259
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 11:59:45 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame E4D8 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.16332285652676481
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 11:59:45 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame E4D8
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=3nSf-EMoA1qVOe02s-dsYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=3nSf-EMoA1qVOe02s-dsYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 11:59:47 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=3nSf-EMoA1qVOe02s-dsYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame E4D8
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=JgxkkY6ACOavjhU7s-dsYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=JgxkkY6ACOavjhU7s-dsYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 11:59:47 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=JgxkkY6ACOavjhU7s-dsYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame E4D8
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=xymqdyNfDiC048bDs-dsYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=xymqdyNfDiC048bDs-dsYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 11:59:47 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=xymqdyNfDiC048bDs-dsYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 11D8 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 11:59:46 GMT
bid
ad2.apx.appier.net/v1/prebid/ Frame 10C1
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Smy2IJSrDWOUslVos-dsYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Smy2IJSrDWOUslVos-dsYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 11:59:47 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Smy2IJSrDWOUslVos-dsYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 10C1
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=7vHZJRumDbKqBhl3s-dsYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=7vHZJRumDbKqBhl3s-dsYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 11:59:47 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=7vHZJRumDbKqBhl3s-dsYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 10C1
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=o3XC-YpdBvWgafP6s-dsYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=o3XC-YpdBvWgafP6s-dsYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 11:59:47 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=o3XC-YpdBvWgafP6s-dsYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 10C1
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Wj6jd72CCZS1EhUxs-dsYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Wj6jd72CCZS1EhUxs-dsYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 11:59:47 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Wj6jd72CCZS1EhUxs-dsYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 10C1
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=aindr3gNAPijndTJs-dsYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=aindr3gNAPijndTJs-dsYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 11:59:47 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=aindr3gNAPijndTJs-dsYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame 10C1 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.10510043578104566
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 11:59:45 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame 10C1 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.08469686127130727
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 11:59:45 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame E4D8 		36 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
75f50c261b08272f0db9cf668ef94aaf5fb2fd3bcf7f691c3b960581cd142530
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 10C1 		36 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
75f50c261b08272f0db9cf668ef94aaf5fb2fd3bcf7f691c3b960581cd142530
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5ED7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 11:59:46 GMT
emome2
t.ssp.hinet.net/ Frame E4D8 		30 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=e19a34cd-4cdd-4d91-822a-d2499a5b1a8b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 10C1 		30 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=e19a34cd-4cdd-4d91-822a-d2499a5b1a8b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
drawV2.js
cdn.holmesmind.com/js/ Frame E4D8 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&n=758&o=1&d=1&b=2&ts=1&ii=2&FPCK=9750-ROQS9ww2tOvxh1bjqzgPUfC6uUJaxiQa&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 11:59:46 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
37
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
qdCYv-tDqvhCh54rHHPi3JV6UMajwQdOQYrlspqSyRkqstWeXlPeJg==
drawV2.js
cdn.holmesmind.com/js/ Frame 10C1 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&n=135&o=1&d=1&b=2&ts=1&ii=2&FPCK=9750-ROQS9ww2tOvxh1bjqzgPUfC6uUJaxiQa&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-27.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 11:59:46 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
37
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
KrcXABhzhdNrFWKX3rQlRW6h0soEaDSxansYfXbtgbL3YEnDe-gyWg==
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0d05d748e2bed6c06d43389b5ce1e231a15bbad2d5b0569106cf95249bc1ae92

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
content-encoding
gzip
etag
"Y8QtaFbAe6Y/4gwtHHbZIQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 17 Nov 2022 11:59:46 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221110
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eceb3b77fb85545a7deaf9b0b5a862291c6ec78d2256c5bdcd35419608d2e26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
32286
x-jsd-version
1.0.1519
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"667-uUj5gf5dt/YxoDEfGr8LlrRaszc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28cPTZspp0mZIqil0fFWZYqTxQ6UcSJ2anWdocoAeSFN1S%2FXwhfpS0ws9z2pAbeNoVr%2BtBYiON3%2FgDkgoyLM9gaqe0xa4xwbjPBYG0jMhoM56cb7HQ11ZFJppgWihn1vzPA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
767e9fbcacdda801-SYD
hbjson
grid.bidswitch.net/ 		23 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2d5c1c88c6c948d7508480ea94fabfc63f6c056f84ce2fa555290ebf28c39270

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 10 Nov 2022 11:59:47 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
prebid-request
onetag-sys.com/ 		15 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cdb
bidder.criteo.com/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=43449517674
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
adreq
ads.servenobid.com/ 		717 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=8928
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.49.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:47 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 10 Nov 2022 11:59:47 GMT
auction
tlx.3lift.com/header/ 		37 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.147.224 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-147-224.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
d7d23d3ab2ac96f03704a31fcf43f6a1bda607d4322caea23b6c8b87921cec3e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:47 GMT
content-encoding
gzip
accept-ch
sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
10236
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22334f983f7d30384%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2240adbe858463b29%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%224350d63b772d404%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2244c1f1ec3bb42f8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f76913de-8d90-478e-abc3-b3c7650886b0%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ff0e0bba1f87dcc790b41cbdf2247e0989f0165d2d4efe3e4514ca2531b50ef

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpALN1H95wFy6x5i09V4jT%2F8jO4vR5%2B%2FgpqTL2gxWJkg8gkmTKt5F6nJcXaKEhuOv%2F2T5WmIQhLAinIPEQX7V%2FjN6oI4KM%2BfinHp9aPVLLDnZhwUK34dRGVWKZR7hmLzoORxrHen"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
767e9fbc8af5fb7c-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22334f983f7d30384%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224350d63b772d404%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2244c1f1ec3bb42f8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f76913de-8d90-478e-abc3-b3c7650886b0%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ff0e0bba1f87dcc790b41cbdf2247e0989f0165d2d4efe3e4514ca2531b50ef

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25q7DNus28iQIdkFXBusubyIuR9cnt3y4KUOLIoGuNjpYNW55HO3Ohgj9HCB7bZptlzR5w7JatR3nCg5rU%2Fy6MFVw3tr1w2rwYw5btdSK%2FrzzFN4m6EIU07EvjuKPGWN9Yk685VG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
767e9fbc8af7fb7c-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
926 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3a6471fa0019f76dcc734c925c544edf9608d392b40d4a26ef9244d01b7c6b24

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:46 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
167
alt-svc
clear
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4cd4c62cef16c9c1060c218f31b42d39e2cb22d2ff282cf9cfa403f4e1224acf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:47 GMT
AN-X-Request-Uuid
848c94d0-3559-4041-9aac-da79886ec166
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
379
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.245.94 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-245-94.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
efc39ee011b8d6bd9782d73457c999dd6ed2dcea0803929e04968a7baa307dbd

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:47 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.245.94 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-245-94.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c9cc37680d2bb1c1dc21bbcccecc2453d8993ecd73c646e16992fa8625202576

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:47 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.245.94 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-245-94.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
981688a9ab54df24eb8a49e339d34e635082005fb64a29e97059b4f291a3e38b

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:47 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=f76913de-8d90-478e-abc3-b3c7650886b0%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=f63741fd-1895-4544-81b4-7b6cc060ccfd%3Ba5efbef9-56f9-4208-ad25-12178f106f03%3B85b9a3f3-c837-4cb5-b0fe-654cb93c4c7a&l_pb_bid_id=5490906c564b7b7%3B55fb074e8670cce%3B565a642c63e6768&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.933138287657548
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
48e7fa596bba271c09bc91b45d8f11118823504374aff551e34c69a7627ecdca

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.168.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-168-124.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
29
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Thu, 10 Nov 2022 11:59:47 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
arj
adpushup-d.openx.net/w/1.0/ 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8e0f34dd-e649-4978-93a2-61186feea4ab%2Cc214fd42-deb4-4a26-81e0-1edae3963bb3%2Cfefb2147-594e-47e0-8d13-17f69199841d&nocache=1668081586358&pubcid=f76913de-8d90-478e-abc3-b3c7650886b0&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0f783484a5c5824a2d690b304ec6934cf448a29d0572213e147fe672978e6f6c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:47 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4815
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ed47ba99-8efc-4238-b7d2-e7f27434cc5b&nocache=1668081586359&pubcid=f76913de-8d90-478e-abc3-b3c7650886b0&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:46 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=18a025c5-e9fa-4de9-897f-8c8bc357488d&nocache=1668081586359&pubcid=f76913de-8d90-478e-abc3-b3c7650886b0&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:46 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f3847976-8225-40ff-afdb-f3d1f1e0c31c&nocache=1668081586359&pubcid=f76913de-8d90-478e-abc3-b3c7650886b0&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:46 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cm
t.ssp.hinet.net/ Frame E4D8 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=3016-y7NCkBQ2izDZ09Gy2eRsnPWqDI5wIyPR&mp=e19a34cd-4cdd-4d91-822a-d2499a5b1a8b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
e19a34cd-4cdd-4d91-822a-d2499a5b1a8b.t.ssp.hinet.net/ Frame E4D8 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e19a34cd-4cdd-4d91-822a-d2499a5b1a8b.t.ssp.hinet.net/pixel?bd=e19a34cd-4cdd-4d91-822a-d2499a5b1a8b&t=50ef57&referrer=https%3A%2F%2Fwww.bg3.co
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
pixel
e19a34cd-4cdd-4d91-822a-d2499a5b1a8b.t.ssp.hinet.net/ Frame 10C1 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e19a34cd-4cdd-4d91-822a-d2499a5b1a8b.t.ssp.hinet.net/pixel?bd=e19a34cd-4cdd-4d91-822a-d2499a5b1a8b&t=50ef57&referrer=https%3A%2F%2Fwww.bg3.co
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 10C1 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=3016-y7NCkBQ2izDZ09Gy2eRsnPWqDI5wIyPR&mp=e19a34cd-4cdd-4d91-822a-d2499a5b1a8b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame E4D8 		177 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=32211278403
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f28ae6d64fc2b897822adde03cdf0b40bae06b2c4533d045e69e9229938190d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
cdb
bidder.criteo.com/ Frame E4D8 		177 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=16084372069
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
41f2e55756b62016e6b26d2a6765eb5c74f243c9e0bd7f3254835f714d6997cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 79D2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
79460
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 13:55:27 GMT
expires
Thu, 09 Nov 2023 13:55:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DB76 		783 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
GSE /
Resource Hash
61ad68b4764fd7dd17722748665468efb0eef518b0ae7807587c944f3b7ff9c6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x0o7BjlmmE74j2KSoJdOlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-x0o7BjlmmE74j2KSoJdOlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:47 GMT
expires
Thu, 10 Nov 2022 11:59:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E2DF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
79460
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 13:55:27 GMT
expires
Thu, 09 Nov 2023 13:55:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B722 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
GSE /
Resource Hash
e57a4cf896194884fdb23b002e13a4650bc341d81651f5803f14b1c18f3bd6bb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fhr4FscR_LXRhVRskqTJKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-fhr4FscR_LXRhVRskqTJKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:47 GMT
expires
Thu, 10 Nov 2022 11:59:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cdb
bidder.criteo.com/ Frame 10C1 		177 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=28579450268
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
8248df04ccb69bd161bda7d5abf2912054adffe61b2a70c86643e4e411dd63e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
162
cdb
bidder.criteo.com/ Frame 10C1 		177 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=81306980973
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
eb850f0aa97c25e486a535d8ed2807b3389eb407cbf2bc566cb3f177d64d580b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI4ODQ5NjhfMTY2ODA4MTU4Njg2NCIsInVzZXJJZCI6IjkyODg2Nl8xNjY4MDgxNTg2ODY0Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNTUxODQyXzE2NjgwODE1ODY4NjQiLCJwYWdlUGF0aCI6IiUyRmElMkYyNzBtby1xaWEteW91LXpodS15aS1oYW8tc2hpLWR1by1saWFuLW1pbmctcWlhLXF1ZS1kaW5nLWh1YW4tcmVuLWZhLXllLXpoZS1zaG91LWR1LWZhLXNoZW5nLWxpYW8uaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkYyNzBtby1xaWEteW91LXpodS15aS1oYW8tc2hpLWR1by1saWFuLW1pbmctcWlhLXF1ZS1kaW5nLWh1YW4tcmVuLWZhLXllLXpoZS1zaG91LWR1LWZhLXNoZW5nLWxpYW8uaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJkZXNjcmlwdGlvblBhZ2UiLCJleHBlcmltZW50UGFnZSI6dHJ1ZSwidGltZXN0YW1wIjoxNjY4MDgxNTg2ODY1fQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvMjcwbW8tcWlhLXlvdS16aHUteWktaGFvLXNoaS1kdW8tbGlhbi1taW5nLXFpYS1xdWUtZGluZy1odWFuLXJlbi1mYS15ZS16aGUtc2hvdS1kdS1mYS1zaGVuZy1saWFvLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvMjcwbW8tcWlhLXlvdS16aHUteWktaGFvLXNoaS1kdW8tbGlhbi1taW5nLXFpYS1xdWUtZGluZy1odWFuLXJlbi1mYS15ZS16aGUtc2hvdS1kdS1mYS1zaGVuZy1saWFvLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 11:59:47 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=111, origin; dur=201
content-length
555
expires
Thu, 10 Nov 2022 12:59:47 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-127.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:23:55 GMT
via
1.1 bdcb0966d6e5d28eb31a406298268896.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
2153
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
K5lckXsVH_XDRbdEkTnnCtGbq4iqm6QtL_Kbb3Ozc2-hs0j31YcCaA==
events
bidder.criteo.com/csm/ Frame E4D8 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 1297 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
36bda3b04bf4ab6284353ade779bcd8b3eb4e245add4ca5df0ff31c25421ff02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40000
x-xss-protection
0
server
cafe
etag
10448708395955732672
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 11:59:47 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 79D2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 14:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 14:43:55 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 598E 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
e396e37cbb706a967089f426f4705851bc6f4d3d2763e408ec27db0a1f54c664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39985
x-xss-protection
0
server
cafe
etag
4937329204176383504
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 11:59:47 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame E2DF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 14:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 14:43:55 GMT
events
bidder.criteo.com/csm/ Frame 10C1 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame E4D8 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame 10C1 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 11:59:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
sodar
pagead2.googlesyndication.com/pagead/ Frame B722 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110701&jk=1876437168037523&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame DB76 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110301&jk=1282009759529532&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ 		223 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d79977d6666ef96957fbfb1471a5668d29e63435248588f06094e5625d36ebe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78381
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 10 Nov 2022 11:59:47 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS8yNzBtby1xaWEteW91LXpodS15aS1oYW8tc2hpLWR1by1saWFuLW1pbmctcWlhLXF1ZS1kaW5nLWh1YW4tcmVuLWZhLXllLXpoZS1zaG91LWR1LWZhLXNoZW5nLWxpYW8uaHRtbCIsInRpbWUiOjE2NjgwODE1ODc1MTl9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:47 GMT
server
nginx/1.14.0 (Ubuntu)
pixel;r=1544746682;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html;uh=e51ed67dfb8d91d...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1544746682;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-2017867598-1668081587049;pbc=f76913de-8d90-478e-abc3-b3c7650886b0;ns=0;ce=1;qjs=1;qv=ff7a2451-20221108120308;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1668081587766;tzo=0;ogl=;ses=bbab3105-f31a-4673-aea4-0d20a616bd92
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/ Frame 598E 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/show_ads_impl_fy2021.js?bust=31070786
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
7e61dcf5fa6f4ac47352e171d567b8c1c47f7d07241aecbfc06ce1b3a9a745db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119453
x-xss-protection
0
server
cafe
etag
9134654106525058754
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 11:59:48 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/ Frame 1297 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
1ac3130c49137e3c7cf968a9f78ce7437699563dc2104b629791dfe7ce744f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119046
x-xss-protection
0
server
cafe
etag
7452739962175289859
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 11:59:48 GMT
integrator.js
adservice.google.co.nz/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		149 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2328200680067193&correlator=1003689767847276&eid=31070789%2C31068366&output=ldjh&gdfp_req=1&vrg=2022110301&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-39&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D7428f593f175ff4%26hb_ap_bidder%3Dtriplelift%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D7761b63137d58e4%26hb_ap_bidder%3Dopenx%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1668081588336&lmt=1668081588&dlt=1668081579627&idt=6491&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1833622361.1668081588&ga_sid=1668081588&ga_hid=1194&ga_fc=false&ga_cid=amp-BHIgVAiGkraFXl475dMEqA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
ac7aedd5ad4b0074cf812f488d52171dece90d64bac34895eb6b8cb15604595a
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13885821050941341696/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13885821050941341696/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMjeqZTIo_sCFQZJjwodKqsOqA&gqi=&layout=/sadbundle/%24csp%253Der3%24/13885821050941341696/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13885821050941341696/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13885821050941341696/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMjeqZTIo_sCFQZJjwodKqsOqA&gqi=&layout=/sadbundle/%24csp%253Der3%24/13885821050941341696/index.html
date
Thu, 10 Nov 2022 11:59:48 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42429
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame B4EF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:48 GMT
expires
Fri, 10 Nov 2023 11:59:48 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame E2DF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ontdSQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 79D2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?288vHA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb90&_p=1194&cid=1833622361.1668081588&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668081588&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&dt=270%E8%90%AC%E5%8D%A1%E5%8F%8B%E6%B3%A8%E6%84%8F%EF%BC%81%E3%80%8C%E5%A5%BD%E5%B8%82%E5%A4%9A%E8%81%AF%E5%90%8D%E5%8D%A1%E3%80%8D%E7%A2%BA%E5%AE%9A%E6%8F%9B%E4%BA%BA%E7%99%BC%E3%80%80%E6%A5%AD%E8%80%85%E9%A6%96%E5%BA%A6%E7%99%BC%E8%81%B2%E4%BA%86%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 598E 		379 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/show_ads_impl_fy2021.js?bust=31070786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
40ec72c152e2fb0c338e2759633457f0ea89297987019e50e2cf449798847340
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 598E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/show_ads_impl_fy2021.js?bust=31070786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 598E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/show_ads_impl_fy2021.js?bust=31070786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7CEE 		21 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/show_ads_impl_fy2021.js?bust=31070786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
4b7c730c8bb7fb72b76d2e0094c7e002f3334c9e5222559cb323e5ca5b44780b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10691
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:49 GMT
expires
Thu, 10 Nov 2022 11:59:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 1297 		379 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
355a9bb024259a7da67bbd02e38097bc18fe12f9f824859d7a98d6c066204809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 1297 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1297 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1A82 		74 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
b0e53026fbdf31995ad876262629de4c35487aca67620064532c8a77a9abfa18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
28309
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:49 GMT
expires
Thu, 10 Nov 2022 11:59:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
container.html
de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 6D95 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:48 GMT
expires
Fri, 10 Nov 2023 11:59:48 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=10986.199999809265&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiI0YTI2NmQ2My1lYTcxLTQzYjktOWYxYS1mZDA2MDhiZTNiMmEiLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWRhNzdjOTg2LTM4NGEtNDU1Ny1iMjY0LWY4MjYxY2ZjM2E1MyIsImNvdW50cnkiOiJOWiIsInNpdGVJZCI6NDI3NTMsInRpbWVTdGFtcCI6MTY2ODA4MTU4OTAyNX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 10 Nov 2022 11:59:49 GMT
Server
nginx/1.18.0 (Ubuntu)
container.html
de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame A65F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:48 GMT
expires
Fri, 10 Nov 2023 11:59:48 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame EB8A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:48 GMT
expires
Fri, 10 Nov 2023 11:59:48 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=11022.300000190735&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiI0YTI2NmQ2My1lYTcxLTQzYjktOWYxYS1mZDA2MDhiZTNiMmEiLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWRhNzdjOTg2LTM4NGEtNDU1Ny1iMjY0LWY4MjYxY2ZjM2E1MyIsImNvdW50cnkiOiJOWiIsInNpdGVJZCI6NDI3NTMsInRpbWVTdGFtcCI6MTY2ODA4MTU4OTA2MX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 10 Nov 2022 11:59:49 GMT
Server
nginx/1.18.0 (Ubuntu)
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=11023&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiI0YTI2NmQ2My1lYTcxLTQzYjktOWYxYS1mZDA2MDhiZTNiMmEiLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwicGFja2V0SWQiOiIwMDAwQTcwMS1kYTc3Yzk4Ni0zODRhLTQ1NTctYjI2NC1mODI2MWNmYzNhNTMiLCJjb3VudHJ5IjoiTloiLCJzaXRlSWQiOjQyNzUzLCJ0aW1lU3RhbXAiOjE2NjgwODE1ODkwNjF9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 10 Nov 2022 11:59:49 GMT
Server
nginx/1.18.0 (Ubuntu)
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 11:59:49 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 701E 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICELGQ6u0CGOeI-9UBMAE&v=APEucNV10AEphfZn8-7kfXWWzk0V3sGqaybPVhXBlGqWJwikbt-8Xra2ClDDdPtBscs2hKenkFX6vg2fTSrPvaIP8_IgSIxZBA
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 6D95 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cpc90Mn81qfElmUWZwJeCpsqjyMLaPZ5tl68yArXw7dJhu6pTJLAWkUpON6P7Q1wp_Cl4vdY3klV6V1xI3LMPAIY3mVsmZGUDGNBG7DgK6mdrpyyhXqspJXqrZSf4JL_WGqHVOMLMUDLqT-xExmGnkld6uIbKiXHm9GZf4qWbnr7oqMJ4&cry=1&dbm_d=AKAmf-CgfftSevPlFFoMDQy6PNcG_3MmE-90rIwAv6B_wvSLHMH3FKY_WBvwdKQg0qtqbCR0hSL0lXkeW2goDUb14LFZ_swfQKNINo4b5_RpH59GWPZpA6Yfuw1Q77XaEq6i3EzSNZBtETkzUB_5E92Z-3mKx09KLVqNwolb9cz8EMeZsd-t5Sg7ZsJBdj_rx17rvslGKuFz0OuOCuOUH7hhZi0LIY7wR6Lq09OSTjNUeH44OJg7APRtt5mQE8rg0yKe85WKw3yQ_QKbdQlme9bDD6Y9SXExYGhJckPBj7kFaQikjwgZS5a6rIlJ8uAQ4hxYpwxp257ZrWQjsv6WA7XnnZWemSIXJ9NFHgwcTCpRF5vNfP5X4nlG2cGVmacOnLeMRgtvBA7m7YzHhxn98sJ5yGBM6XKxZVpN02V_BKT2PygSBKRUu2NP-4ypNjQGIEC_Br2r__3k7tvUnib_oPUIv_dOuomcRF3qBGZu5rZhBArJRemXsugXN39YhNRmjk-IbTPl-Bh6seZwzwsQmXh5A1z6Q3lEp_6TuQa-nklH7FMV4U77OII8jIgvfPcAi3YkBlqZdGv_pXsiY6vYiAiYwFag3RgG8UV7SCJ37cVWe1hgQvZgPvl-y2UTR9uGmIi7icVdV2RWmfz29xwfo1FjsqaeW9cNfbmL6XqDtATTOpx4MZccEy-w95HFrSExItq90sUW8VAZsGX6tiblB0bayXK0mvmpuFWyiC6So67LF-IVOS7Su8VDLw6Aj8S9wGWdtVXv5eDfbytgpYVzS1e8GjKfZYuqVXcrTuCUzkVA38daytFhVZG427mTlT-gOiYhgGv4R1jtUrb0pPg1iyUrUGYvjq0YSkguv4fAb5Q6dMUjlaX4qB9MAoeSxXY_AUgNSLxJH46LCHaF_tnDoSnM_7oSS3Fi5ufCfoVi2m5p4bN_xBKRTRka3uCRWbxE4sK9meTnEoY0tbGu_WZ_Ah4sxG_nzoemFEhPKyhnzE9Thcdt8k5JXg6VT8XW6p8CtcAr6BHdt79MQk7-1EBnO4KCvvpnrpv3lQlqDlStZE_U2jF8bnI7nuUaVE62h8FWyqx-K0avwagY_hpd66WCS_7Ew2i4mLE8BT2GYOotfxJdehEg9f5PrCaBlkXBVjd_4eKB1s4_OpgBghy_snz43HTpMwW1td1DcWkqBotg_6e0349pf7v9QTYwVWdATWBdhsuqNbtLFiO18Hhpkeg5eYoMjZGpcYVyS377UJWYfVavRIN1ly93AK1Lnym4LUdBgRL57biq9qCz5_OKQA5dhWX6YhHB-Bcu5tXt6Qo4nrDoq15S3bbrTcv1ZpX-K_zWdwinyVajLldLXj8m4RL1YP6kWhCHbiGBa0YYluVuYO0rYhJogUsfhZFCNxg4BLCeR5-oPaWKCwXWFHVTNTGq_UBT9ftKoaCqqZsJ5TvaQRAu8vGyWNARCe-50IY42vZgK0y4uKSokPd3__q3U4Rmms4fEJCAGS1npoYhze71twDbHUkV4cmjbRy0xEIILvGW3QyKH1IpG29kM2I5lhaRao9VqY2i2fu_CpGgIyUBo_L9jVyCdqoBgQ3J_g3msu3ty1jEtoTOegmIPXdMK9gQi50SuTGpavkOx7U0KDKhvXuFZZ4PhMYfMod7ftz0N8jbFhIHj5rb7bi8eOnwlBQ_SjJ4dgqvtpRw50Q6fATsHcNLIXyrvOnLahqBlRG5xAMrdnEGpwyJ3Zy71SLwTBYU2D2EAMzsrmK1zUjyXPfeY-xH2qbL_4gQmGU8xD7VuX0qh7Gc_baltagsvn0eTvyGEgrfAlu5efp7uIjt6QgPVqnlW6K54gPS6smea2B4n4WMnQIr0lfoXY_lEEVqxMOzFPF0UvyrG0M7T1Y0iOHacevBa8jCMEsyHzVc5S7fzdV63yg7Z1DHR8mmD85dDBnvLGDNa2PCRLFc-cyYpOJlEVlN-OuXR2Pi_BgcebVvO3gDWsSdgDu03E0PMW9lrzNzb4gY_vE_LwDcdRQsjsypbc87QNKS6DBx0Vp6Uv3UIw_TdhMxRwwhS7NTyG6GfB1M6YHA4c6ik1IGOGMuhl-lWUpp55mQKXw933fPOLtd8HQtQIpVpF3N-p19-oCqSlY3RvfFvsYhVNp2jECTW-WkqBuliN0PIXN7K8UcsYbRXNFDipsJXlDmHH04cpllOnJM_p4YTyc8VeCyukOaKdDpEVdUQYR0PsAUpS_UEDQBVkpX5TPVT5DSwt0tetJQbLvTOREsiRjeiqNGpOEo2rYZk2jM69X6WIVH491QU8w5xO4suBuujx8vXt2N3TRR4q9iVWLtxdWIjkVIbyrIoinGuFNurnti4UJqkgBIAHCFD-3XqAE4GdpVnvntXiDiWcoRImN0bKaLYgz-YeYTxlOV0XE0bwjKfBecIsZEOijBRDwO-GPkuHy4D_PCPucPT4Llkw9Tv-oQOKRhuJSjxh8y8gmnWwfwrHArOzafvlKLFuFrx81Ysot5F7J8RcUnOZcEDG3lGjiYANy39x0TytQpWLfMEJ3NsuP58AGdzkAr5E3NAJ3UBHHxiDbtyGxXXLFiv3iXWCFUad22Tk6fSPkNL-nzA_fnKWM8zkstl8q2faYp_5oOI5vMYZ554qXcvi8ykV5sYEsLwBE8IjsinPktJm1qyspxbyV-niiz-NF3HWloQDaOviwNTxF6hDT1qB4mNxkWFbI0TEFN9UB99fKj2g7p7qOqctZxgGbl_BYQSn9tGKlGWFH3VMn16jt4q7huADUe_xPCIF7WbV0NeyuhTSK6qdCuk1f1Jg-HjftZ75uNTxqey8mQJ8zs77VJEjY9fr1PgXwi_sSWDBa3z0hBShu6Qu0K_taicTEwYTiKb5Jlvkh0uK9ZSg9ptiugPp8fkuZGf1J-_f8cEzUZTpDrDWnPKU6TzjtRw21ul_ehVXS20hLNwODmsZ6Eu2MQ32dia49JcB1Jzlp_argTpAvN40WNsbga_hSzCDsZKVim_HllqFVf9Ok0O9su7a-stR1BxXqZ3ljqt2qem3RjYZGtcthQjMobUbU_pv4FzQtWgOEXvNcU5FopS1p7QU-FEZ6LgzoJ4eADAf9clb3qzHy72HD5JqyJQdAehhnLiM6Gq4aAegECBHQQwtSuibOtpPME-QRn5Lky6m4jCi6Hb0QcAK4arje_iy6d4THeoFIdEgwHiVhCfhzfjUt1Kjw0zQ6J9K0O8h0_g9Ig4wtZwEVFtsT42v9HWKZ8JwFSzN5ZwOLlJbKIz_b5AJh4imNAKftRoPnihz3JgMG9v1jVLX9axFDPttmlAv08Nd2gT_NrRRKNsVGWo6iYoggo5yobLt5zKyTjnD_V52_RbpXtRPdkMxP-I8U4RuRCsSrAhcaqxmMZOGzOHCtAQUbNv-wTFCrLePZXRrYytlyxYT6kmFMpfWF6fR9wBflNcl9Zg3hFQXBl8yWqx7tPwHkfAxZPO5st1QQ_ubKwnVuCY83o52wsOFBvtuu0LEcjuww&cid=CAQSOwDq26N9HNW44CzpZTSqc_TntLnjq-M8IJg28VUFMDTzFyiEZCqo2HtbinccDZfqKvYjco_ORxjmODjLGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
c2e5ecf59c20cd885723675fc055814e6d0f839e139e24aee0b8aa359be98c2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11274
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D95 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CjGxayVNIggmjuCv4zZDA-pl0rqO6nLOvEYjvgAZSDdJg1CVDP1Y2WsVpk_XC8rCpITFzI1SLxSmpAQLeNc7yesSxNFxzm0wq7-58WHPvd0qU-ejs
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 6D95 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:35:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 6D95 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:35:47 GMT
l
www.google.com/ads/measurement/ Frame 6D95 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSC3UUwVyKNifyWAq_WvzsMuakvXCcR8PJGyCw89CvxuXcnd9qX4Nk2ol_oMye4RbxVESSOIfQSGVdM3JlmW9rNsUY_fw
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6D95 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 11:59:50 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13885821050941341696/ Frame 4FFB 		166 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13885821050941341696/index.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
efd5d702ff6a3fc55a83a8169b88378fce858743bf2e3fa228a9cab51170b884
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
213520
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
43678
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 00:41:09 GMT
expires
Wed, 08 Nov 2023 00:41:09 GMT
last-modified
Wed, 25 Nov 2020 19:47:46 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame A65F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ce8zltOdsY8i0IIaSvQSq1rrACvrFkKxt-_bHsMEQss3O29cSEAEguoTAM2Cr7LGF4BigAfGr9JYDyAEJqQKCnxr7QrejPuACAKgDAaoEuwJP0GOgRTT3JpdnrykC3ZU7s4ycXrN-hBmdZAxdwC9dGNgh9TNlM8XMtVIdWP0E8MYJPWqtC8z55hifw7I34IP0hQO6MxdcTEyF49bPnZJBDj9wUrxH8zy9Vax7MosB2k06ZCjPeKEj7kY9yY5xHe2efFEPPQri0I-z0AR6kEeYCXD02DOUCNERpGZ6rB-7rbYhfqB5z1QEhpLsxLr1Wp6C-Ua0TO74HFsXGake_cU1Wu_i_Hlt9QUpNh7OGk1UBf_0O9Mo35gT-WCUR5fuobpgbYYanm_Mao07YYpv3aB4n1Kwvgf138Azz9KPCxNv179ImPLWfVkZYPnt1XrU1KCXvCWIV07HFQ2l2_nbqzKq_bPH0pwHA8BiuklMMxFi0inEktzI_TYZUY1uSyZ9ILfrIcrzEbDaOaBqW9rABOqat97_AeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAZrgAf304tpqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcEEKaxAdIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAdgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=XBfwj8-vjvM&uach_m=[UACH]&cid=CAQSOwDq26N9HNW44CzpZTSqc_TntLnjq-M8IJg28VUFMDTzFyiEZCqo2HtbinccDZfqKvYjco_ORxjmODjLGAEgEw&template_id=531
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8874 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
3005
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:09:44 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame A65F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:35:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame A65F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:35:47 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 11:59:50 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EB8A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CB3fwtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgSxAk_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckKk0aqyu9D2lXTMSpTIxgZHCs0VTLzGI8zUJmeZfwFjWEzoIg5mN4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=GhhFNnG8ryQ&uach_m=[UACH]&cid=CAQSOwDq26N9HNW44CzpZTSqc_TntLnjq-M8IJg28VUFMDTzFyiEZCqo2HtbinccDZfqKvYjco_ORxjmODjLGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame EB8A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kOCGEvn1BnjYBGL4LRICAAAA-ONZtFtuTcMQtOdsY-g70qxHOFbK7WM4ABIAAA&wp=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
174407
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 91D9 		205 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
6828916f821123b594efeb74662d35fd5afb0b070a45563b35ebc473dc3ead52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:50 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=hiV9xyyYSBah6BrTvj0J7W8Dt3G9jeezatLgUxMZQZtggU24LHPrHRmd9sqoB6hhJ4jDE2DTkyNQ4sWjpwVQ-JxuZSyR4746qNfGaKGltsReSdD13wJ2r91Z8anjrg8TqO5LeFx-4wXaZ6boggFBxwxjaVFUSbJhS43mQgiS3WQqTWYMJvnoODBGn9nZhgC4Ws4oh4IFpKv-tRoBnw1_J6mIlBtpU4iaG_PzrleZQa0jzx0kpqzPO_kRN3GSHTywUuTYx6Aa8tQ3gC74"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
118973599
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame EB8A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:35:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5C1D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
79470
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 13:55:19 GMT
etag
48472445140208031
expires
Thu, 10 Nov 2022 13:55:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame EB8A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:35:47 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame EB8A 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 01:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7370
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 10 Nov 2023 01:58:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EB8A 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 11:59:50 GMT
css
fonts.googleapis.com/ Frame 1A82 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 11:59:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 11:17:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Nov 2022 11:59:50 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 1A82 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 01:36:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
37370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 01:36:59 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/13094608949199738707/ Frame 1A82 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13094608949199738707/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
b24ccb72ecc2ae9647b0d7a8adb325240b3a65d4ee222fc24137fd823b7abc72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31928
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 01:16:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 10 Nov 2023 11:59:50 GMT
truncated
/ Frame 1A82 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33de850682d1c7a0265eac72af330c39f0d59067c7371e6648a80a50f5a9c044

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/ Frame 1A82 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
d25748100cd828212b1c129e0e8cf70249c8b147a458db5cad88d9b19159b633
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:36:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
41029
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9353
x-xss-protection
0
server
cafe
etag
2177555007986509113
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:36:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 1A82 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:35:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 1A82 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:35:47 GMT
l
www.google.com/ads/measurement/ Frame 1A82 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnSib1Dtr3eNx1wy4tmXpzWE1PGrteKQH2UMxRYjSEHLwYumHjauZrA0uE51PiwUiyBxdw9x4vd250FmbFxeOml40ijw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A82 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 11:59:50 GMT
0d3fd3b530a886383bd6b91513e5ed38.js
www.gstatic.com/mysidia/ Frame 1A82 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 21:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
569892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14033
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 20:40:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 01 Feb 2023 21:41:38 GMT
rum
dsum-sec.casalemedia.com/ Frame 701E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICELGQ6u0CGOeI-9UBMAE&v=APEucNV10AEphfZn8-7kfXWWzk0V3sGqaybPVhXBlGqWJwikbt-8Xra2ClDDdPtBscs2hKenkFX6vg2fTSrPvaIP8_IgSIxZBA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 701E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2zntpi6Oq2k.CyHZ.pljgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICELGQ6u0CGOeI-9UBMAE&v=APEucNV10AEphfZn8-7kfXWWzk0V3sGqaybPVhXBlGqWJwikbt-8Xra2ClDDdPtBscs2hKenkFX6vg2fTSrPvaIP8_IgSIxZBA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 701E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKnE9JNN4wI8erXVGw19YHQ&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKnE9JNN4wI8erXVGw19YHQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICELGQ6u0CGOeI-9UBMAE&v=APEucNV10AEphfZn8-7kfXWWzk0V3sGqaybPVhXBlGqWJwikbt-8Xra2ClDDdPtBscs2hKenkFX6vg2fTSrPvaIP8_IgSIxZBA
Protocol
HTTP/1.1
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:50 GMT
AN-X-Request-Uuid
1a792d42-8fde-4756-9d17-f81593087d8a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKnE9JNN4wI8erXVGw19YHQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 701E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2ODgxNzU5NjIxNjYwODcxOQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2ODgxNzU5NjIxNjYwODcxOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICELGQ6u0CGOeI-9UBMAE&v=APEucNV10AEphfZn8-7kfXWWzk0V3sGqaybPVhXBlGqWJwikbt-8Xra2ClDDdPtBscs2hKenkFX6vg2fTSrPvaIP8_IgSIxZBA
Protocol
H2
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 10 Nov 2022 11:59:49 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
534d37fb-5a16-4d7a-809b-3549b77df349
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2ODgxNzU5NjIxNjYwODcxOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6D95 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cpc90Mn81qfElmUWZwJeCpsqjyMLaPZ5tl68yArXw7dJhu6pTJLAWkUpON6P7Q1wp_Cl4vdY3klV6V1xI3LMPAIY3mVsmZGUDGNBG7DgK6mdrpyyhXqspJXqrZSf4JL_WGqHVOMLMUDLqT-xExmGnkld6uIbKiXHm9GZf4qWbnr7oqMJ4&cry=1&dbm_d=AKAmf-CgfftSevPlFFoMDQy6PNcG_3MmE-90rIwAv6B_wvSLHMH3FKY_WBvwdKQg0qtqbCR0hSL0lXkeW2goDUb14LFZ_swfQKNINo4b5_RpH59GWPZpA6Yfuw1Q77XaEq6i3EzSNZBtETkzUB_5E92Z-3mKx09KLVqNwolb9cz8EMeZsd-t5Sg7ZsJBdj_rx17rvslGKuFz0OuOCuOUH7hhZi0LIY7wR6Lq09OSTjNUeH44OJg7APRtt5mQE8rg0yKe85WKw3yQ_QKbdQlme9bDD6Y9SXExYGhJckPBj7kFaQikjwgZS5a6rIlJ8uAQ4hxYpwxp257ZrWQjsv6WA7XnnZWemSIXJ9NFHgwcTCpRF5vNfP5X4nlG2cGVmacOnLeMRgtvBA7m7YzHhxn98sJ5yGBM6XKxZVpN02V_BKT2PygSBKRUu2NP-4ypNjQGIEC_Br2r__3k7tvUnib_oPUIv_dOuomcRF3qBGZu5rZhBArJRemXsugXN39YhNRmjk-IbTPl-Bh6seZwzwsQmXh5A1z6Q3lEp_6TuQa-nklH7FMV4U77OII8jIgvfPcAi3YkBlqZdGv_pXsiY6vYiAiYwFag3RgG8UV7SCJ37cVWe1hgQvZgPvl-y2UTR9uGmIi7icVdV2RWmfz29xwfo1FjsqaeW9cNfbmL6XqDtATTOpx4MZccEy-w95HFrSExItq90sUW8VAZsGX6tiblB0bayXK0mvmpuFWyiC6So67LF-IVOS7Su8VDLw6Aj8S9wGWdtVXv5eDfbytgpYVzS1e8GjKfZYuqVXcrTuCUzkVA38daytFhVZG427mTlT-gOiYhgGv4R1jtUrb0pPg1iyUrUGYvjq0YSkguv4fAb5Q6dMUjlaX4qB9MAoeSxXY_AUgNSLxJH46LCHaF_tnDoSnM_7oSS3Fi5ufCfoVi2m5p4bN_xBKRTRka3uCRWbxE4sK9meTnEoY0tbGu_WZ_Ah4sxG_nzoemFEhPKyhnzE9Thcdt8k5JXg6VT8XW6p8CtcAr6BHdt79MQk7-1EBnO4KCvvpnrpv3lQlqDlStZE_U2jF8bnI7nuUaVE62h8FWyqx-K0avwagY_hpd66WCS_7Ew2i4mLE8BT2GYOotfxJdehEg9f5PrCaBlkXBVjd_4eKB1s4_OpgBghy_snz43HTpMwW1td1DcWkqBotg_6e0349pf7v9QTYwVWdATWBdhsuqNbtLFiO18Hhpkeg5eYoMjZGpcYVyS377UJWYfVavRIN1ly93AK1Lnym4LUdBgRL57biq9qCz5_OKQA5dhWX6YhHB-Bcu5tXt6Qo4nrDoq15S3bbrTcv1ZpX-K_zWdwinyVajLldLXj8m4RL1YP6kWhCHbiGBa0YYluVuYO0rYhJogUsfhZFCNxg4BLCeR5-oPaWKCwXWFHVTNTGq_UBT9ftKoaCqqZsJ5TvaQRAu8vGyWNARCe-50IY42vZgK0y4uKSokPd3__q3U4Rmms4fEJCAGS1npoYhze71twDbHUkV4cmjbRy0xEIILvGW3QyKH1IpG29kM2I5lhaRao9VqY2i2fu_CpGgIyUBo_L9jVyCdqoBgQ3J_g3msu3ty1jEtoTOegmIPXdMK9gQi50SuTGpavkOx7U0KDKhvXuFZZ4PhMYfMod7ftz0N8jbFhIHj5rb7bi8eOnwlBQ_SjJ4dgqvtpRw50Q6fATsHcNLIXyrvOnLahqBlRG5xAMrdnEGpwyJ3Zy71SLwTBYU2D2EAMzsrmK1zUjyXPfeY-xH2qbL_4gQmGU8xD7VuX0qh7Gc_baltagsvn0eTvyGEgrfAlu5efp7uIjt6QgPVqnlW6K54gPS6smea2B4n4WMnQIr0lfoXY_lEEVqxMOzFPF0UvyrG0M7T1Y0iOHacevBa8jCMEsyHzVc5S7fzdV63yg7Z1DHR8mmD85dDBnvLGDNa2PCRLFc-cyYpOJlEVlN-OuXR2Pi_BgcebVvO3gDWsSdgDu03E0PMW9lrzNzb4gY_vE_LwDcdRQsjsypbc87QNKS6DBx0Vp6Uv3UIw_TdhMxRwwhS7NTyG6GfB1M6YHA4c6ik1IGOGMuhl-lWUpp55mQKXw933fPOLtd8HQtQIpVpF3N-p19-oCqSlY3RvfFvsYhVNp2jECTW-WkqBuliN0PIXN7K8UcsYbRXNFDipsJXlDmHH04cpllOnJM_p4YTyc8VeCyukOaKdDpEVdUQYR0PsAUpS_UEDQBVkpX5TPVT5DSwt0tetJQbLvTOREsiRjeiqNGpOEo2rYZk2jM69X6WIVH491QU8w5xO4suBuujx8vXt2N3TRR4q9iVWLtxdWIjkVIbyrIoinGuFNurnti4UJqkgBIAHCFD-3XqAE4GdpVnvntXiDiWcoRImN0bKaLYgz-YeYTxlOV0XE0bwjKfBecIsZEOijBRDwO-GPkuHy4D_PCPucPT4Llkw9Tv-oQOKRhuJSjxh8y8gmnWwfwrHArOzafvlKLFuFrx81Ysot5F7J8RcUnOZcEDG3lGjiYANy39x0TytQpWLfMEJ3NsuP58AGdzkAr5E3NAJ3UBHHxiDbtyGxXXLFiv3iXWCFUad22Tk6fSPkNL-nzA_fnKWM8zkstl8q2faYp_5oOI5vMYZ554qXcvi8ykV5sYEsLwBE8IjsinPktJm1qyspxbyV-niiz-NF3HWloQDaOviwNTxF6hDT1qB4mNxkWFbI0TEFN9UB99fKj2g7p7qOqctZxgGbl_BYQSn9tGKlGWFH3VMn16jt4q7huADUe_xPCIF7WbV0NeyuhTSK6qdCuk1f1Jg-HjftZ75uNTxqey8mQJ8zs77VJEjY9fr1PgXwi_sSWDBa3z0hBShu6Qu0K_taicTEwYTiKb5Jlvkh0uK9ZSg9ptiugPp8fkuZGf1J-_f8cEzUZTpDrDWnPKU6TzjtRw21ul_ehVXS20hLNwODmsZ6Eu2MQ32dia49JcB1Jzlp_argTpAvN40WNsbga_hSzCDsZKVim_HllqFVf9Ok0O9su7a-stR1BxXqZ3ljqt2qem3RjYZGtcthQjMobUbU_pv4FzQtWgOEXvNcU5FopS1p7QU-FEZ6LgzoJ4eADAf9clb3qzHy72HD5JqyJQdAehhnLiM6Gq4aAegECBHQQwtSuibOtpPME-QRn5Lky6m4jCi6Hb0QcAK4arje_iy6d4THeoFIdEgwHiVhCfhzfjUt1Kjw0zQ6J9K0O8h0_g9Ig4wtZwEVFtsT42v9HWKZ8JwFSzN5ZwOLlJbKIz_b5AJh4imNAKftRoPnihz3JgMG9v1jVLX9axFDPttmlAv08Nd2gT_NrRRKNsVGWo6iYoggo5yobLt5zKyTjnD_V52_RbpXtRPdkMxP-I8U4RuRCsSrAhcaqxmMZOGzOHCtAQUbNv-wTFCrLePZXRrYytlyxYT6kmFMpfWF6fR9wBflNcl9Zg3hFQXBl8yWqx7tPwHkfAxZPO5st1QQ_ubKwnVuCY83o52wsOFBvtuu0LEcjuww&cid=CAQSOwDq26N9HNW44CzpZTSqc_TntLnjq-M8IJg28VUFMDTzFyiEZCqo2HtbinccDZfqKvYjco_ORxjmODjLGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 04:23:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
372987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Nov 2023 04:23:22 GMT
frm
www.adtrek.co/adserver/ Frame 416C 		16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCIG04tOdsY8e0IIaSvQSq1rrACtKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKCnxr7QrejPqgDAaoE2AFP0FKmk82LS20KF3dYjXTIBLjeY3lIwXT3M8BOrsWG-AO0mzukNik3dkuHV99gj1BBK5SGbZacKhBic6pNv0zIVHIfu9X8HXIPZhZ6_qIO0fJaElA_1sLA8lM53O49CeFlTqWxnVqyXH8xMDc0XBamAt-bMx6pYnpzLnm3sPZR_lqrvQ2cT1_9rhh4Ot4htpdBYf0XslOh_i-iuE0ZHVwmoQOWsEEqLu597Ru7trgVoXVqXaOGIUBoP5WSCtCOWooHD3UEBpnILnCmy2LddDZyMGuFV4uY0mfABM3vyeyGBOAEA5AGAaAGTYAHuP3U7AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBsBPb6fEQyBO3jKThA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9HNW44CzpZTSqc_TntLnjq-M8IJg28VUFMDTzFyiEZCqo2HtbinccDZfqKvYjco_ORxjmODjLGAEgEw%26sig%3DAOD64_2x27y4DsoLGq2wE1AeDDaXNhby-Q%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CiNHTL3QoSfzinSV6EWjqbyQ4GKR_W45HH7Oeh0tSShWdYiFUfMufvYIrJF-i9VFAqQOJGUASJcd3hwpTG6vOeNsQr1HJwqkOGPgbcRKTIlIF3C0OXIvQJZMG_jN6gzVzt2Xbjj1RPSKCoBpiZn4oQ_JqYZ5E34VlgI4cKPnmkGPLySMw%26cry%3D1%26dbm_d%3DAKAmf-D2TXzJdoXyRK3vfjX4AMseO5662jf53wI3j5RekBt95xOC9haZqiRX5GkecuyeimU45_dYKmb1EwbUce4PvF_U_j1FR_VwyNnj4s-FUlkx_dGMdRip5lF3VWksSK_e1xvFvlgfbrWVRiE4GhFu1Rkgnt_dY9jhFrXJZU_Fd4IJQSaUK5WBqscbMY-xYCqBZCEO_vUs1YPEVaUQw-_2LhYGNvUTsdFEO04UarLIZZu9oMRMqqSMwQyVIeXQHUo0gOhtOiY1hi1eyqT4m1nJV5Q-eIbwfsIpzXMmwLctCMgIwGcN7naX_N0IqiTUAx4Zf7igyWg1o9ikI0_LjHhwa7kX4Wm7JBZOPXOYX1ypsdXgL2ZxrD4wmZV6PyWQ0AJ85ehRHiEL5BSEEyNQ9IebF8RM-RO2hvuhtOnEAZqIlv_JAf7YQcTMojrmDEVmmrKG6zJ5Btqq-WWuI7yLDZ73Rr_Ewo86yYTv0kKy6SA2KYG5i4qGibie-_NFvTDFwe-1lsqAtJJt4_r7b5cjXOrMZJFF-Sjh5rdU6K3ksf0jyCdZmoU4fudTSchS0bbXoYl3is8R8o5cH2lubOZFyV1pf-cSF9-nkSHLVglnB3WAEaQF5M7bAIrtzHK_Zt1cyGwmOGNHO8A8DHzVUtLM3AZf91f88cdsm6VEISykof2qSdBZfpe4hxs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1668081588531015
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.237.117.95 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-237-117-95.ap-southeast-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7b37126639961d0475f5f28c9887fbd21671e1a96a891120183d3182365eb586

Request headers

Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
15988
Content-Type
text/html; charset=utf-8
Date
Thu, 10 Nov 2022 11:59:50 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7F6A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
79470
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 13:55:19 GMT
etag
48472445140208031
expires
Thu, 10 Nov 2022 13:55:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6D95 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a338c761e41f1324cfd4118c0fc1009e815050f3fa15c421a0d0c8f516a8a014

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8874
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:50 GMT
expires
Thu, 10 Nov 2022 11:59:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:50 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4FFB 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13885821050941341696/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:27:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
1933
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 11 Nov 2022 11:27:37 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4FFB 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13885821050941341696/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 03:33:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
30401
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 11 Nov 2022 03:33:09 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5C1D 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJ6iDFJMAn5oFox0T5-xTjI&google_cver=1&google_push=ASkJ3Fa1Do8tAs4s6oYrN0puUeYvalPxPI2yl-l93rtZUht8C08-RfJFWn1OQX0zMdLbyTb-FIOR8kgs3oocN4YzVV1Qp9kpsgTX4cOm7mxIP0_i7ZbyQsqGvnM_xk-bOXLhktu9USqhu-A
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 5C1D
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEMcSPllpGvwZI1FEBp5dzis&google_cver=1&google_push=ASkJ3FY8dwc6FCPDpx0RyaTWhDSlVgQfJB_gF21o66xslwzvmFJIrhCrAe1baIjgD3ftQBOybcnAR3590Si1NZJSpesbOpDRrsntHWbY...
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEE0NjRFOTBERDQ4OTkwMA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEE0NjRFOTBERDQ4OTkwMA==
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEE0NjRFOTBERDQ4OTkwMA==
date
Thu, 10 Nov 2022 11:59:50 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 5C1D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAdxhU9g7-lcFMXtlrMver0&google_cver=1&google_push=ASkJ3FZLjLLeQXutzt4Kw10aPaH9PvQQEkOV2h9Lc4x3h4fUepMWtO3RQKKJ7V3khmD0F2iB1q7q3aLtuQOT0GYpJ_2_m-D...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZLjLLeQXutzt4Kw10aPaH9PvQQEkOV2h9Lc4x3h4fUepMWtO3RQKKJ7V3khmD0F2iB1q7q3aLtuQOT0GYpJ_2_m-Dit52wvmfVPixeGhsmSR2_VsgEiaxgANnnymwcM...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZLjLLeQXutzt4Kw10aPaH9PvQQEkOV2h9Lc4x3h4fUepMWtO3RQKKJ7V3khmD0F2iB1q7q3aLtuQOT0GYpJ_2_m-Dit52wvmfVPixeGhsmSR2_VsgEiaxgANnnymwcMbCBK4mBDF6B&google_hm=NTU1ODM5Mjg3Njc5NDY3MzIzMw%3D%3D
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Nov 2022 11:59:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZLjLLeQXutzt4Kw10aPaH9PvQQEkOV2h9Lc4x3h4fUepMWtO3RQKKJ7V3khmD0F2iB1q7q3aLtuQOT0GYpJ_2_m-Dit52wvmfVPixeGhsmSR2_VsgEiaxgANnnymwcMbCBK4mBDF6B&google_hm=NTU1ODM5Mjg3Njc5NDY3MzIzMw%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5C1D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEAlCwIcsQuc5NxNNg3VJJWw&google_cver=1&google_push=ASkJ3FbX_jCa5lqR-GVqm8ZS7gdL54bKelVCdWjNSZrfg33wDY3U_IiXQAlZ--RiWMnJrS2HSq5fBybTTDGkvKCcr...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEAlCwIcsQuc5NxNNg3VJJWw&google_cver=1&google_push=ASkJ3FbX_jCa5lqR-GVqm8ZS7gdL54bKelVCdWjNSZrfg33wDY3U_IiXQAlZ--RiWMnJrS2HSq5fBybTTDG...
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ASkJ3FbX_jCa5lqR-GVqm8ZS7gdL54bKelVCdWjNSZrfg33wDY3U_IiXQAlZ--RiWMnJrS2HSq5fBybTTDGkvKCcrHzsWsXU1UoCvBfCvG0ISxb9MiOi0nlZ3j79b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ASkJ3FbX_jCa5lqR-GVqm8ZS7gdL54bKelVCdWjNSZrfg33wDY3U_IiXQAlZ--RiWMnJrS2HSq5fBybTTDGkvKCcrHzsWsXU1UoCvBfCvG0ISxb9MiOi0nlZ3j79bQR7QABn3Mw61OEaFU6F&google_hm=cm7UR5nyQSywXq8yRqMetg==
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ASkJ3FbX_jCa5lqR-GVqm8ZS7gdL54bKelVCdWjNSZrfg33wDY3U_IiXQAlZ--RiWMnJrS2HSq5fBybTTDGkvKCcrHzsWsXU1UoCvBfCvG0ISxb9MiOi0nlZ3j79bQR7QABn3Mw61OEaFU6F&google_hm=cm7UR5nyQSywXq8yRqMetg==
Date
Thu, 10 Nov 2022 11:59:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 5C1D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHD3Mr1dMW3DE4tgWvKS1Yo&google_cver=1&google_push=ASkJ3Fajg2MLVwMdRQn2Mjec6b8RM8ios3mGMLRlHG8QWWzIa584Z72T9cwL0hllqZf9kmmanat...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCMFBJRUYtMU8tTFE0RA==&google_push=ASkJ3Fajg2MLVwMdRQn2Mjec6b8RM8ios3mGMLRlHG8QWWzIa584Z72T9cwL0hllqZf9kmmanatnABYoo7dGUt0f__kFJyNZmM89l...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCMFBJRUYtMU8tTFE0RA==&google_push=ASkJ3Fajg2MLVwMdRQn2Mjec6b8RM8ios3mGMLRlHG8QWWzIa584Z72T9cwL0hllqZf9kmmanatnABYoo7dGUt0f__kFJyNZmM89ldovnCzY73WIdOeShHDPWKmcKtX3srS3R1ibl_5Lt7cm
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCMFBJRUYtMU8tTFE0RA==&google_push=ASkJ3Fajg2MLVwMdRQn2Mjec6b8RM8ios3mGMLRlHG8QWWzIa584Z72T9cwL0hllqZf9kmmanatnABYoo7dGUt0f__kFJyNZmM89ldovnCzY73WIdOeShHDPWKmcKtX3srS3R1ibl_5Lt7cm
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Expires
0
pixel
cm.g.doubleclick.net/ Frame 5C1D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKLDQlTW_opjyDqiQ4eyQLY&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKLDQlTW_opjyDqiQ4eyQLY&google_push=AS...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKLDQlTW_opjyDqiQ4eyQLY&google_hm=Y2zntpi6Oq2k-CyHZ-pljgAAFMIAAAIB&google_nid=index&google_push=ASkJ3FZOKtXot0qGyYKPmKVK4tnm4-A22FMTu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKLDQlTW_opjyDqiQ4eyQLY&google_hm=Y2zntpi6Oq2k-CyHZ-pljgAAFMIAAAIB&google_nid=index&google_push=ASkJ3FZOKtXot0qGyYKPmKVK4tnm4-A22FMTuCI28aQi-EcJqJLXuG2rcKz76Mz2w348bRgBCaNUxwrqFgHdTq6cA8mkqbJfibmC1Hivmc2mXw4JVgZUA-l9ciL2MH6CaFcR9Lsuuqhp_p_7
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MB36Ost%2FGgq6Q1WozuYMF0qaHngDuxJr1zJhvW60P3JTGbYFF4t2oWFrbH6Qy7Qw8g0PDSUe2now733%2BOpdIJedEBxdG92Uuo%2B%2FJw%2FFNoiek0WAJFlKCm23%2BiRjaKV8t4fzfrBUQya2oLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKLDQlTW_opjyDqiQ4eyQLY&google_hm=Y2zntpi6Oq2k-CyHZ-pljgAAFMIAAAIB&google_nid=index&google_push=ASkJ3FZOKtXot0qGyYKPmKVK4tnm4-A22FMTuCI28aQi-EcJqJLXuG2rcKz76Mz2w348bRgBCaNUxwrqFgHdTq6cA8mkqbJfibmC1Hivmc2mXw4JVgZUA-l9ciL2MH6CaFcR9Lsuuqhp_p_7
cache-control
no-cache
cf-ray
767e9fd58a24fb94-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 5C1D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKqBNQQcykBryjmw6XbdoZg&google_cver=1&google_push=ASkJ3FZWe-dDPSD4XBLqNjU-XlA_FtNBOY-Uq6lgLpOEqpl49rbOGpTgm6CeYZN1GgkRFNMVHYBn4S1UPKX...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGFpIFJUJVgA2HjWoWMJbUq6IyDWxM6bdw&google_push=ASkJ3FZWe-dDPSD4XBLqNjU-XlA_FtNBOY-Uq6lgLpOEqpl49rbOGpTgm6CeYZN1GgkRFNMVHYBn4S1UPK...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5C1D 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LzREqKzIdHTQMB8IxmxQGok4w4DfxdcMvBVbAerby8gSPpFNO11qi519Dc8cQ0kv_15iqNUQ
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
googleads.g.doubleclick.net/xbbe/ Frame 283F 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGO3C9tcBMAE&v=APEucNWB1EkRAaQtGx9yX6iweGtMjkO7LSqmn848of_8EpGZzrNbCkrZCaIwZRVvY4SD_0bZlmJgXSSuNk_ZMamhI0zadesi9A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 872F 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cfbe2ai62HdkSqAurSFA4CyQ2aUwEiBie9tin3puJxCp5MFa4_ayV6jjKTc0dkqEnQW2RdQfiXyCuKq_sIlbvrXV44swhsQQkCYI7EP4iA60u4_3PmuEpZo1VlOZMUl5TSzKhAEVVgiwceT5g7WAHo00R0IzkIqrddhzYRUtBA1vrR6F8&cry=1&dbm_d=AKAmf-C1xGSg-SdcqDCAzOBYaGwI7i2_AaGjjL5cN73eVP2aTNOgCLw7QFiOaijodu4BQjf_kRN3O_dYCo3ReJIXUT47gqwoTYkK-FG7NDD25h3G_WwmtpbSYsPQMx_Mf3RWPAubpjCQe5rBtzgNGqZRnUASPuHSlkQ1_Uaq1i9x-sBGg4pgw95iKqbwok6hrG0Q2_xPHKSwSC-4cNZyYmkFriwmbTCxjNYc7xtxO7S9rLLsxxJ_GYduo07xdQZAw_PDDS3Ivh9v3BsCRV2akAL0MNSNZBwFCns8F8HevW3kGC1N85MaO5Xr9mXU9ZuIZbJMKMfO-TMZsqW3xicWokNtdQPqudJOzbQ-9zIyP297sx_g_8FtMyFiPsCMI1h6ObsVmsF5e52QS1NghwUb2p2ATQJFdp5l5FZkvJU0cFFx1xwdfrmVa96lGDyIiHMXctQu4zOr2x5mMR7t90kn6qMNTiXQgbr2i5evedrwPA_pKgF5qvgVor_LxOWpGqpC3Lf-C7ReBqCw__ha4GtFuvAJCTM6FcOWSH400_x8Poj2IvOasHkwZB6prBUBOXs685gc2R_P5IZrVX81XStt5qSQxx9Ix2xbuwt1RUbHOQUOE43TfKLUidWWTb-_9DeHSO9GA-bX0j6gvV86AzMuu4lK-MLGHtLP9t8-QK9RAWzSjzFrPUL0rnCngIRLSyOKej5Yuc5GpEK_Cuj5zRh8G1BhBjyVOOycoWdKkrjMVCiHgPTzIlP8d6ydGY-DtDJOa-xEaWPkUuDBgfDfNKixJmM9Z-bysRHL9OVe5mcgWNQSoTYMCw9jbDL_XBy7mM2iE62WRmdFJsno8T6LqR5I9c7kOxsGMLtfdSVt8Q0g788QUOMVJ1PhzMjIgbEijlU3YDVHzZl5D-iwqM6bgPqV1_bQKdLlG-_u72_p0iss4schGDj0u7mZulmEDn2m3XcVn2WF3NwwX8Qr8A5C_qSXZn-2YcExEvx1j980WajvPDW1lCOe9svowUFBrYRr1pcZxmBtPj2ArIwv3aFgZIqi5XMLOf9EnLjpixcjaF0Z6IuwsNASdFXG4JtLzBM2E6Gvr0lWp_IQOmHM3a4_va-0-FHfh3YKM1n4IU7gSN43UYonOJihWsMdqRBJ3wcaVKrSvAooSMaR-2yftfwjK6trGQtIuglht9l7LhA3B6HQDJYJcsDTC5S4Au_bUESTjPoXHfgSqy1UAkRf5oyQTsdj0rdHOoMh7akF2xF6mNpoN8yRdsBFUARMU65XN7w94EZCqjs9vsabGPCl0xsZ9T3HoaSo0ItFHVXbkPvQRdgbo_QQdzJ2N4uyQoYlMlITimifslJuHda0hrC4Pkfkcnx0y-JGaEmAGGw_184TkysxQmmxLzZk7AaYeGv-efagiwWZ1FmC1mapnF_m6DQ_MfagnJET1eqTLk7_trO0ifQHsAXfOKlDyMwHJk0JuOC0wv1lWq4qhOJZPlDBTosBvsqT8HYrrAPfezdq9Mi4SXFhqW5j13XJ3o5vKa0kNbj6Ba9PtyG4XvQfV76Ay6I9kzSZ0ugRG6kxRK8CtRDzjkreZLwnN65FjQRxwmuqm1dlUthO71UfPRgIkFOhM9XXynw__IwdkOOaeVOsPA5L-PUaYcN46KVkXTYNYh_TyS2le55VmvaWO1O7ascXYDnOH5MGQZIC1FP7GREyctiEvr9PM03gOLgtgw3e6Gjo-ImoWsKtgZvrXqYi7atOeZ_foZZM7ca8vzrE-ojyQJQsDs-k4xnN-Z7fQ14HSK2Seml2VaYYmOj8fpOFIAum9VQuYYygCtqHi6xVjmLhUQp8jNyhBFGL11tga9wSnp91Wcm6jTvlo15Mxnp7ZJK1ZTO9Z3xLUfz1SMmj_5p4bLwHl9jYhVI5uEYWhg-6rZwXA2cYEMRcxqM1Bqk81VooOtnTx4X99tHxdZuIHq9yCv70JIncenyB4FaXsI3oRhq4m8Kmy9IHJehsGzl4zamJk3q41w4ONt99GBnihrPR1An8WVZSCf6uD1nZUy2s1c-Hym1qfuuqc3_98zhNpFdVokZq9jv4WOcjzzKyYwtCmey80TKeNVW7G4JSQzuT4dduJkQ6kZg6cP84uuw8eSM8_3QqvRvb9MXa0MUoyt1l65NHj4xAEPWxx3atr-h1tuybP2r_EkM1K4r_6hoh7Fc_itOKJ8_ZnJed3pl1BPi4uSY5rScaxTcATiSB4Da_wxYo-Ii7gtydKlcq82Qy0vU1s3KJ6JBrjM7-eHWXhuXtznARPtocvvY7Ve7LF9xjwCivWCP-tblk9UqZ5r7Pv58j1pCbwjQzlYygyj9GRKXjBeAhiXd9FtfODn0sA-2JihO3D18uM4809ikFSVLiCDJXkDJLfYhUnwwPTcNqedJzC4J9JzAhCfV-9oo1Gsf-ibzZDO6WiltAf5o5g1JwzBH6ssxBRV6fDU21insnMmQGhn-Vv_15tdHQgKfMZPpmmCwZt21IegHnh_ZrsqGR_8KC3pGFRenoOIqagazE-HN1Z8palBeeJCZaI9hUNyujD_CsQ8Zr9DCtQ9npRz-dWIinMxDzyDuz69dLa-SSxhjAik7VCd93bhrbUF3fgZ7t7qUDcPrxysvcfuEVdoBZuHR7ryTzTMXUj5Iigz5z5_QhD_-c4t7RCbk65WL1Oe7kXBMaIjcRty1VOX-Y2E8UzZIww_tZBT6_T20ceEV-UAC86UIJwsOVUEqN6xfJYawvdQ3NW0O_y43lrWpYd0pUAWPoJjH51nBBerhU324GEytsahI9AdVnE4LXS2ccLaUO9jo-mgVTp3Zn1EbBLNVMP5qn6O0sbyGL06T_z7IvvFkM7yCrxZve-bmN61LomY2TcK22btGgyLi4Ag0ruAP8e-9TSGUOL2_aIn14VUdiIXP3L0XzF1D2t4TUBcuowFvUAV2MmFVpPEibkqLFUdkzSeqof5sJ8_bGujumkxdAR-CGNm81qoxI3jsE9iRQe39OjzLz970FJsGFBkOf796uZmR4BAQkKj7xHPsFdg8iY3a0XqKQp3E9VshHBDaOOiSB2Rx6kLRN71XRmtVnTY8uLbpB_gQHW8Usq-a_zjSt748qDICElR0roP7y45U8HFvs3OHmQ82EipoCwhi8caPOwWZU2LeTXj7lXbrPL46Z6d6jqdp7lpjAdRTRtKEJYpP2F-33NmAk3ZFfAC5IOEbnHMl9t_nzU1FFYvN-5aQTwSsWCUcg1OYpq6N0LpDztK8GsNBa6_5I6WUzslm7HIJpKnEPndtLTLk07isdPLCwRF-msHOnNfR2A1_JNFJtWK-1HUa9VR4j1uOIEZ-oNwhaDhS9lWwBZytsxR7mLlt37klPolhIY6aVNFBwdNQbxK4Aowu7ujRWmLqzCIhquCX9kPjxoJdpPGMPqtR_F426B5sNi8gtqXHtfxGKmJ7XdGVCCm4rVgMZx86Z4nekTu8dKpaqNC1dl8QKG9HSJVqH5udhejutXyW9RI0vX7y1ndLqpYbojZK1zZ1l4Zz1QNjlG4Zne5QfcETRtobyUJBX_ZJVKyCK1flC_MakP-UfGKDhnSP7O7txqyaq5r2vOTaRNUIvs4sZpZOC-347RaFDMInmiCoFm5U5ee_7gec_fRZcnt0&cid=CAQSKQDq26N9TEn4bqrK5A8mAmcfrp3yqdRATveADkf76NWYhKAUDIlicPL0GAEgEw&rfl=5%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2C%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
cabf0c93ba5889d582e985f93b156242d8c92ea6d3645097bc15d5f8038ab441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34271
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 872F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41043
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:35:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 872F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
41043
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:35:47 GMT
l
www.google.com/ads/measurement/ Frame 872F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHS9TYkuUIVzIsn_S3ceR3oq6rKuJ7xBsPshscyO-v8obrBLOCgCbn7BPNnwPzC-TAnJvfNfhXA9SM-zCW8TGdsufVXw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 872F 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 11:59:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 872F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CtHLwD2a76P2505O_uxaQ1dKCwuoh_qcdi-HVgS-IC9jJE6YT1swyqH6Ti70TTs7YWkZALeKpcRFhJL0DvQk3v_KFLzJij6UNrZ1wUwKdNm9MnkjA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7F6A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEID9V0Q_-WkaGXzwwBEYV9w&google_cver=1&google_push=ASkJ3FaMBIjkanvipD-ODWqC7c3hvjsLlnzS7rtoPnuwB5eApoOSdQ6pOblF8wc8NhLJvoACWdWbubtuds8ue_fa...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaMBIjkanvipD-ODWqC7c3hvjsLlnzS7rtoPnuwB5eApoOSdQ6pOblF8wc8NhLJvoACWdWbubtuds8ue_fany3fBH_ghSS9p8YE305LvuGrka3fgW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaMBIjkanvipD-ODWqC7c3hvjsLlnzS7rtoPnuwB5eApoOSdQ6pOblF8wc8NhLJvoACWdWbubtuds8ue_fany3fBH_ghSS9p8YE305LvuGrka3fgW-WUYeAGhIzPH2mlByp9q_lrMU
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 10 Nov 2022 11:59:50 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaMBIjkanvipD-ODWqC7c3hvjsLlnzS7rtoPnuwB5eApoOSdQ6pOblF8wc8NhLJvoACWdWbubtuds8ue_fany3fBH_ghSS9p8YE305LvuGrka3fgW-WUYeAGhIzPH2mlByp9q_lrMU
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 11:59:49 GMT
pixel
cm.g.doubleclick.net/ Frame 7F6A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFBN0D9j7PQAx9jWM0RawPk&google_cver=1&google_push=ASkJ3FZHJqpHnsJNmZu8RqYzpza-JNivZWA0cLtbb8ppE7n70oHC4uPCyS3jRf1xcQRxTiiS4qJNs12oO_mi69gPLhDatvwd2eAROz...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CBB3449584FC457981FF4C30C539177B&google_push=ASkJ3FZHJqpHnsJNmZu8RqYzpza-JNivZWA0cLtbb8ppE7n70oHC4uPCyS3jRf1xcQRxTiiS4qJNs12oO_mi69g...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CBB3449584FC457981FF4C30C539177B&google_push=ASkJ3FZHJqpHnsJNmZu8RqYzpza-JNivZWA0cLtbb8ppE7n70oHC4uPCyS3jRf1xcQRxTiiS4qJNs12oO_mi69gPLhDatvwd2eAROzngkZ510xn2E1jp0IqI50wS7uj942CbxTChM8_hUl0
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Nov 2022 11:59:50 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CBB3449584FC457981FF4C30C539177B&google_push=ASkJ3FZHJqpHnsJNmZu8RqYzpza-JNivZWA0cLtbb8ppE7n70oHC4uPCyS3jRf1xcQRxTiiS4qJNs12oO_mi69gPLhDatvwd2eAROzngkZ510xn2E1jp0IqI50wS7uj942CbxTChM8_hUl0
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 09 Nov 2022 11:59:50 GMT
pixel
cm.g.doubleclick.net/ Frame 7F6A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO2A7AEHLAvJMbOgOP5lRHs&google_cver=1&google_push=ASkJ3Fb3HqlX54gNcoDV7Dotjh7H4OBYYFl9LgXkcbS08qz6nzBGvZYzBGCt0fJxHwmFkcfLk1OOggTA...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO2A7AEHLAvJMbOgOP5lRHs&google_cver=1&google_push=ASkJ3Fb3HqlX54gNcoDV7Dotjh7H4OBYYFl9LgXkcbS08qz6nzBGvZYzBGCt0fJxHwmFkcfLk1O...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMwNzgxNTU5Mjg5NTY0Nzc1MQ&google_push=ASkJ3Fb3HqlX54gNcoDV7Dotjh7H4OBYYFl9LgXkcbS08qz6nzBGvZYzBGCt0fJxHwmFkcfLk1OOgg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMwNzgxNTU5Mjg5NTY0Nzc1MQ&google_push=ASkJ3Fb3HqlX54gNcoDV7Dotjh7H4OBYYFl9LgXkcbS08qz6nzBGvZYzBGCt0fJxHwmFkcfLk1OOggTAibVqRFHJ-lOdx5BSZhMAt7ZeZ-3REdjkKSSVrKIot_L14rayw24yx2dtxuc0bJ1V
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDMwNzgxNTU5Mjg5NTY0Nzc1MQ&google_push=ASkJ3Fb3HqlX54gNcoDV7Dotjh7H4OBYYFl9LgXkcbS08qz6nzBGvZYzBGCt0fJxHwmFkcfLk1OOggTAibVqRFHJ-lOdx5BSZhMAt7ZeZ-3REdjkKSSVrKIot_L14rayw24yx2dtxuc0bJ1V
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 7F6A
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEB73yg0VgQJOIVLp7hajwHM&google_cver=1&google_push=ASkJ3FagxDOozKObL7rLgcIdTebX17ufRyX6BEIds1glKQDj00h-8YrZsHQ9SX6iH_vHMPaNejvh3eC8M1xqc5ugESZEm4ABa...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExMDgzMTkwNzQ0MzYwNjAwMFYxMA%3d%3d&mn_hm=MzExMDgzMTkwNzQ0MzYwNjAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FagxDOozKObL7rLgcIdTebX17u...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExMDgzMTkwNzQ0MzYwNjAwMFYxMA%3d%3d&mn_hm=MzExMDgzMTkwNzQ0MzYwNjAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FagxDOozKObL7rLgcIdTebX17ufRyX6BEIds1glKQDj00h-8YrZsHQ9SX6iH_vHMPaNejvh3eC8M1xqc5ugESZEm4ABa9FFXKgeKFi9UiQ8WNOevaD53n_3ci0zeSTaU8SfBhPrvDye&gdpr=&gdpr_consent=
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:50 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExMDgzMTkwNzQ0MzYwNjAwMFYxMA%3d%3d&mn_hm=MzExMDgzMTkwNzQ0MzYwNjAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FagxDOozKObL7rLgcIdTebX17ufRyX6BEIds1glKQDj00h-8YrZsHQ9SX6iH_vHMPaNejvh3eC8M1xqc5ugESZEm4ABa9FFXKgeKFi9UiQ8WNOevaD53n_3ci0zeSTaU8SfBhPrvDye&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Thu, 10 Nov 2022 11:59:50 GMT
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 7F6A 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEIjRHpIZzk8Bbe2piJkYKTQ&google_cver=1&google_push=ASkJ3FZmxrkKZjV5xonrxVbvOkqPqp7ZudgOefgz_dyB2FsIwHRBSa9qm7tEHABwtirLJf676gj7RecdaI47CxuTqfEDRTYzxLtpLgOGMQ1L3ij8j7r3qgzvnHYDRJ0OLDmZk2oL4Rreomkc
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 7F6A
Redirect Chain
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEN_zp8jkdGw9pWgDsmUCNaA&google_cver=1&google_push=ASkJ3FZENRvYjSPkJpSh4COA2LYwMHACo6f2La43sKoBynpF_O3I6TAVOtsELcC009BYYZDllPDDaoew93y68KE...
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FZENRvYjSPkJpSh4COA2LYwMHACo6f2La43sKoBynpF_O3I6TAVOtsELcC009BYYZDllPDDaoew93y68KEcXVx6TQwfVPbY2J13O5opBElLITObG3F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FZENRvYjSPkJpSh4COA2LYwMHACo6f2La43sKoBynpF_O3I6TAVOtsELcC009BYYZDllPDDaoew93y68KEcXVx6TQwfVPbY2J13O5opBElLITObG3FwvnM90ePjF_duioPbNLSQ4RU&google_hm=MjQ0NjRiY2UtNzMwNS0zOWE5LWI5OTctOWJhNDM5NDZlOGI3
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FZENRvYjSPkJpSh4COA2LYwMHACo6f2La43sKoBynpF_O3I6TAVOtsELcC009BYYZDllPDDaoew93y68KEcXVx6TQwfVPbY2J13O5opBElLITObG3FwvnM90ePjF_duioPbNLSQ4RU&google_hm=MjQ0NjRiY2UtNzMwNS0zOWE5LWI5OTctOWJhNDM5NDZlOGI3
date
Thu, 10 Nov 2022 11:59:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7F6A
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEOwuDJe6kgsJXUURYMRO31c&google_cver=1&google_push=ASkJ3FbITshuHotj8Y0lriu85KLsvEZb0cH8lRN0Y7miUfo6Ag0CgBhKlzrl1rkesnUTwunwgqsDfCa_z86SM7QaF...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=M2ZhMDg3MTAtZmYzYS00ZmNlLTg2ZjItMzRiNTc1YTk4MTEz&google_push=ASkJ3FbITshuHotj8Y0lriu85KLsvEZb0cH8lRN0Y7miUfo6Ag0CgBhKlzrl1rke...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=M2ZhMDg3MTAtZmYzYS00ZmNlLTg2ZjItMzRiNTc1YTk4MTEz&google_push=ASkJ3FbITshuHotj8Y0lriu85KLsvEZb0cH8lRN0Y7miUfo6Ag0CgBhKlzrl1rkesnUTwunwgqsDfCa_z86SM7QaFP8MU37x5Ci4JwdmkjXXajVaJzAXrhvoedJJbnkeRVxTzF3jEi3wEV4bKw
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=M2ZhMDg3MTAtZmYzYS00ZmNlLTg2ZjItMzRiNTc1YTk4MTEz&google_push=ASkJ3FbITshuHotj8Y0lriu85KLsvEZb0cH8lRN0Y7miUfo6Ag0CgBhKlzrl1rkesnUTwunwgqsDfCa_z86SM7QaFP8MU37x5Ci4JwdmkjXXajVaJzAXrhvoedJJbnkeRVxTzF3jEi3wEV4bKw
date
Thu, 10 Nov 2022 11:59:50 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 7F6A 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRrQmIGNAiE6RhH7-tPU1n-weurFLap8nRivyrP7XiLvyjsp1D-eGf_SVuhzKMp1lKP567Ako
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A65F 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 11:59:50 GMT
truncated
/ Frame A65F 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
038192d5ad9475223f1dbc9d906ce02502daae866784df87ccecee8c3c8defe8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 283F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGO3C9tcBMAE&v=APEucNWB1EkRAaQtGx9yX6iweGtMjkO7LSqmn848of_8EpGZzrNbCkrZCaIwZRVvY4SD_0bZlmJgXSSuNk_ZMamhI0zadesi9A
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 283F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2zntpX8d22C7tHk7dTWjAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGO3C9tcBMAE&v=APEucNWB1EkRAaQtGx9yX6iweGtMjkO7LSqmn848of_8EpGZzrNbCkrZCaIwZRVvY4SD_0bZlmJgXSSuNk_ZMamhI0zadesi9A
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyTwDe7355UZGUCzqxtnPA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 283F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKnE9JNN4wI8erXVGw19YHQ&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKnE9JNN4wI8erXVGw19YHQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGO3C9tcBMAE&v=APEucNWB1EkRAaQtGx9yX6iweGtMjkO7LSqmn848of_8EpGZzrNbCkrZCaIwZRVvY4SD_0bZlmJgXSSuNk_ZMamhI0zadesi9A
Protocol
HTTP/1.1
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:50 GMT
AN-X-Request-Uuid
34d378dc-7a31-4030-b9e5-12db54e42f60
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKnE9JNN4wI8erXVGw19YHQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 283F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2ODgxNzU5NjIxNjYwODcxOQ%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2ODgxNzU5NjIxNjYwODcxOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGO3C9tcBMAE&v=APEucNWB1EkRAaQtGx9yX6iweGtMjkO7LSqmn848of_8EpGZzrNbCkrZCaIwZRVvY4SD_0bZlmJgXSSuNk_ZMamhI0zadesi9A
Protocol
H2
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 10 Nov 2022 11:59:50 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ca54cc34-6a4b-40ee-8464-c6730cd8d85e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2ODgxNzU5NjIxNjYwODcxOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame EB8A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63fef893caa8e132a1d76982f6f30e0b39515ed31063853d93ee01cff074798a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F19E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
79471
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 13:55:19 GMT
etag
48472445140208031
expires
Thu, 10 Nov 2022 13:55:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
shopping
encrypted-tbn0.gstatic.com/ Frame 4FFB 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTL92QrK9TYKwRgUlGTgBJrCqK0jFvEM5CM9lF7r646nRaXzf4SwB52fRRnvw&usqp=CAI
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f101.1e100.net
Software
sffe /
Resource Hash
01513572e7cf0b64bb892c936a545f572352a07993f97a63024461efbde136dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 09:25:47 GMT
x-content-type-options
nosniff
age
9243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31280
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 03:15:30 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 10 Nov 2023 09:25:47 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 4FFB 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSJPb_uB3dEwdpyM84jdtpNdxTYN4jzb7GepchZKbbwiLseX1mrxiY3-wcns5k&usqp=CAI
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
sffe /
Resource Hash
66fa482bd3b385975db3abb16ffbc88f9fbb4f5b0b737540b3fae81e9b47b8e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 17 Oct 2022 01:38:15 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13309
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 10 Nov 2023 11:59:50 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 4FFB 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSc4G4kCg8GfPPB4zbv_my-ugvt04zgluh799MAFpGomh2JZlEEKlZG37-fYXQ&usqp=CAI
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f101.1e100.net
Software
sffe /
Resource Hash
1d7a8675b6647538e61d96f183ab74523f08737993efdb3be807781572177bb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 05:14:55 GMT
x-content-type-options
nosniff
age
24295
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33623
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 19:43:44 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 10 Nov 2023 05:14:55 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 4FFB 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSZcEWZJK58OpkNfaxtcdYK4Rx42DYVXyT78oh5Rqr6DrTUJlhbFz4rln7Nid4&usqp=CAI
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f102.1e100.net
Software
sffe /
Resource Hash
0ab416c95199e325861b98ac0e2fd955c062d2b3e14eec5c5caffb4cd430c3b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 09:25:47 GMT
x-content-type-options
nosniff
age
9243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29809
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 02:04:38 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 10 Nov 2023 09:25:47 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 4FFB 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRW5sP-8peHozhv9f10gp3p5-dsMAOaWjTtl39hDDB_npW0ZBujcAGnATjKLbc&usqp=CAI
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f102.1e100.net
Software
sffe /
Resource Hash
719ea747db8c1745533e9c64c78c9bf541073487fd61dba1b18c5f16d5f17088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 09:25:47 GMT
x-content-type-options
nosniff
age
9243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40783
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 13:37:31 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 10 Nov 2023 09:25:47 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 4FFB 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSptl2HqAlaYXS_6Qs4UfIa5Nz7oWiP4N49Q4IY2IHJQbbFvBZyJxA8U1zlAg&usqp=CAI
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f101.1e100.net
Software
sffe /
Resource Hash
4c64dbc02e2995030212280c7de9d5c748e3239427a5f3fa1b8578f195e47db6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 17:58:57 GMT
x-content-type-options
nosniff
age
64853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29208
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 01:34:49 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 09 Nov 2023 17:58:57 GMT
logo-stacked.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13885821050941341696/ Frame 4FFB 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13885821050941341696/logo-stacked.svg
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
3e5596cfb1f92d12c210d363062b7ca07eacaa2840a4c73b095c2e87e652597d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Nov 2022 18:05:24 GMT
age
237266
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2618
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 19:47:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 07 Nov 2023 18:05:24 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13885821050941341696/ Frame 4FFB 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13885821050941341696/logo.png
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
b2ec40061da9773e9e9eceeb7dbfaf4afd13f49d3ab890a8566aec199919624b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 07 Nov 2022 18:05:24 GMT
x-content-type-options
nosniff
age
237266
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55785
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 19:47:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 07 Nov 2023 18:05:24 GMT
truncated
/ Frame 1A82 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
555c3daf2520cd7e8dc09dcc471b5780859dbc4415a4896a7906bf82ee19b6c6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 872F 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 09:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Nov 2022 09:20:05 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221108/r20110914/elements/html/ Frame 872F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221108/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cfbe2ai62HdkSqAurSFA4CyQ2aUwEiBie9tin3puJxCp5MFa4_ayV6jjKTc0dkqEnQW2RdQfiXyCuKq_sIlbvrXV44swhsQQkCYI7EP4iA60u4_3PmuEpZo1VlOZMUl5TSzKhAEVVgiwceT5g7WAHo00R0IzkIqrddhzYRUtBA1vrR6F8&cry=1&dbm_d=AKAmf-C1xGSg-SdcqDCAzOBYaGwI7i2_AaGjjL5cN73eVP2aTNOgCLw7QFiOaijodu4BQjf_kRN3O_dYCo3ReJIXUT47gqwoTYkK-FG7NDD25h3G_WwmtpbSYsPQMx_Mf3RWPAubpjCQe5rBtzgNGqZRnUASPuHSlkQ1_Uaq1i9x-sBGg4pgw95iKqbwok6hrG0Q2_xPHKSwSC-4cNZyYmkFriwmbTCxjNYc7xtxO7S9rLLsxxJ_GYduo07xdQZAw_PDDS3Ivh9v3BsCRV2akAL0MNSNZBwFCns8F8HevW3kGC1N85MaO5Xr9mXU9ZuIZbJMKMfO-TMZsqW3xicWokNtdQPqudJOzbQ-9zIyP297sx_g_8FtMyFiPsCMI1h6ObsVmsF5e52QS1NghwUb2p2ATQJFdp5l5FZkvJU0cFFx1xwdfrmVa96lGDyIiHMXctQu4zOr2x5mMR7t90kn6qMNTiXQgbr2i5evedrwPA_pKgF5qvgVor_LxOWpGqpC3Lf-C7ReBqCw__ha4GtFuvAJCTM6FcOWSH400_x8Poj2IvOasHkwZB6prBUBOXs685gc2R_P5IZrVX81XStt5qSQxx9Ix2xbuwt1RUbHOQUOE43TfKLUidWWTb-_9DeHSO9GA-bX0j6gvV86AzMuu4lK-MLGHtLP9t8-QK9RAWzSjzFrPUL0rnCngIRLSyOKej5Yuc5GpEK_Cuj5zRh8G1BhBjyVOOycoWdKkrjMVCiHgPTzIlP8d6ydGY-DtDJOa-xEaWPkUuDBgfDfNKixJmM9Z-bysRHL9OVe5mcgWNQSoTYMCw9jbDL_XBy7mM2iE62WRmdFJsno8T6LqR5I9c7kOxsGMLtfdSVt8Q0g788QUOMVJ1PhzMjIgbEijlU3YDVHzZl5D-iwqM6bgPqV1_bQKdLlG-_u72_p0iss4schGDj0u7mZulmEDn2m3XcVn2WF3NwwX8Qr8A5C_qSXZn-2YcExEvx1j980WajvPDW1lCOe9svowUFBrYRr1pcZxmBtPj2ArIwv3aFgZIqi5XMLOf9EnLjpixcjaF0Z6IuwsNASdFXG4JtLzBM2E6Gvr0lWp_IQOmHM3a4_va-0-FHfh3YKM1n4IU7gSN43UYonOJihWsMdqRBJ3wcaVKrSvAooSMaR-2yftfwjK6trGQtIuglht9l7LhA3B6HQDJYJcsDTC5S4Au_bUESTjPoXHfgSqy1UAkRf5oyQTsdj0rdHOoMh7akF2xF6mNpoN8yRdsBFUARMU65XN7w94EZCqjs9vsabGPCl0xsZ9T3HoaSo0ItFHVXbkPvQRdgbo_QQdzJ2N4uyQoYlMlITimifslJuHda0hrC4Pkfkcnx0y-JGaEmAGGw_184TkysxQmmxLzZk7AaYeGv-efagiwWZ1FmC1mapnF_m6DQ_MfagnJET1eqTLk7_trO0ifQHsAXfOKlDyMwHJk0JuOC0wv1lWq4qhOJZPlDBTosBvsqT8HYrrAPfezdq9Mi4SXFhqW5j13XJ3o5vKa0kNbj6Ba9PtyG4XvQfV76Ay6I9kzSZ0ugRG6kxRK8CtRDzjkreZLwnN65FjQRxwmuqm1dlUthO71UfPRgIkFOhM9XXynw__IwdkOOaeVOsPA5L-PUaYcN46KVkXTYNYh_TyS2le55VmvaWO1O7ascXYDnOH5MGQZIC1FP7GREyctiEvr9PM03gOLgtgw3e6Gjo-ImoWsKtgZvrXqYi7atOeZ_foZZM7ca8vzrE-ojyQJQsDs-k4xnN-Z7fQ14HSK2Seml2VaYYmOj8fpOFIAum9VQuYYygCtqHi6xVjmLhUQp8jNyhBFGL11tga9wSnp91Wcm6jTvlo15Mxnp7ZJK1ZTO9Z3xLUfz1SMmj_5p4bLwHl9jYhVI5uEYWhg-6rZwXA2cYEMRcxqM1Bqk81VooOtnTx4X99tHxdZuIHq9yCv70JIncenyB4FaXsI3oRhq4m8Kmy9IHJehsGzl4zamJk3q41w4ONt99GBnihrPR1An8WVZSCf6uD1nZUy2s1c-Hym1qfuuqc3_98zhNpFdVokZq9jv4WOcjzzKyYwtCmey80TKeNVW7G4JSQzuT4dduJkQ6kZg6cP84uuw8eSM8_3QqvRvb9MXa0MUoyt1l65NHj4xAEPWxx3atr-h1tuybP2r_EkM1K4r_6hoh7Fc_itOKJ8_ZnJed3pl1BPi4uSY5rScaxTcATiSB4Da_wxYo-Ii7gtydKlcq82Qy0vU1s3KJ6JBrjM7-eHWXhuXtznARPtocvvY7Ve7LF9xjwCivWCP-tblk9UqZ5r7Pv58j1pCbwjQzlYygyj9GRKXjBeAhiXd9FtfODn0sA-2JihO3D18uM4809ikFSVLiCDJXkDJLfYhUnwwPTcNqedJzC4J9JzAhCfV-9oo1Gsf-ibzZDO6WiltAf5o5g1JwzBH6ssxBRV6fDU21insnMmQGhn-Vv_15tdHQgKfMZPpmmCwZt21IegHnh_ZrsqGR_8KC3pGFRenoOIqagazE-HN1Z8palBeeJCZaI9hUNyujD_CsQ8Zr9DCtQ9npRz-dWIinMxDzyDuz69dLa-SSxhjAik7VCd93bhrbUF3fgZ7t7qUDcPrxysvcfuEVdoBZuHR7ryTzTMXUj5Iigz5z5_QhD_-c4t7RCbk65WL1Oe7kXBMaIjcRty1VOX-Y2E8UzZIww_tZBT6_T20ceEV-UAC86UIJwsOVUEqN6xfJYawvdQ3NW0O_y43lrWpYd0pUAWPoJjH51nBBerhU324GEytsahI9AdVnE4LXS2ccLaUO9jo-mgVTp3Zn1EbBLNVMP5qn6O0sbyGL06T_z7IvvFkM7yCrxZve-bmN61LomY2TcK22btGgyLi4Ag0ruAP8e-9TSGUOL2_aIn14VUdiIXP3L0XzF1D2t4TUBcuowFvUAV2MmFVpPEibkqLFUdkzSeqof5sJ8_bGujumkxdAR-CGNm81qoxI3jsE9iRQe39OjzLz970FJsGFBkOf796uZmR4BAQkKj7xHPsFdg8iY3a0XqKQp3E9VshHBDaOOiSB2Rx6kLRN71XRmtVnTY8uLbpB_gQHW8Usq-a_zjSt748qDICElR0roP7y45U8HFvs3OHmQ82EipoCwhi8caPOwWZU2LeTXj7lXbrPL46Z6d6jqdp7lpjAdRTRtKEJYpP2F-33NmAk3ZFfAC5IOEbnHMl9t_nzU1FFYvN-5aQTwSsWCUcg1OYpq6N0LpDztK8GsNBa6_5I6WUzslm7HIJpKnEPndtLTLk07isdPLCwRF-msHOnNfR2A1_JNFJtWK-1HUa9VR4j1uOIEZ-oNwhaDhS9lWwBZytsxR7mLlt37klPolhIY6aVNFBwdNQbxK4Aowu7ujRWmLqzCIhquCX9kPjxoJdpPGMPqtR_F426B5sNi8gtqXHtfxGKmJ7XdGVCCm4rVgMZx86Z4nekTu8dKpaqNC1dl8QKG9HSJVqH5udhejutXyW9RI0vX7y1ndLqpYbojZK1zZ1l4Zz1QNjlG4Zne5QfcETRtobyUJBX_ZJVKyCK1flC_MakP-UfGKDhnSP7O7txqyaq5r2vOTaRNUIvs4sZpZOC-347RaFDMInmiCoFm5U5ee_7gec_fRZcnt0&cid=CAQSKQDq26N9TEn4bqrK5A8mAmcfrp3yqdRATveADkf76NWYhKAUDIlicPL0GAEgEw&rfl=5%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2C%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 15:10:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
74964
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 15:10:26 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221108/r20110914/ Frame 872F 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221108/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cfbe2ai62HdkSqAurSFA4CyQ2aUwEiBie9tin3puJxCp5MFa4_ayV6jjKTc0dkqEnQW2RdQfiXyCuKq_sIlbvrXV44swhsQQkCYI7EP4iA60u4_3PmuEpZo1VlOZMUl5TSzKhAEVVgiwceT5g7WAHo00R0IzkIqrddhzYRUtBA1vrR6F8&cry=1&dbm_d=AKAmf-C1xGSg-SdcqDCAzOBYaGwI7i2_AaGjjL5cN73eVP2aTNOgCLw7QFiOaijodu4BQjf_kRN3O_dYCo3ReJIXUT47gqwoTYkK-FG7NDD25h3G_WwmtpbSYsPQMx_Mf3RWPAubpjCQe5rBtzgNGqZRnUASPuHSlkQ1_Uaq1i9x-sBGg4pgw95iKqbwok6hrG0Q2_xPHKSwSC-4cNZyYmkFriwmbTCxjNYc7xtxO7S9rLLsxxJ_GYduo07xdQZAw_PDDS3Ivh9v3BsCRV2akAL0MNSNZBwFCns8F8HevW3kGC1N85MaO5Xr9mXU9ZuIZbJMKMfO-TMZsqW3xicWokNtdQPqudJOzbQ-9zIyP297sx_g_8FtMyFiPsCMI1h6ObsVmsF5e52QS1NghwUb2p2ATQJFdp5l5FZkvJU0cFFx1xwdfrmVa96lGDyIiHMXctQu4zOr2x5mMR7t90kn6qMNTiXQgbr2i5evedrwPA_pKgF5qvgVor_LxOWpGqpC3Lf-C7ReBqCw__ha4GtFuvAJCTM6FcOWSH400_x8Poj2IvOasHkwZB6prBUBOXs685gc2R_P5IZrVX81XStt5qSQxx9Ix2xbuwt1RUbHOQUOE43TfKLUidWWTb-_9DeHSO9GA-bX0j6gvV86AzMuu4lK-MLGHtLP9t8-QK9RAWzSjzFrPUL0rnCngIRLSyOKej5Yuc5GpEK_Cuj5zRh8G1BhBjyVOOycoWdKkrjMVCiHgPTzIlP8d6ydGY-DtDJOa-xEaWPkUuDBgfDfNKixJmM9Z-bysRHL9OVe5mcgWNQSoTYMCw9jbDL_XBy7mM2iE62WRmdFJsno8T6LqR5I9c7kOxsGMLtfdSVt8Q0g788QUOMVJ1PhzMjIgbEijlU3YDVHzZl5D-iwqM6bgPqV1_bQKdLlG-_u72_p0iss4schGDj0u7mZulmEDn2m3XcVn2WF3NwwX8Qr8A5C_qSXZn-2YcExEvx1j980WajvPDW1lCOe9svowUFBrYRr1pcZxmBtPj2ArIwv3aFgZIqi5XMLOf9EnLjpixcjaF0Z6IuwsNASdFXG4JtLzBM2E6Gvr0lWp_IQOmHM3a4_va-0-FHfh3YKM1n4IU7gSN43UYonOJihWsMdqRBJ3wcaVKrSvAooSMaR-2yftfwjK6trGQtIuglht9l7LhA3B6HQDJYJcsDTC5S4Au_bUESTjPoXHfgSqy1UAkRf5oyQTsdj0rdHOoMh7akF2xF6mNpoN8yRdsBFUARMU65XN7w94EZCqjs9vsabGPCl0xsZ9T3HoaSo0ItFHVXbkPvQRdgbo_QQdzJ2N4uyQoYlMlITimifslJuHda0hrC4Pkfkcnx0y-JGaEmAGGw_184TkysxQmmxLzZk7AaYeGv-efagiwWZ1FmC1mapnF_m6DQ_MfagnJET1eqTLk7_trO0ifQHsAXfOKlDyMwHJk0JuOC0wv1lWq4qhOJZPlDBTosBvsqT8HYrrAPfezdq9Mi4SXFhqW5j13XJ3o5vKa0kNbj6Ba9PtyG4XvQfV76Ay6I9kzSZ0ugRG6kxRK8CtRDzjkreZLwnN65FjQRxwmuqm1dlUthO71UfPRgIkFOhM9XXynw__IwdkOOaeVOsPA5L-PUaYcN46KVkXTYNYh_TyS2le55VmvaWO1O7ascXYDnOH5MGQZIC1FP7GREyctiEvr9PM03gOLgtgw3e6Gjo-ImoWsKtgZvrXqYi7atOeZ_foZZM7ca8vzrE-ojyQJQsDs-k4xnN-Z7fQ14HSK2Seml2VaYYmOj8fpOFIAum9VQuYYygCtqHi6xVjmLhUQp8jNyhBFGL11tga9wSnp91Wcm6jTvlo15Mxnp7ZJK1ZTO9Z3xLUfz1SMmj_5p4bLwHl9jYhVI5uEYWhg-6rZwXA2cYEMRcxqM1Bqk81VooOtnTx4X99tHxdZuIHq9yCv70JIncenyB4FaXsI3oRhq4m8Kmy9IHJehsGzl4zamJk3q41w4ONt99GBnihrPR1An8WVZSCf6uD1nZUy2s1c-Hym1qfuuqc3_98zhNpFdVokZq9jv4WOcjzzKyYwtCmey80TKeNVW7G4JSQzuT4dduJkQ6kZg6cP84uuw8eSM8_3QqvRvb9MXa0MUoyt1l65NHj4xAEPWxx3atr-h1tuybP2r_EkM1K4r_6hoh7Fc_itOKJ8_ZnJed3pl1BPi4uSY5rScaxTcATiSB4Da_wxYo-Ii7gtydKlcq82Qy0vU1s3KJ6JBrjM7-eHWXhuXtznARPtocvvY7Ve7LF9xjwCivWCP-tblk9UqZ5r7Pv58j1pCbwjQzlYygyj9GRKXjBeAhiXd9FtfODn0sA-2JihO3D18uM4809ikFSVLiCDJXkDJLfYhUnwwPTcNqedJzC4J9JzAhCfV-9oo1Gsf-ibzZDO6WiltAf5o5g1JwzBH6ssxBRV6fDU21insnMmQGhn-Vv_15tdHQgKfMZPpmmCwZt21IegHnh_ZrsqGR_8KC3pGFRenoOIqagazE-HN1Z8palBeeJCZaI9hUNyujD_CsQ8Zr9DCtQ9npRz-dWIinMxDzyDuz69dLa-SSxhjAik7VCd93bhrbUF3fgZ7t7qUDcPrxysvcfuEVdoBZuHR7ryTzTMXUj5Iigz5z5_QhD_-c4t7RCbk65WL1Oe7kXBMaIjcRty1VOX-Y2E8UzZIww_tZBT6_T20ceEV-UAC86UIJwsOVUEqN6xfJYawvdQ3NW0O_y43lrWpYd0pUAWPoJjH51nBBerhU324GEytsahI9AdVnE4LXS2ccLaUO9jo-mgVTp3Zn1EbBLNVMP5qn6O0sbyGL06T_z7IvvFkM7yCrxZve-bmN61LomY2TcK22btGgyLi4Ag0ruAP8e-9TSGUOL2_aIn14VUdiIXP3L0XzF1D2t4TUBcuowFvUAV2MmFVpPEibkqLFUdkzSeqof5sJ8_bGujumkxdAR-CGNm81qoxI3jsE9iRQe39OjzLz970FJsGFBkOf796uZmR4BAQkKj7xHPsFdg8iY3a0XqKQp3E9VshHBDaOOiSB2Rx6kLRN71XRmtVnTY8uLbpB_gQHW8Usq-a_zjSt748qDICElR0roP7y45U8HFvs3OHmQ82EipoCwhi8caPOwWZU2LeTXj7lXbrPL46Z6d6jqdp7lpjAdRTRtKEJYpP2F-33NmAk3ZFfAC5IOEbnHMl9t_nzU1FFYvN-5aQTwSsWCUcg1OYpq6N0LpDztK8GsNBa6_5I6WUzslm7HIJpKnEPndtLTLk07isdPLCwRF-msHOnNfR2A1_JNFJtWK-1HUa9VR4j1uOIEZ-oNwhaDhS9lWwBZytsxR7mLlt37klPolhIY6aVNFBwdNQbxK4Aowu7ujRWmLqzCIhquCX9kPjxoJdpPGMPqtR_F426B5sNi8gtqXHtfxGKmJ7XdGVCCm4rVgMZx86Z4nekTu8dKpaqNC1dl8QKG9HSJVqH5udhejutXyW9RI0vX7y1ndLqpYbojZK1zZ1l4Zz1QNjlG4Zne5QfcETRtobyUJBX_ZJVKyCK1flC_MakP-UfGKDhnSP7O7txqyaq5r2vOTaRNUIvs4sZpZOC-347RaFDMInmiCoFm5U5ee_7gec_fRZcnt0&cid=CAQSKQDq26N9TEn4bqrK5A8mAmcfrp3yqdRATveADkf76NWYhKAUDIlicPL0GAEgEw&rfl=5%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2C%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ddd61ecebf36941bd6d1aa20ca07868d826fd9eb6f3a5e660e0afbb703ae6793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 14:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
76210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11141
x-xss-protection
0
server
cafe
etag
7611781198975194673
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 14:49:40 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame ED7B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
158692
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 15:54:58 GMT
expires
Wed, 08 Nov 2023 15:54:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i.match
s.tribalfusion.com/z/ Frame F19E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKAxe8yXg2e2S_qyObQazNQ&google_cver=1&google_push=ASkJ3FYV6UybECwxSnnbrLIZDuCaXlbc3_oMPDNhjLATmwRd15VMwptaU7T4gOgIZ7mgdFMLV10RuxktVRIyAhcLfwJIbTaGX5-_8...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKAxe8yXg2e2S_qyObQazNQ&google_cver=1&google_push=ASkJ3FYV6UybECwxSnnbrLIZDuCaXlbc3_oMPDNhjLATmwRd15VMwptaU7T4gOgIZ7mgdFMLV10RuxktVRIyAhcLfwJIbTaGX5-...
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKAxe8yXg2e2S_qyObQazNQ&google_cver=1&google_push=ASkJ3FYV6UybECwxSnnbrLIZDuCaXlbc3_oMPDNhjLATmwRd15VMwptaU7T4gOgIZ7mgdFMLV10RuxktVRIyAhcLfwJIbTaGX5-_8tDiNM819EyZFmj7H_BGBNpSqN9LcJxOmQu8loIORdyGJAFimNmrMsc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FYV6UybECwxSnnbrLIZDuCaXlbc3_oMPDNhjLATmwRd15VMwptaU7T4gOgIZ7mgdFMLV10RuxktVRIyAhcLfwJIbTaGX5-_8tDiNM819EyZFmj7H_BGBNpSqN9LcJxOmQu8loIORdyGJAFimNmrMsc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H2
Server
104.18.24.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
767e9fd87920ee96-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:50 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1423
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKAxe8yXg2e2S_qyObQazNQ&google_cver=1&google_push=ASkJ3FYV6UybECwxSnnbrLIZDuCaXlbc3_oMPDNhjLATmwRd15VMwptaU7T4gOgIZ7mgdFMLV10RuxktVRIyAhcLfwJIbTaGX5-_8tDiNM819EyZFmj7H_BGBNpSqN9LcJxOmQu8loIORdyGJAFimNmrMsc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FYV6UybECwxSnnbrLIZDuCaXlbc3_oMPDNhjLATmwRd15VMwptaU7T4gOgIZ7mgdFMLV10RuxktVRIyAhcLfwJIbTaGX5-_8tDiNM819EyZFmj7H_BGBNpSqN9LcJxOmQu8loIORdyGJAFimNmrMsc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
767e9fd68f3bee96-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
gdn.socdm.com/rtb/ Frame F19E
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEL-zakWC_edWHs5Fkk1g5A4&google_cver=1&google_push=ASkJ3FYv0K1tV4NVOtwGXZwPJ_mVxaKuasb2ebVJT--oLoF_sHflB4P27aYDMJlJMdlzI...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTJ6bnQ4Q281dWdBQVA1OVJwd0FBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESELnx1uoYl1RD4iXniB_lhjQ&google_cver=1
43 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESELnx1uoYl1RD4iXniB_lhjQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
HTTP/1.1
Server
124.146.215.4 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:52 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESELnx1uoYl1RD4iXniB_lhjQ&google_cver=1","cluster_id":35,"gdpr":false,"ipv4":"116.90.74.196","key":"Y2znt8Co5ugAAP59RpwAAAAA","privacy_sensitive":false,"uid":"Y2znt8Co5ugAAP59RpwAAAAA","upstream_id":"a-ad40123"}
X-SO-Key
Y2znt8Co5ugAAP59RpwAAAAA
X-SO-Upstream-ID
a-ad40123
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40123.dc2p.scaleout.jp
X-SO-UID
Y2znt8Co5ugAAP59RpwAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
116.90.74.196
X-SO-Cluster-ID
35
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
1
X-SO-LB-Hostname
m-ng11.dc4p.scaleout.jp

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESELnx1uoYl1RD4iXniB_lhjQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F19E
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEBGEH6bMZjxV_DbrBp2TPv8&google_cver=1&google_push=ASkJ3FZK8GdLUqKWLYVBKz5gpH9q6v3_8_K5JaBa2Nzj2bU5QKmJAOTTSXPvDqGJziX2ILOpKxr28...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FZK8GdLUqKWLYVBKz5gpH9q6v3_8_K5JaBa2Nzj2bU5QKmJAOTTSXPvDqGJziX2ILOpKxr28Qw7uFLQqqeomcnfTsYv79rcOCWmpgO8O6BMyHoqUgqajkWdczPD4h...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FZK8GdLUqKWLYVBKz5gpH9q6v3_8_K5JaBa2Nzj2bU5QKmJAOTTSXPvDqGJziX2ILOpKxr28Qw7uFLQqqeomcnfTsYv79rcOCWmpgO8O6BMyHoqUgqajkWdczPD4h42k73plTYlvUhM3fuLZRrWHWc&google_hm=US1xTWhwc3BRcEhXb0VyNldMcDctcEFxNHFr&from_google=sp1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:51 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FZK8GdLUqKWLYVBKz5gpH9q6v3_8_K5JaBa2Nzj2bU5QKmJAOTTSXPvDqGJziX2ILOpKxr28Qw7uFLQqqeomcnfTsYv79rcOCWmpgO8O6BMyHoqUgqajkWdczPD4h42k73plTYlvUhM3fuLZRrWHWc&google_hm=US1xTWhwc3BRcEhXb0VyNldMcDctcEFxNHFr&from_google=sp1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame F19E
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEKc7vx2Xf-jSURGIt5N4xAY&google_cver=1&google_push=ASkJ3Fab9YSFt7tQg6vGNKs6w21lgHtMmX1SyEYIpBWkoRZnD-FqPCNxRIhy8ZFI5w-LrY26WOBnX-A2N-EPIusHRXm4LUN56LymL6aE3...
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ASkJ3Fab9YSFt7tQg6vGNKs6w21lgHtMmX1SyEYIpBWkoRZnD-FqPCNxRIhy8ZFI5w-LrY26WOBnX-A2N-EPIusHRXm4LUN56LymL6aE352jnSojStlkyxgvTqHQ7j0e3KJxP7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ASkJ3Fab9YSFt7tQg6vGNKs6w21lgHtMmX1SyEYIpBWkoRZnD-FqPCNxRIhy8ZFI5w-LrY26WOBnX-A2N-EPIusHRXm4LUN56LymL6aE352jnSojStlkyxgvTqHQ7j0e3KJxP7bldInjXY957CpmLZpuwNw&google_hm=NTFPQnhwMDBtQkRHYTAwN1V2dW4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Thu, 10 Nov 2022 11:59:51 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=ASkJ3Fab9YSFt7tQg6vGNKs6w21lgHtMmX1SyEYIpBWkoRZnD-FqPCNxRIhy8ZFI5w-LrY26WOBnX-A2N-EPIusHRXm4LUN56LymL6aE352jnSojStlkyxgvTqHQ7j0e3KJxP7bldInjXY957CpmLZpuwNw&google_hm=NTFPQnhwMDBtQkRHYTAwN1V2dW4
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pixel
cm.g.doubleclick.net/ Frame F19E
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEGvrIcKp4zjn9iUfzawSysM&google_cver=1&google_push=ASkJ3FbIX-IRQ5zAigu06qji3cr3eo7rpv_9xFXS6qExXRpGNwhOJzaCUHJd81pZR3tviXdAM8dtsuXrAdTzzXWWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FbIX-IRQ5zAigu06qji3cr3eo7rpv_9xFXS6qExXRpGNwhOJzaCUHJd81pZR3tviXdAM8dtsuXrAdTzzXWWGct9Rq9mapKE4dvv3aIt6I8K9UWDxdIsssazbkRHPgU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FbIX-IRQ5zAigu06qji3cr3eo7rpv_9xFXS6qExXRpGNwhOJzaCUHJd81pZR3tviXdAM8dtsuXrAdTzzXWWGct9Rq9mapKE4dvv3aIt6I8K9UWDxdIsssazbkRHPgUqYpp2iePg4JiYUBiz9pgFYg&google_hm=AcJaq9PiakosnHLcgtA6Qrc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FbIX-IRQ5zAigu06qji3cr3eo7rpv_9xFXS6qExXRpGNwhOJzaCUHJd81pZR3tviXdAM8dtsuXrAdTzzXWWGct9Rq9mapKE4dvv3aIt6I8K9UWDxdIsssazbkRHPgUqYpp2iePg4JiYUBiz9pgFYg&google_hm=AcJaq9PiakosnHLcgtA6Qrc
Date
Thu, 10 Nov 2022 11:59:51 GMT
Server
Apache
Connection
keep-alive
Content-Length
285
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame F19E
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEMOp_FbrRg5rz7tq5YCMjZU&google_cver=1&google_push=ASkJ3FbmFlx5sB8P_i2pa15G4UP1hnrnGNQ0ec8S3byknD0L-yzgDlUPrbefCVUzX3RvjXKdBFYoez2TN_CNsFmOyIzjZ9pst4P...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbmFlx5sB8P_i2pa15G4UP1hnrnGNQ0ec8S3byknD0L-yzgDlUPrbefCVUzX3RvjXKdBFYoez2TN_CNsFmOyIzjZ9pst4PFijVyCNZbhTE0bZWULQC6FvOxRzUECIG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbmFlx5sB8P_i2pa15G4UP1hnrnGNQ0ec8S3byknD0L-yzgDlUPrbefCVUzX3RvjXKdBFYoez2TN_CNsFmOyIzjZ9pst4PFijVyCNZbhTE0bZWULQC6FvOxRzUECIGG2xjJqnDuncoOWFZCXxLGGRw&google_hm=ZzEwMjE1MzBjY2M3MTk5YjYxN2Y=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbmFlx5sB8P_i2pa15G4UP1hnrnGNQ0ec8S3byknD0L-yzgDlUPrbefCVUzX3RvjXKdBFYoez2TN_CNsFmOyIzjZ9pst4PFijVyCNZbhTE0bZWULQC6FvOxRzUECIGG2xjJqnDuncoOWFZCXxLGGRw&google_hm=ZzEwMjE1MzBjY2M3MTk5YjYxN2Y=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame F19E
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEGysZkhCXRUGS2RVsILLwSs&google_cver=1&google_push=ASkJ3FZ_GT67FSkN8LLetRP-1dzb7StDbTiYp-Lf8n_AHpKhPT9Mn38Vm5wqkfvQ5YRegDi479rMhrPwto3v7wjHuaBNjjW7LqIFqAv2...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FZ_GT67FSkN8LLetRP-1dzb7StDbTiYp-Lf8n_AHpKh...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOLn6TKfm_i7VlViX1WQnXOL4dkGKAsIi8au9YBA&google_push=ASkJ3FZ_GT67FSkN8LLetRP-1dzb7StDbTiYp-Lf8n_AHpKhPT9Mn38Vm5wqkfvQ5YRegDi479rMhrPwto3v7wjHuaBN...
  • https://cm.g.doubleclick.net/pixel?google_hm=8daVGgcg74ew2DpgNgR3&google_push=ASkJ3FZ_GT67FSkN8LLetRP-1dzb7StDbTiYp-Lf8n_AHpKhPT9Mn38Vm5wqkfvQ5YRegDi479rMhrPwto3v7wjHuaBNjjW7LqIFqAv2tWs2z9whH0j-D_m...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=8daVGgcg74ew2DpgNgR3&google_push=ASkJ3FZ_GT67FSkN8LLetRP-1dzb7StDbTiYp-Lf8n_AHpKhPT9Mn38Vm5wqkfvQ5YRegDi479rMhrPwto3v7wjHuaBNjjW7LqIFqAv2tWs2z9whH0j-D_m6R9lKOzqOirxdvXdzbVZYsyPsQWCe7nnjIBUl&google_nid=inmobi_new_eb
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Nov 2022 11:59:53 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=8daVGgcg74ew2DpgNgR3&google_push=ASkJ3FZ_GT67FSkN8LLetRP-1dzb7StDbTiYp-Lf8n_AHpKhPT9Mn38Vm5wqkfvQ5YRegDi479rMhrPwto3v7wjHuaBNjjW7LqIFqAv2tWs2z9whH0j-D_m6R9lKOzqOirxdvXdzbVZYsyPsQWCe7nnjIBUl&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
281
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame F19E 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IMjo4_btSJn0mdn80fAzdXRWsGmCYdIf7JutXjXvwQgecYfo1elb5QUeZpcqJMg5QC98Pqgg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 5ED7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110701&jk=1876437168037523&bg=!Hh2lHVnNAAbvMpMzzzI7ACkAdvg8Wig3KvvvuCJZILKzPFGqZFJILGkHU6DIEuk7wuYFjXu3WwrvQAIAAADFUgAAAANoAQeZAr_DHNS1QQ--yQXIsd27re5rtyGBvHr1T9Gwon9JJcO9frPrrzHgMcd3opKDu6cEMKLBuaE-7th6WBt9Se7BDTrj_pDkPnaMeFK4S7rUNtLRxFeN1t0PcC62mQLnchUIbbQ0QsMXRd8glHA9VIzPemfjY3tVgZ8Fof0fhgVr8QXSQtDMj71gsYXpRiU7iXHZWGAX_FwmzYgezmmK7e-CBLcjowpNyGPIHn5TaGCjJKSika4pCPjXMVsZo6wJzAE7Oj4LVFJbWKADMw-epYeCMJHZmmVzwkrkpE_AXJi2u1El9CpxEQFsqCR54mFLcbOcN-E7_HzNKgahXsWTMnMd12VX-NDurBpr4PiZUZvf2wlfZkVmGIRfrYS8M7Ii3dmI6HJJTGwF9sopP0Kgw3z7JcagSVBi8YeyvDxo3EQzCQ4Ky2SpDqvXiF90lSg0s1FZDQb2FpUhm_Kpkjyi_Tpz-WKP3Ids0Pi0cveBYBVUcE7DgvmYH5wMxDiEMm4Oo51F5YC_o1ibStw-polqBFMKXNTAQbsIaHSxj_IrQzhgKFNLCb2GtMvBljTN977UL1UmtM7T4A52aNmNhg7NV6rm1Jiaio_jJglKODlvZLhE9ohyrX5TiU4kVfU7xczQyCmk-6yMSNbX3RMOhqVT-dVM3SBQcNWkr169HybKDU6zlYQ9T_fZK3JX6o3fauMSLoBsTYRPBc4j75Nzbcdm_NR4qgOSdJATZ6pZzCZicwTCYY8uUkSioyLJViZ4dsLelznSiGCbi1ugZKvjzHSYwZhZjR_O4pVqWLJoYpA-mudYdSrtFUb4DEIkuh6Fb7TNewrH4yA8-J_YGP6ij0_WRpFTK6ZuZdsfmD1rh29ZgbfYaN6eRKOEIIcFo18Ud9mDAxPdUMzTFXcCoTjps2TnawKEJQ_DIkgO9Xuu2w-JxJQbtTxE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 11D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110301&jk=1282009759529532&bg=!Tk2lTQnNAAbvMpMzzzI7ACkAdvg8WgerS14Q47eFkhiNTdgRKlispxoUcL9PlaEA-I3X_JCxibdOjQIAAAC1UgAAAAJoAQeZAr5EwIjDbg9rAYn-Btz-4knpYTVwn2uiEW1AJVoDjnCDzFkrEUwRbjZUX4KNOWzrzM8Cl0-i6pyVZd3Xf-ao-bRQ0VV8FdHcGLByNRFIkXk-R5FRZkFOvzYm8-cubp-qv3BX9zeJ8Lr-P_t5G3rTmL97LvpFBEYjpZseDCOEjywIqydm6AgBVPdWuCF-MyS36y8GE-ADtOHIf-Dd5OPB1BxS30RQ6WAM-nGhoUXQi4gY87TQeiwjvqrUOYzSUCz7s77gpJElRsAEdwHGnJg952wps6NlHhK2MMKdc6FAJGIOlPf2xJ0FKYpNNU8YlUDT0tLwdXywOz8tSIfumBaqaNWaCGXj9za4ZuxXWME16SMYIG7ycdO5JQhwphwqy1_klUl8uytVXQAFdP-zILsX4S6cTUWU9Ia-V5IitcGdGekZnIDPZ7nAUrUrzdG_CDb0jKvcnVKJfb5idtZcbLfVmFNqvppDLZmJP1mHnvz4pvcp7pEtNzBzvwvXn-pFTmYlz3_UjgvW0PG20BkHfBl4kXeQEUMQPHUF9o3j61vVpIIhmt4tEkBL481XiaeNSgup2pqRqbkfigIiOfFKy2p0EsWlw_-nc_RtIzKgl8Zvsw956Cu1zpY0eoDWno98ulJOrcB7cEtv7eLR0H5R6kYRYb7PAZCMObvf3Sw0FwIhO3-3JIW3TUlS_W9i2pi0tYwSPWGI9NwS89SLQ2iBdzCVyqoyoNVuDf77lH0_F9Gtg3aixPvB9bZDqzzoXJLYPUqSJ3r8JJ9CL2C-eg9rx6H5bjPPzJ7xszullGxcmJwjTttuZakSR9_8RzSwAOHlKpls8sLu7iDoDSpw8grPT4HQM2_ZPZPyuuIAAf6Qa4uLMBVsQxvtA31wwAqh0vczlV9AIf3Nz7UcZFcC2dhiLA0_aeC2cpQSTM1_HfH9v3lXUJM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 4FFB 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
logo-stacked.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13885821050941341696/ Frame 4FFB 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13885821050941341696/logo-stacked.svg
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
3e5596cfb1f92d12c210d363062b7ca07eacaa2840a4c73b095c2e87e652597d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Nov 2022 18:05:24 GMT
age
237266
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2618
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 19:47:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 07 Nov 2023 18:05:24 GMT
Enabler.js
s0.2mdn.net/ads/studio/ Frame 416C 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCIG04tOdsY8e0IIaSvQSq1rrACtKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKCnxr7QrejPqgDAaoE2AFP0FKmk82LS20KF3dYjXTIBLjeY3lIwXT3M8BOrsWG-AO0mzukNik3dkuHV99gj1BBK5SGbZacKhBic6pNv0zIVHIfu9X8HXIPZhZ6_qIO0fJaElA_1sLA8lM53O49CeFlTqWxnVqyXH8xMDc0XBamAt-bMx6pYnpzLnm3sPZR_lqrvQ2cT1_9rhh4Ot4htpdBYf0XslOh_i-iuE0ZHVwmoQOWsEEqLu597Ru7trgVoXVqXaOGIUBoP5WSCtCOWooHD3UEBpnILnCmy2LddDZyMGuFV4uY0mfABM3vyeyGBOAEA5AGAaAGTYAHuP3U7AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBsBPb6fEQyBO3jKThA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9HNW44CzpZTSqc_TntLnjq-M8IJg28VUFMDTzFyiEZCqo2HtbinccDZfqKvYjco_ORxjmODjLGAEgEw%26sig%3DAOD64_2x27y4DsoLGq2wE1AeDDaXNhby-Q%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CiNHTL3QoSfzinSV6EWjqbyQ4GKR_W45HH7Oeh0tSShWdYiFUfMufvYIrJF-i9VFAqQOJGUASJcd3hwpTG6vOeNsQr1HJwqkOGPgbcRKTIlIF3C0OXIvQJZMG_jN6gzVzt2Xbjj1RPSKCoBpiZn4oQ_JqYZ5E34VlgI4cKPnmkGPLySMw%26cry%3D1%26dbm_d%3DAKAmf-D2TXzJdoXyRK3vfjX4AMseO5662jf53wI3j5RekBt95xOC9haZqiRX5GkecuyeimU45_dYKmb1EwbUce4PvF_U_j1FR_VwyNnj4s-FUlkx_dGMdRip5lF3VWksSK_e1xvFvlgfbrWVRiE4GhFu1Rkgnt_dY9jhFrXJZU_Fd4IJQSaUK5WBqscbMY-xYCqBZCEO_vUs1YPEVaUQw-_2LhYGNvUTsdFEO04UarLIZZu9oMRMqqSMwQyVIeXQHUo0gOhtOiY1hi1eyqT4m1nJV5Q-eIbwfsIpzXMmwLctCMgIwGcN7naX_N0IqiTUAx4Zf7igyWg1o9ikI0_LjHhwa7kX4Wm7JBZOPXOYX1ypsdXgL2ZxrD4wmZV6PyWQ0AJ85ehRHiEL5BSEEyNQ9IebF8RM-RO2hvuhtOnEAZqIlv_JAf7YQcTMojrmDEVmmrKG6zJ5Btqq-WWuI7yLDZ73Rr_Ewo86yYTv0kKy6SA2KYG5i4qGibie-_NFvTDFwe-1lsqAtJJt4_r7b5cjXOrMZJFF-Sjh5rdU6K3ksf0jyCdZmoU4fudTSchS0bbXoYl3is8R8o5cH2lubOZFyV1pf-cSF9-nkSHLVglnB3WAEaQF5M7bAIrtzHK_Zt1cyGwmOGNHO8A8DHzVUtLM3AZf91f88cdsm6VEISykof2qSdBZfpe4hxs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1668081588531015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:58:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Nov 2022 12:13:24 GMT
dyn-hype-multiitem.js
www.adtrek.co/Scripts/Inserts/ Frame 416C 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adtrek.co/Scripts/Inserts/dyn-hype-multiitem.js?v=1-4
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCIG04tOdsY8e0IIaSvQSq1rrACtKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKCnxr7QrejPqgDAaoE2AFP0FKmk82LS20KF3dYjXTIBLjeY3lIwXT3M8BOrsWG-AO0mzukNik3dkuHV99gj1BBK5SGbZacKhBic6pNv0zIVHIfu9X8HXIPZhZ6_qIO0fJaElA_1sLA8lM53O49CeFlTqWxnVqyXH8xMDc0XBamAt-bMx6pYnpzLnm3sPZR_lqrvQ2cT1_9rhh4Ot4htpdBYf0XslOh_i-iuE0ZHVwmoQOWsEEqLu597Ru7trgVoXVqXaOGIUBoP5WSCtCOWooHD3UEBpnILnCmy2LddDZyMGuFV4uY0mfABM3vyeyGBOAEA5AGAaAGTYAHuP3U7AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBsBPb6fEQyBO3jKThA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9HNW44CzpZTSqc_TntLnjq-M8IJg28VUFMDTzFyiEZCqo2HtbinccDZfqKvYjco_ORxjmODjLGAEgEw%26sig%3DAOD64_2x27y4DsoLGq2wE1AeDDaXNhby-Q%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CiNHTL3QoSfzinSV6EWjqbyQ4GKR_W45HH7Oeh0tSShWdYiFUfMufvYIrJF-i9VFAqQOJGUASJcd3hwpTG6vOeNsQr1HJwqkOGPgbcRKTIlIF3C0OXIvQJZMG_jN6gzVzt2Xbjj1RPSKCoBpiZn4oQ_JqYZ5E34VlgI4cKPnmkGPLySMw%26cry%3D1%26dbm_d%3DAKAmf-D2TXzJdoXyRK3vfjX4AMseO5662jf53wI3j5RekBt95xOC9haZqiRX5GkecuyeimU45_dYKmb1EwbUce4PvF_U_j1FR_VwyNnj4s-FUlkx_dGMdRip5lF3VWksSK_e1xvFvlgfbrWVRiE4GhFu1Rkgnt_dY9jhFrXJZU_Fd4IJQSaUK5WBqscbMY-xYCqBZCEO_vUs1YPEVaUQw-_2LhYGNvUTsdFEO04UarLIZZu9oMRMqqSMwQyVIeXQHUo0gOhtOiY1hi1eyqT4m1nJV5Q-eIbwfsIpzXMmwLctCMgIwGcN7naX_N0IqiTUAx4Zf7igyWg1o9ikI0_LjHhwa7kX4Wm7JBZOPXOYX1ypsdXgL2ZxrD4wmZV6PyWQ0AJ85ehRHiEL5BSEEyNQ9IebF8RM-RO2hvuhtOnEAZqIlv_JAf7YQcTMojrmDEVmmrKG6zJ5Btqq-WWuI7yLDZ73Rr_Ewo86yYTv0kKy6SA2KYG5i4qGibie-_NFvTDFwe-1lsqAtJJt4_r7b5cjXOrMZJFF-Sjh5rdU6K3ksf0jyCdZmoU4fudTSchS0bbXoYl3is8R8o5cH2lubOZFyV1pf-cSF9-nkSHLVglnB3WAEaQF5M7bAIrtzHK_Zt1cyGwmOGNHO8A8DHzVUtLM3AZf91f88cdsm6VEISykof2qSdBZfpe4hxs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1668081588531015
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.237.117.95 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-237-117-95.ap-southeast-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f824af6240aaa57ba4104f1969365afa9b6904544545284db4a7469e6a94768a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCIG04tOdsY8e0IIaSvQSq1rrACtKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKCnxr7QrejPqgDAaoE2AFP0FKmk82LS20KF3dYjXTIBLjeY3lIwXT3M8BOrsWG-AO0mzukNik3dkuHV99gj1BBK5SGbZacKhBic6pNv0zIVHIfu9X8HXIPZhZ6_qIO0fJaElA_1sLA8lM53O49CeFlTqWxnVqyXH8xMDc0XBamAt-bMx6pYnpzLnm3sPZR_lqrvQ2cT1_9rhh4Ot4htpdBYf0XslOh_i-iuE0ZHVwmoQOWsEEqLu597Ru7trgVoXVqXaOGIUBoP5WSCtCOWooHD3UEBpnILnCmy2LddDZyMGuFV4uY0mfABM3vyeyGBOAEA5AGAaAGTYAHuP3U7AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBsBPb6fEQyBO3jKThA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9HNW44CzpZTSqc_TntLnjq-M8IJg28VUFMDTzFyiEZCqo2HtbinccDZfqKvYjco_ORxjmODjLGAEgEw%26sig%3DAOD64_2x27y4DsoLGq2wE1AeDDaXNhby-Q%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CiNHTL3QoSfzinSV6EWjqbyQ4GKR_W45HH7Oeh0tSShWdYiFUfMufvYIrJF-i9VFAqQOJGUASJcd3hwpTG6vOeNsQr1HJwqkOGPgbcRKTIlIF3C0OXIvQJZMG_jN6gzVzt2Xbjj1RPSKCoBpiZn4oQ_JqYZ5E34VlgI4cKPnmkGPLySMw%26cry%3D1%26dbm_d%3DAKAmf-D2TXzJdoXyRK3vfjX4AMseO5662jf53wI3j5RekBt95xOC9haZqiRX5GkecuyeimU45_dYKmb1EwbUce4PvF_U_j1FR_VwyNnj4s-FUlkx_dGMdRip5lF3VWksSK_e1xvFvlgfbrWVRiE4GhFu1Rkgnt_dY9jhFrXJZU_Fd4IJQSaUK5WBqscbMY-xYCqBZCEO_vUs1YPEVaUQw-_2LhYGNvUTsdFEO04UarLIZZu9oMRMqqSMwQyVIeXQHUo0gOhtOiY1hi1eyqT4m1nJV5Q-eIbwfsIpzXMmwLctCMgIwGcN7naX_N0IqiTUAx4Zf7igyWg1o9ikI0_LjHhwa7kX4Wm7JBZOPXOYX1ypsdXgL2ZxrD4wmZV6PyWQ0AJ85ehRHiEL5BSEEyNQ9IebF8RM-RO2hvuhtOnEAZqIlv_JAf7YQcTMojrmDEVmmrKG6zJ5Btqq-WWuI7yLDZ73Rr_Ewo86yYTv0kKy6SA2KYG5i4qGibie-_NFvTDFwe-1lsqAtJJt4_r7b5cjXOrMZJFF-Sjh5rdU6K3ksf0jyCdZmoU4fudTSchS0bbXoYl3is8R8o5cH2lubOZFyV1pf-cSF9-nkSHLVglnB3WAEaQF5M7bAIrtzHK_Zt1cyGwmOGNHO8A8DHzVUtLM3AZf91f88cdsm6VEISykof2qSdBZfpe4hxs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1668081588531015
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Apr 2022 14:29:24 GMT
Server
Microsoft-IIS/8.5
ETag
"0fa1131435ad81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2968
pol.jpg
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame 416C 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/pol.jpg
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCIG04tOdsY8e0IIaSvQSq1rrACtKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKCnxr7QrejPqgDAaoE2AFP0FKmk82LS20KF3dYjXTIBLjeY3lIwXT3M8BOrsWG-AO0mzukNik3dkuHV99gj1BBK5SGbZacKhBic6pNv0zIVHIfu9X8HXIPZhZ6_qIO0fJaElA_1sLA8lM53O49CeFlTqWxnVqyXH8xMDc0XBamAt-bMx6pYnpzLnm3sPZR_lqrvQ2cT1_9rhh4Ot4htpdBYf0XslOh_i-iuE0ZHVwmoQOWsEEqLu597Ru7trgVoXVqXaOGIUBoP5WSCtCOWooHD3UEBpnILnCmy2LddDZyMGuFV4uY0mfABM3vyeyGBOAEA5AGAaAGTYAHuP3U7AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBsBPb6fEQyBO3jKThA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9HNW44CzpZTSqc_TntLnjq-M8IJg28VUFMDTzFyiEZCqo2HtbinccDZfqKvYjco_ORxjmODjLGAEgEw%26sig%3DAOD64_2x27y4DsoLGq2wE1AeDDaXNhby-Q%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CiNHTL3QoSfzinSV6EWjqbyQ4GKR_W45HH7Oeh0tSShWdYiFUfMufvYIrJF-i9VFAqQOJGUASJcd3hwpTG6vOeNsQr1HJwqkOGPgbcRKTIlIF3C0OXIvQJZMG_jN6gzVzt2Xbjj1RPSKCoBpiZn4oQ_JqYZ5E34VlgI4cKPnmkGPLySMw%26cry%3D1%26dbm_d%3DAKAmf-D2TXzJdoXyRK3vfjX4AMseO5662jf53wI3j5RekBt95xOC9haZqiRX5GkecuyeimU45_dYKmb1EwbUce4PvF_U_j1FR_VwyNnj4s-FUlkx_dGMdRip5lF3VWksSK_e1xvFvlgfbrWVRiE4GhFu1Rkgnt_dY9jhFrXJZU_Fd4IJQSaUK5WBqscbMY-xYCqBZCEO_vUs1YPEVaUQw-_2LhYGNvUTsdFEO04UarLIZZu9oMRMqqSMwQyVIeXQHUo0gOhtOiY1hi1eyqT4m1nJV5Q-eIbwfsIpzXMmwLctCMgIwGcN7naX_N0IqiTUAx4Zf7igyWg1o9ikI0_LjHhwa7kX4Wm7JBZOPXOYX1ypsdXgL2ZxrD4wmZV6PyWQ0AJ85ehRHiEL5BSEEyNQ9IebF8RM-RO2hvuhtOnEAZqIlv_JAf7YQcTMojrmDEVmmrKG6zJ5Btqq-WWuI7yLDZ73Rr_Ewo86yYTv0kKy6SA2KYG5i4qGibie-_NFvTDFwe-1lsqAtJJt4_r7b5cjXOrMZJFF-Sjh5rdU6K3ksf0jyCdZmoU4fudTSchS0bbXoYl3is8R8o5cH2lubOZFyV1pf-cSF9-nkSHLVglnB3WAEaQF5M7bAIrtzHK_Zt1cyGwmOGNHO8A8DHzVUtLM3AZf91f88cdsm6VEISykof2qSdBZfpe4hxs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1668081588531015
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.116 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
04af379c37398603077d9d44bfccfb4f4fa3cddcd33a3f1629f25c22031a09a6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:24 GMT
Server
AmazonS3
x-amz-request-id
9M346HTGPY2AY2R3
ETag
"51725432a390bdc2beb9923ad23d567f"
x-amz-meta-info
polite loading image
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1569
x-amz-id-2
XY7XQzDfgnQAAWoBHl3QGc70Si4OCIQdZpfYGZowilmtRAPOQsM5S+f6qd30ZsmEydJczu4K9L4=
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 872F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 04:23:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
372988
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Nov 2023 04:23:22 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FA18 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
79471
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 13:55:19 GMT
etag
48472445140208031
expires
Thu, 10 Nov 2022 13:55:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 872F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea2baf6565755604335517bd75327839907dd1d8e51d52ecb754ad3b5f8c965b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 91D9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 11:59:50 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 91D9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 11:59:50 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 91D9 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 05 Nov 2023 11:59:50 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 91D9 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 05 Nov 2023 11:59:50 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 91D9 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=J_rQkLab3XxSNKsrIH4S3ZIwYlnLf0kDO5G2DWtMoSvbaYXbuY2QDhihAQM9DsstGu9HHUbl5WUfH9n_rcR74rW76MOhiy38a49uvNi8O2rg4ykdtCw18XVJQdGQqQjoQHkmHLOqjvOeTajMn8uPndYzQNaTG91O75RbJLIDTsyyREM3zl8s0lppaCgzPELbj7zesiWROp3NXSfonLdRXvCZkPp3kdUKvQKVBtjYRp2RurTzlfS0mPa_ZyI0noKdZVMvZ9L4P3NKoulD2PrPMdoc079c_5LVr1peuaFNdpoH1loQToFlo-F3Cb3RQXveNxMGptorwd4Iw06HqzpWlDXmlWCo21HvYwIIswwqDF3yxwliRjmb4S1aMNJxDMddPcGSEYfMFpMMb0vdO0cLBU0xmh-htucn-M-eaVifE6GaTuA6
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1689287
expires
Mon, 26 Jul 1997 05:00:00 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame ED7B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 14:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 14:43:55 GMT
pixel
cm.g.doubleclick.net/ Frame FA18
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECVriGTw6VI_DpXDLSBnnAQ&google_push=ASkJ3FbA9FcOAQMwAyKBlJffeTedvBKFKmYeIiNPzmBM7xwUf18VF6OuUu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECVriGTw6VI_DpXDLSBnnAQ&google_push=ASkJ3FbA9FcOAQMwAyKBlJffeTedvBKFKmYeIiNPzmBM7xwUf18VF6OuUuc8X6HCDkcYSBG3LdDTsNNA1aOqrW0NUN2fGhzNSmBnEB_SJL78xSZi8z9RNnC3tdmZjiuqght7yLW6hBZ0sZaV6bcjqCV8WdU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-mel11237-MEL
pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1668081591.243739,VS0,VE240
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECVriGTw6VI_DpXDLSBnnAQ&google_push=ASkJ3FbA9FcOAQMwAyKBlJffeTedvBKFKmYeIiNPzmBM7xwUf18VF6OuUuc8X6HCDkcYSBG3LdDTsNNA1aOqrW0NUN2fGhzNSmBnEB_SJL78xSZi8z9RNnC3tdmZjiuqght7yLW6hBZ0sZaV6bcjqCV8WdU
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame FA18
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEH19qq_eDb8wx8YBicdQRZU&google_cver=1&google_push=ASkJ3FbACSStV2hweecY7FzmTN0Tq-a9s0W8HX21Kbe2pEBTFVKp4cAnXXQEx7H9XHDKAy_umanuKibHzyc7Lu_EQpLhIH_xEhbupP...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92A6B737A16741888CE33D46A33B58A8&google_push=ASkJ3FbACSStV2hweecY7FzmTN0Tq-a9s0W8HX21Kbe2pEBTFVKp4cAnXXQEx7H9XHDKAy_umanuKibHzyc7Lu_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92A6B737A16741888CE33D46A33B58A8&google_push=ASkJ3FbACSStV2hweecY7FzmTN0Tq-a9s0W8HX21Kbe2pEBTFVKp4cAnXXQEx7H9XHDKAy_umanuKibHzyc7Lu_EQpLhIH_xEhbupPwtcqUxsIBoyOjIK_1LRbdmJbxFBo_Vr7aWnzJ4Cn2reh1zhHHhiaw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Nov 2022 11:59:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92A6B737A16741888CE33D46A33B58A8&google_push=ASkJ3FbACSStV2hweecY7FzmTN0Tq-a9s0W8HX21Kbe2pEBTFVKp4cAnXXQEx7H9XHDKAy_umanuKibHzyc7Lu_EQpLhIH_xEhbupPwtcqUxsIBoyOjIK_1LRbdmJbxFBo_Vr7aWnzJ4Cn2reh1zhHHhiaw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 09 Nov 2022 11:59:51 GMT
pixel
cm.g.doubleclick.net/ Frame FA18
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE6dIyEH7Zl5dpuPJiS1N8w&google_cver=1&google_push=ASkJ3FbsP7bPWyqoZaetdbxX8qbzOWkZmq8j6uC4tJt7mTr5BzXyTQn8i6JuZlkwAZx-aJNimDBB5G6o-QDF_E...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FbsP7bPWyqoZaetdbxX8qbzOWkZmq8j6uC4tJt7mTr5BzXyTQn8i6JuZlkwAZx-aJNimDBB5G6o-QDF_EJqp_ZDVntUBjTAMtqw-26ZCH4dCSYqHurOKxXrC214...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FbsP7bPWyqoZaetdbxX8qbzOWkZmq8j6uC4tJt7mTr5BzXyTQn8i6JuZlkwAZx-aJNimDBB5G6o-QDF_EJqp_ZDVntUBjTAMtqw-26ZCH4dCSYqHurOKxXrC214KVxF4EKIwrcL9cjbzzoOHG5dJw&google_hm=hmNs57ZzdhKWYttoJQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D636CE7B67376129662DB6825BLIS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FbsP7bPWyqoZaetdbxX8qbzOWkZmq8j6uC4tJt7mTr5BzXyTQn8i6JuZlkwAZx-aJNimDBB5G6o-QDF_EJqp_ZDVntUBjTAMtqw-26ZCH4dCSYqHurOKxXrC214KVxF4EKIwrcL9cjbzzoOHG5dJw&google_hm=hmNs57ZzdhKWYttoJQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D636CE7B67376129662DB6825BLIS
date
Thu, 10 Nov 2022 11:59:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame FA18
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPbCNeQip84T7hFaCpdkFmg&google_cver=1&google_push=ASkJ3FZBX-NRaKh0J2wFEYLRUEpACzIBK9JSWlIPa1GetjUWTMn5JvqDnkxvxvq-hfCG6xJbHbrMIUksnY2Ax2H24okMo3a...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZBX-NRaKh0J2wFEYLRUEpACzIBK9JSWlIPa1GetjUWTMn5JvqDnkxvxvq-hfCG6xJbHbrMIUksnY2Ax2H24okMo3aavYcvrNsk_a8waAxVw8KhIoxRAMFx1NLdaFM5x...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZBX-NRaKh0J2wFEYLRUEpACzIBK9JSWlIPa1GetjUWTMn5JvqDnkxvxvq-hfCG6xJbHbrMIUksnY2Ax2H24okMo3aavYcvrNsk_a8waAxVw8KhIoxRAMFx1NLdaFM5xCJM49vDuBE3a8ZMpZRn1Q&google_hm=NTU1ODM5Mjg3Njc5NDY3MzIzMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Nov 2022 11:59:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZBX-NRaKh0J2wFEYLRUEpACzIBK9JSWlIPa1GetjUWTMn5JvqDnkxvxvq-hfCG6xJbHbrMIUksnY2Ax2H24okMo3aavYcvrNsk_a8waAxVw8KhIoxRAMFx1NLdaFM5xCJM49vDuBE3a8ZMpZRn1Q&google_hm=NTU1ODM5Mjg3Njc5NDY3MzIzMw%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame FA18
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFEIEqNlputElwdQ9vQWGMI&google_cver=1&google_push=ASkJ3FaZunRoXuR2Bmsi8SP6Kv7SzLv0Zkhf9zBv7D4bCo-m_lxexOU60kHT_I8VZhO-_LFZu2s3xjgQtHJ9ux6W-ygGFX2CXz...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FaZunRoXuR2Bmsi8SP6Kv7SzLv0Zkhf9zBv7D4bCo-m_lxexOU60kHT_I8VZhO-_LFZu2s3xjgQtHJ9ux6W-ygGFX2CXzR...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE0ODgxMjE5MDE4MTc4NzA1MjYzNg%3D%3D&google_push=ASkJ3FaZunRoXuR2Bmsi8SP6Kv7SzLv0Zkhf9zBv7D4bCo-m_lxexOU6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE0ODgxMjE5MDE4MTc4NzA1MjYzNg%3D%3D&google_push=ASkJ3FaZunRoXuR2Bmsi8SP6Kv7SzLv0Zkhf9zBv7D4bCo-m_lxexOU60kHT_I8VZhO-_LFZu2s3xjgQtHJ9ux6W-ygGFX2CXzRaAQ3GZvMpN8jEoo5yM_JWB-FVBB_21Yi0nP8B-FEkrwOlI73C8ELhZA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE0ODgxMjE5MDE4MTc4NzA1MjYzNg%3D%3D&google_push=ASkJ3FaZunRoXuR2Bmsi8SP6Kv7SzLv0Zkhf9zBv7D4bCo-m_lxexOU60kHT_I8VZhO-_LFZu2s3xjgQtHJ9ux6W-ygGFX2CXzRaAQ3GZvMpN8jEoo5yM_JWB-FVBB_21Yi0nP8B-FEkrwOlI73C8ELhZA
date
Thu, 10 Nov 2022 11:59:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame FA18
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEIXo9g2Zut3TPDIIhBiZD90&google_cver=1&google_push=ASkJ3FZ-CGb2JRvkeJLVDk29davsx_l8qywDyiaujsEYnt6LxaamyZE4Maz503Njcy1ButMW7s5kJgVlOSgaPnB66l1o2nZbg...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExMDgzMTkxNzQ0MzY3NjAwMFYxMA%3d%3d&mn_hm=MzExMDgzMTkxNzQ0MzY3NjAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FZ-CGb2JRvkeJLVDk29davsx_l...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExMDgzMTkxNzQ0MzY3NjAwMFYxMA%3d%3d&mn_hm=MzExMDgzMTkxNzQ0MzY3NjAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FZ-CGb2JRvkeJLVDk29davsx_l8qywDyiaujsEYnt6LxaamyZE4Maz503Njcy1ButMW7s5kJgVlOSgaPnB66l1o2nZbgB-E2_VuA1wLbGAqhYRSGQ8FQED9LRSbWo0lqZ2GLognTESPRN6LDm1GaPk&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:51 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzExMDgzMTkxNzQ0MzY3NjAwMFYxMA%3d%3d&mn_hm=MzExMDgzMTkxNzQ0MzY3NjAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FZ-CGb2JRvkeJLVDk29davsx_l8qywDyiaujsEYnt6LxaamyZE4Maz503Njcy1ButMW7s5kJgVlOSgaPnB66l1o2nZbgB-E2_VuA1wLbGAqhYRSGQ8FQED9LRSbWo0lqZ2GLognTESPRN6LDm1GaPk&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Thu, 10 Nov 2022 11:59:51 GMT
pixel
cm.g.doubleclick.net/ Frame FA18
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FYAAmPxEFHkmUZA2ZZebz-CgvXxed6FnNwO...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=&&google_push=ASkJ3FYAAmPxEFHkmUZA2ZZebz-CgvXxed6FnNwOkI7QE8FGCPADep92MPRVdeW02EJT7PyewlBAENigf0ITd_WNBZRkd7OqVnErq7GpPAwZfT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=&&google_push=ASkJ3FYAAmPxEFHkmUZA2ZZebz-CgvXxed6FnNwOkI7QE8FGCPADep92MPRVdeW02EJT7PyewlBAENigf0ITd_WNBZRkd7OqVnErq7GpPAwZfTG-okb0tBNQxVg9jdRzTkQwfWrctBfj1PVbQt7OkKZ1sf_2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=&&google_push=ASkJ3FYAAmPxEFHkmUZA2ZZebz-CgvXxed6FnNwOkI7QE8FGCPADep92MPRVdeW02EJT7PyewlBAENigf0ITd_WNBZRkd7OqVnErq7GpPAwZfTG-okb0tBNQxVg9jdRzTkQwfWrctBfj1PVbQt7OkKZ1sf_2
Date
Thu, 10 Nov 2022 11:59:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame FA18 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K0W2UpjUyu__0v75HS_rn047yOPL9CDoafuXs3HT16Wcq4pih-APO8AthxO0rcrZozoanZCA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1702 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
158692
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 15:54:58 GMT
expires
Wed, 08 Nov 2023 15:54:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
animejs.js
static.criteo.net/animejs/ Frame 91D9 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 11:59:51 GMT
img
pix.as.criteo.net/img/ Frame 91D9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=91067&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F91067%2F220923%2F11437229c4eb4efa93eeec1bb01600d7_wechat_image_20201110165504.png&v=3&w=236&s=47Xt8LFlM8fjUdY9uy9joO0L
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4ac691506b5a85346f2528026f76e81e4a116bb10e318910065b1ffac686b3f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28047550
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6884
expires
Sun, 01 Oct 2023 02:59:01 GMT
img
pix.as.criteo.net/img/ Frame 91D9 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0047992_0.jpeg&v=3&w=800&s=6rOTtx8EeL4jYzeb99oDgd3D&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
d8374bc6600715a545574b616214bcc76cc042df5a50f80a1e30c31c348139c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31529115
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24520
expires
Fri, 10 Nov 2023 10:05:06 GMT
img
pix.as.criteo.net/img/ Frame 91D9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0045659_0.jpeg&v=3&w=800&s=xDFN_eW-mGzpJ6GHU0puH-lM&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
53d4699b215095f0487f97f41944872811301341b6aad368922b12e00c55acf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31529107
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10028
expires
Fri, 10 Nov 2023 10:04:59 GMT
img
pix.as.criteo.net/img/ Frame 91D9 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0034576_0.jpeg&v=3&w=800&s=7Sh0r4ChOpIZy95Ms18Ieq04&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
b16382f8685a8cdb22fc410b4df0b485ca4f66d6004f8998023b36183be3e0f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28929834
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6646
expires
Wed, 11 Oct 2023 08:03:45 GMT
img
pix.as.criteo.net/img/ Frame 91D9 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0038453_0.jpeg&v=3&w=800&s=fKrAxbBWfRFfLtO4kFIHYi2d&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
9eaa08418e3a297cbdf61fae0bcba3ac0f9531c44afc283a7da126199394b1af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28920293
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12154
expires
Wed, 11 Oct 2023 05:24:44 GMT
img
pix.as.criteo.net/img/ Frame 91D9 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0043935_0.jpeg&v=3&w=800&s=B0ZZro7lD_LifbQOvqNmQllB&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
08f21b415bd9e97d9fbcc9e7c1958b2d9d7a71471e3732fc25f0105f98a1d31c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29420783
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23998
expires
Tue, 17 Oct 2023 00:26:15 GMT
img
pix.as.criteo.net/img/ Frame 91D9 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0046730_0.jpeg&v=3&w=800&s=5sGHMcS5JRKJkW5JEM9UjnQF&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
9d4ec2fe4054de0bc85f2853bfbe67c2f57775e5508a2dee62fc0cc9e13565f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28814676
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12130
expires
Tue, 10 Oct 2023 00:04:28 GMT
img
pix.as.criteo.net/img/ Frame 91D9 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0042434_0.jpeg&v=3&w=800&s=bshqc22HqjOY4CFg4VyUbCih&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
22df71a89a61194292e30547759fa7dd22b7c31e3b4d3b91494480a9b1e545e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28641811
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20188
expires
Sun, 08 Oct 2023 00:03:23 GMT
img
pix.as.criteo.net/img/ Frame 91D9 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0030197_0.jpeg&v=3&w=800&s=urLZP_Zt8Z0QACwkIqWzRIMR&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e2c86c0baa1b5d23b94f0d1a632349311c08790bfe692c24903d7d851b8172be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29110660
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
38618
expires
Fri, 13 Oct 2023 10:17:32 GMT
img
pix.as.criteo.net/img/ Frame 91D9 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0047710_0.jpeg&v=3&w=800&s=M41QL4bf69M3TYiMRxqWq6Ce&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
25c22eee2c69b4217b055a95f4bead73ec04923e53a7db83d8d435e4cae5a179
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31515044
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
68906
expires
Fri, 10 Nov 2023 06:10:36 GMT
img
pix.as.criteo.net/img/ Frame 91D9 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0047517_0.jpeg&v=3&w=800&s=x7S_4jrbjN5Sph1Ytc9Bc25B&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4b5fd409ff8de592e62ceb5d7edbb3d0fde10bcc962c215926c26ae56d10e903
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29074548
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11662
expires
Fri, 13 Oct 2023 00:15:40 GMT
img
pix.as.criteo.net/img/ Frame 91D9 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0045677_0.jpeg&v=3&w=800&s=N8pLMahxDXXLkEfKiFE--wBe&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f2fd7a35949782d3190c8fbbe987487385857a8954d65b5b24db9708865838cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:50 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31529105
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19562
expires
Fri, 10 Nov 2023 10:04:57 GMT
img
pix.as.criteo.net/img/ Frame 91D9 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0045502_0.jpeg&v=3&w=800&s=3ioI8elSV8SaJzey9CjLoRRD&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
62fd7e69b709d10b25c2bfedde4cd56d4411868c1e88a385793badca55973cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29274626
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30036
expires
Sun, 15 Oct 2023 07:50:18 GMT
all
csm.as.criteo.net/ Frame 91D9 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=hiV9xyyYSBah6BrTvj0J7W8Dt3G9jeezatLgUxMZQZtggU24LHPrHRmd9sqoB6hhJ4jDE2DTkyNQ4sWjpwVQ-JxuZSyR4746qNfGaKGltsReSdD13wJ2r91Z8anjrg8TqO5LeFx-4wXaZ6boggFBxwxjaVFUSbJhS43mQgiS3WQqTWYMJvnoODBGn9nZhgC4Ws4oh4IFpKv-tRoBnw1_J6mIlBtpU4iaG_PzrleZQa0jzx0kpqzPO_kRN3GSHTywUuTYx6Aa8tQ3gC74&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 11:59:50 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 91D9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 11:59:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 91D9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 11:59:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED7B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFWzWtedsY-iAK8O89QPY9YzwAgAAAAA4AeAEAg&bg=!4-Cl4KTNAAbvMpMzzzI7ACkAdvg8Ws8a6YOK-gGmtIBUQgCH0Sr1eiewYclXYHq3dIklkuIXORQtCgIAAACeUgAAAAJoAQeZAuScjj5CEUIF0cEtmeURPiCCfgRRdDHfsEeA-kBDgFjcge1yWYsVwaAc8oQbc8N4LiKaTltkwnG7-OfPL63w0A1QSXsY48CP7Vjcq2P53RkCzlACW-27diHf9YMXWwmotqw1jD6_AB_-nZwjncRH6ItaP6Z47-X6uq7A3fH4b1DccFG384CJBd_9yKiQTOTQ3ZA3khv4phKLUk-9htmqGexG3MaIRK61cxuSBYTA28-cHHHgASj3lYQ5sG4nh9O2Y3cRnxUJi2b19W4hubM8Klvi7DsHhaL5FPB2GkynDmVjEQzmObvfHxbAsX2wRpxp_-KFA7DfG8VMT-0vdjzHBF8gAbAUxyh1rnEiR2U5IdU2hwrMxufTe2OAPBcqkizt-JRUzofpTg81VKOG1BArOQozNONvi2dOYRTwd-SpvFBEKpTk5Zsuc21OUEWiBj7DsPqxB5XbURISIrYPJ9uoWMGIVo5XSnLE7YltwKB3UJ6xOu8z-rCo5IbjhCi_mApm1lmGuYs8h-LF_4G-JyrQOLtwZbEUzXwGE7wtv5UbnrLa1lMIWRzV7i2ISShdg_lTJ99S5MqGUGIo50u5XbIeqiYgqxBUs0JDGHEPMJs-MYPlLUwLoWuC_wnIg2LD7IwEZJSZ_h2BlKTl7ORRvk83DrtOJnOLXSnxb1XMQ-LV7hgfyy3Khhg-KSOlCA737FbBphG4iKLbK__5azvGHO-_z7obhrL_dUPCNTlAjq5NLoHx5dXF-XIcg468XWecW4SHBA_5zu2jEUM_tucMUMeK7txG2dhf3ZxOt8Z25MYNbUztewIlU2_vMdt7sDKndQ2ekjYRkj6eGxPBbYqVMTWRbZU7c8RgKCv_uhDXRtyBMkz7603bcTkAyg9s-SUuWS9eRc_9DmI_brRN4zY0LQA3ZBNLk1cRcI2gymzs53ntpa04W2nP0pSoiJqa-9ausxheWHwgfToykjsuRucGXValYt-GH7GIqw
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 1702 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 14:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 14:43:55 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 10 Nov 2022 11:59:51 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
220374
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		341 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
621e7a9010633eb161c9b74eadc45bde15f83750588d8c4418e4b54ffe16acad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1401818
expires
0
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
6e5b63ce9670129b72e251f4f9dbe67d87df8cc162c732c985612ff4b8ef1c75

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 10 Dec 2022 11:59:51 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame D3E3 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
473
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
767e9fdc2e12a88e-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 11:59:51 GMT
expires
Thu, 10 Nov 2022 15:59:51 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame BC20 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
26261
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 10 Nov 2022 11:59:51 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 28 Oct 2022 06:00:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
35, 31249
X-Served-By
cache-lga13626-LGA, cache-mel11273-MEL
X-Timer
S1668081592.734175,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 5CBB 		533 B
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3204ab2ad39117e6e6edca4b8cf442aba5bebe84d2551d2b13a0878e904e5c76

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
325
content-type
text/html
date
Thu, 10 Nov 2022 11:59:51 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 4568 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Nov 2022 11:59:52 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame B87D
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
c13dffe4a7ee42eb598e42476ae8148ff7139c789b737501a16701200aaa6233

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Thu, 10 Nov 2022 11:59:51 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 10 Nov 2022 11:59:51 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame 9F9E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1668081588307
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
5be6d94a1c57ddcf9a15446cb0462d83e6f891adcd37d0c68e063bb736bd986b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1374
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame D6C8 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
63af0192ee2fd131b1b79cf8097cb830e3dc9b29580fb378fa089bf0340adfc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11837
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 11:59:52 GMT
expires
Sat, 12 Nov 2022 11:59:52 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync.html
public.servenobid.com/ Frame 329A 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.109.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-109-114.mad56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
330f76ee720927481e92c4f344a43bdf66af209bb74aad6be1ceaf75092928df

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
38408
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 01:19:45 GMT
etag
W/"3f9fe5e8418a849fb87380af5ee37be6"
last-modified
Tue, 08 Nov 2022 01:16:39 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 e84a6c755668cfbaee2f9aecc0d7ec36.cloudfront.net (CloudFront)
x-amz-cf-id
r3UPM1wyUBTIhAxfeXPlHbjD8_Fvn7ZZCndQouphhpGd5Kc57hcOOA==
x-amz-cf-pop
MAD56-P2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b53fbd2f-551a-488c-a424-2e86d2c8da6f
x-amz-meta-codebuild-content-md5
1392d0a0af229d92a17f00e1ea0d9335
x-amz-meta-codebuild-content-sha256
ebfa1f961263d3afe7dd71dd9b123dfd9a7fb454041f01580b85f67111a14543
x-cache
Hit from cloudfront
shopping
encrypted-tbn0.gstatic.com/ Frame 4FFB 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSptl2HqAlaYXS_6Qs4UfIa5Nz7oWiP4N49Q4IY2IHJQbbFvBZyJxA8U1zlAg&usqp=CAI
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f101.1e100.net
Software
sffe /
Resource Hash
4c64dbc02e2995030212280c7de9d5c748e3239427a5f3fa1b8578f195e47db6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 17:58:57 GMT
x-content-type-options
nosniff
age
64854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29208
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 01:34:49 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 09 Nov 2023 17:58:57 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 4FFB 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSZcEWZJK58OpkNfaxtcdYK4Rx42DYVXyT78oh5Rqr6DrTUJlhbFz4rln7Nid4&usqp=CAI
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f102.1e100.net
Software
sffe /
Resource Hash
0ab416c95199e325861b98ac0e2fd955c062d2b3e14eec5c5caffb4cd430c3b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 09:25:47 GMT
x-content-type-options
nosniff
age
9244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29809
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 02:04:38 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 10 Nov 2023 09:25:47 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 872F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_JHvIKxy64B26ayr9ibtC8jsSWXJM0geZRuC7FtitJPclfmh9Z_v-6j2PUXpZg1P5JT_mG_Yexxx4ciQr5vSiK72wI9m972QNImEpZJvp5icitLsiVYp3FppjWtblpsehQPvsxZj4YcPNd3ik_7m8A2x5if_WDBmMozn3TjDdsqPTiMEhT7e4B9lWysGH4mCAPCmoyVMy6MmIlMjaokh46nC9xYV1I817j2ABcDAnHSTtL8tFJ69kaEvwlFYkqxluPgR-fu55isA8wFiTibUP4COiva5jla_GrsJCvuUDSmV_TAugd5FrzEgOAIDKNbKtKuUXGcyquo8Umh7UDZ6AEqZmdsDXqxm4v5NkrGaaX0p4Q02L9uZ4IQysNou1pZLuRXEPKoF1jkloqIWmyRpKVmkou3jJ_cAB-HaFHEELmXlVJSQ9HUmHhauPhcmmNS8RC42WPsjbhxkGIosDmqvM9vyetqlgToo5FRd0Hr4B4kRgu4TChx7LRvmi8uHHgo7OSlxwmZPjxiBGtrZ1XzmYtUmMQw3FFq2eAUcmcfGd5zjoSRgZQmzaUwG8_Bxw7rBSnPTwRbDN_IiQDNuSo4cZgXVntjhe5yvDf2-ENY89gP_8P5NCx3dbYX842pDnbGS-t5R1bwh254jyNZaGkDk2cc9BvzTydi91p5WkpTB_A3hBKRNCSzNs5_v-enxRWbeMrnTxbwVjPYtEIs4nANOOEeYIczVWmiiQJ85O1T-TvsEEDiHcBMo-HobNQK8xIC-M4rnyjixt3pmOOMizaX-up9PpTwIMbJDlpLj2zXbcZS_ar1YCQP2wqNe3Hy9Ehp2nSluN87YI6BAuPDt9eToPZ5We4tc-C78HWtxoK_-u-ODaFgeW5bbZIso1q_pu3pNh3lJD0_MVrKzI686bpr4dMbmn523g0illqXVLLcgP2A_pktQ4QxKTmNvBdgT5FlRrIIbd-t7kITV5CP6SWCtABQ_xCDMpbUCMaSwcXcxt6XBjUdUz0FPycI6A9YrquEMSMDRpfTYV2DjFuavmINsVr2LwA2BkgSrCZRCTdsSBXwY4S3zsDM3b8ocasnIkkAZyTyOQtbCcwQECsRIWV0606QWSLLdXvo4WmSEkLsoZUiUm9ZT3-rRShfM&sai=AMfl-YQHZDABWPf-bzMh6dNBgoZQ9feGZVCgfWtrkrZd8FrJ2nsyfZTP08H553SJpjaN1ZKeozuyHhgQU2TbbRWgRoQbu6z09M2xyph2hvI-tSjueJL_24yLEzad8Eq6yEw3Qy673uEUD2z5f5G6TNuOD_OQTDV4jJ4NO9V_xZvPS0_UihtKZK6Rpj7QABtTQKOW0KQESU2KnfuPEY4EbkY&sig=Cg0ArKJSzG2fFUUaUGAQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1056&cbvp=1&cisv=r20221108.66086&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 10 Nov 2022 11:59:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 10 Nov 2022 11:59:52 GMT
3842508833519743812
s0.2mdn.net/simgad/ Frame 872F 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3842508833519743812
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
7509a54fe5d827f469ccfedc968dffe35d21215a8323b4e954948b3fa4e5bace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 07:52:49 GMT
x-content-type-options
nosniff
age
187622
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26622
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 06:23:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 07:52:49 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 4FFB 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRW5sP-8peHozhv9f10gp3p5-dsMAOaWjTtl39hDDB_npW0ZBujcAGnATjKLbc&usqp=CAI
Requested by
Host: de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f102.1e100.net
Software
sffe /
Resource Hash
719ea747db8c1745533e9c64c78c9bf541073487fd61dba1b18c5f16d5f17088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 09:25:47 GMT
x-content-type-options
nosniff
age
9244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40783
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 13:37:31 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 10 Nov 2023 09:25:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1702 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMqNvtudsY5O0BIqeoAPIj4TQDQAAAAA4AeAEAg&bg=!6uml6a3NAAbvMpMzzzI7ACkAdvg8WoVVsKRTK816y4Lbzd-0DgXwr1t_jClTXnU4Mxrw-dbe_Qe3cgIAAABdUgAAAAJoAQcKADnykeygBJqC7_WB5NQ5xb7B2xk7SS4rlbZVEQdvvwmDfW8UXICVccU1RV3SmT7c7DdOd0_flqwqe9aZAzbwm2GErGdsWlGNdKGYHnfiGzBODkTUYp_bV9uj5jdAMDztUYZgh6q6b8NPi7CNGS2dhbH3ERKJdXeRH-CGm7vdgKrgYaaQmVFs5Y0XbsTV0_IeS6q-tLY4cU_imvZn-rTXQsYJa51ohynMwOKDEWPsoTJ3UbzjjmygguK0q1tEAzslYRjg-dq2w88840tBFxGW7Ix4M25Bib5-ie0Nfluk7xwOfVtXpGZcFh3fORf48c7OERHeF5HJaMQCXyxJA14sbobxsYSUP22zYPizg1A-9RpLNbfgW4IponkDcMZwo9yD9KC1zLRRGPsP-SUYwUgXglRTrjxZlbaIDpR5db6_bCY_RXhBGXHgOdju2D7zZTmob_x7qL97qE99bHPYd-Ee-5G25jhZ7VPDoG9EeL8uZ21V-z-G5mn8QmQRt5qt7RHfXBys3-aNnfllkK16gP9Kn2XpxOvZjlx7eBa9_KnxHFr7xKPGVzSZVn2ZS8ZaSepRDZJNsH8maRKjLQjdGFfJpCSJk7GmRJqBwpI5nbbf-R3PkvGbOvszxhqdPv2DceuqVs7Fu57H9sZHBGJuQjmbtkRwbzGn_wudP7lM_UoH0jHFWuhZ1y6OtP2HgJwBEzWj1Ye0k5stRUKTqUtvoglhS1Op_YP7gl1ygXEmUUIKrauWjuKErMUwOLG6zDakovSdqwui-v4g8HqLzJB38j1RWRFQWn_HrSUNVzddRUqkIA18_dvcck1T5Rc9qWDKer3VTp--uzn_THMud2wcgz88Sj92ojdBJE2AXiseAcA0av9bDMT_3XkrIAT2VhJ5FSLgVDtmcPfD5BQOdbptGav_r1b_-t2e8S0_oML2FHeZ0yO2zJSdWgfpCFusdXVcQtVP5nZcCsnHn8JaACBwq5NsE9oZnCRFS71zpEuuMc-ozAVykrVqVUXoqJCdcPEN41ISDZYwojQtGLIfA5OZpZtXsY01hd7ffuby8cZC463nA9zysnCl9PE68wyc4AuzEKcKCNYWHQC1Bi3mVhCsnIZp9rM4uY-umAI1EmBJTN3XvaujFQwlsxq8iiO4G-Ek3GHH3mVBt1waht3noDrSzMl3BcmFVdo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588119&bpp=16&bdt=892&idt=624&shv=r20221108&mjsv=m202211070101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=2&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=625213712&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1476&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070762%2C31070786%2C44775016%2C44777181%2C44778509&oid=2&pvsid=3833204497333993&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4t2tcyl2onnb&btvi=1&fsb=1&dtd=643
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5CBB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3086834813664652045&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3086834813664652045&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3086834813664652045&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 5CBB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=24c52c87-2417-7879-f115-7b2f012fb54d&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=24c52c87-2417-7879-f115-7b2f012fb54d&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&ttd_puid=24c52c87-2417-7879-f115-7b2f012fb54d&gdpr=0&gdpr_consent=
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&ttd_puid=24c52c87-2417-7879-f115-7b2f012fb54d&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&ttd_puid=24c52c87-2417-7879-f115-7b2f012fb54d&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 5CBB
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2znt8Co5ugAAP59RpwAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2znt8Co5ugAAP59RpwAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 10 Nov 2022 11:59:51 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":35,"gdpr":false,"ipv4":"116.90.74.196","key":"Y2znt8Co5ugAAP59RpwAAAAA","privacy_sensitive":false,"uid":"Y2znt8Co5ugAAP59RpwAAAAA","upstream_id":"a-ad40123"}
X-SO-Key
Y2znt8Co5ugAAP59RpwAAAAA
X-SO-Upstream-ID
a-ad40123
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40123.dc2p.scaleout.jp
X-SO-UID
Y2znt8Co5ugAAP59RpwAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
116.90.74.196
X-SO-Cluster-ID
35
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2znt8Co5ugAAP59RpwAAAAA
Cache-Control
private
X-SO-Ads-Time
4
X-SO-LB-Hostname
a-tgng40017.dc2p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame 5CBB
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVXjHOzSOeL3ks8ADv76QE3QyM8AAAGEYWko6A
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVXjHOzSOeL3ks8ADv76QE3QyM8AAAGEYWko6A
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
via
1.1 80432223a109fcf584967597d286e714.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVXjHOzSOeL3ks8ADv76QE3QyM8AAAGEYWko6A
cache-control
no-cache
content-length
0
x-amz-cf-id
1QyNVzBZUzI74pOEFwsc6jG9lAsPG-oaixtWBWnZ6C9F0rzIq7cO3A==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 5CBB 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDhhYWZmNGQtZWQ2MC0yNmRkLWU0ZjUtMjE5NmNiY2Q3YjJk
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5CBB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDFjlqrmMEaO_rsOTOkI_F8&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDFjlqrmMEaO_rsOTOkI_F8&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDFjlqrmMEaO_rsOTOkI_F8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 9F9E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=9fec636c-e7b6-4900-95eb-292c64b1d1d7&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=9fec636c-e7b6-4900-95eb-292c64b1d1d7&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668081588307
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 11:59:51 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x19 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=9fec636c-e7b6-4900-95eb-292c64b1d1d7&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 11:59:50 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9F9E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668081588307
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 9F9E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5268817596216608719
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5268817596216608719
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668081588307
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 11:59:51 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3b1eee92-404b-415e-bc02-7c3441f212e1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5268817596216608719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9F9E 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=KsfWNq0eKWsQ_q-NtXdkSrv38LGn0-7oklF4tL_ol9k
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668081588307
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9F9E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGFpJr_EvY84Y1jjUU0zYOGOkP-VV0GF6w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGFpJr_EvY84Y1jjUU0zYOGOkP-VV0GF6w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668081588307
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGFpJr_EvY84Y1jjUU0zYOGOkP-VV0GF6w
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 9F9E 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668081588307
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
content-length
0
/
onetag-sys.com/match/ Frame 9F9E
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCLjPs5sGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668081588307
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Thu, 10 Nov 2022 11:59:52 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 9F9E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eaQbPb9yXdK4JcpZRPbBxLhCRzf1x5MW5uP0wW42AVs
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eaQbPb9yXdK4JcpZRPbBxLhCRzf1x5MW5uP0wW42AVs
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668081588307
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BP2J00VSJ9GB2P9FHY6Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eaQbPb9yXdK4JcpZRPbBxLhCRzf1x5MW5uP0wW42AVs
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 9F9E 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668081588307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:16 GMT
content-length
0
/
onetag-sys.com/match/ Frame 9F9E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMH1BFQdQGohpwm8tkW6CAs&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMH1BFQdQGohpwm8tkW6CAs&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668081588307
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMH1BFQdQGohpwm8tkW6CAs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 9F9E 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668081588307
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 9F9E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668081588307
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame 9F9E 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668081588307
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usermatch
ssum-sec.casalemedia.com/ Frame E210 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b0cf53328e722c6397792a5b5db725ce7416d9e17895a0e457f41c256ad584b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
767e9fdd3f1cfb94-AKL
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 11:59:52 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2yq9VN%2BvVyoo2Oy86YE6mz2ma%2BLCiXOLaW%2FX69zzDhWcvm%2FUkEA1b%2FXd782rsbLTHMPRJRTNyhj79K7w7GH9mmWI9mhbQ%2FkKmD9AbxmufvjYY8Zhtlke3WFgRCHvONaEf%2BWn5iubKgQ%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
xuid
eb2.3lift.com/ Frame B87D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 11:59:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame B87D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzk0MTc3NjU3MjE5NzE4NzUwOTQ4OQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B87D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKXOb8d7kZbVKb6fl2QGC0s&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKXOb8d7kZbVKb6fl2QGC0s&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 11:59:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKXOb8d7kZbVKb6fl2QGC0s&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B87D
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzk0MTc3NjU3MjE5NzE4NzUwOTQ4OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzk0MTc3NjU3MjE5NzE4NzUwOTQ4OQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzk0MTc3NjU3MjE5NzE4NzUwOTQ4OQ%3D%3D
date
Thu, 10 Nov 2022 11:59:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame B87D
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3941776572197187509489&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3941776572197187509489&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a3d9308c-d702-430f-bccc-da6abfdd182b&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a3d9308c-d702-430f-bccc-da6abfdd182b&_noobservation=1&_expected_cookie=044854d...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a3d9308c-d702-430f-bccc-da6abfdd182b&_noobservation=1&_expected_cookie=044854d6e64ba43ed3d2455940739e4e
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.99.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Thu, 10 Nov 2022 11:59:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
767e9fe6deb0a7f5-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a3d9308c-d702-430f-bccc-da6abfdd182b&_noobservation=1&_expected_cookie=044854d6e64ba43ed3d2455940739e4e
date
Thu, 10 Nov 2022 11:59:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
767e9fe52d4ea7f5-SYD
content-length
0
xuid
eb2.3lift.com/ Frame B87D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3941776572197187509489&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d5fd2c13-9351-405b-a8d8-4842d40520de&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=726ed447-99f2-412c-b05e-af3246a31eb6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=726ed447-99f2-412c-b05e-af3246a31eb6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 11:59:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=726ed447-99f2-412c-b05e-af3246a31eb6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 10 Nov 2022 11:59:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame B87D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3941776572197187509489?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-rzECfdlE2oSt7m9uD7ZG5bTb9TkfDvnPxJiJ9WzIDg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-rzECfdlE2oSt7m9uD7ZG5bTb9TkfDvnPxJiJ9WzIDg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 11:59:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 10 Nov 2022 11:59:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-rzECfdlE2oSt7m9uD7ZG5bTb9TkfDvnPxJiJ9WzIDg--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame B87D
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3941776572197187509489
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3941776572197187509489&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3941776572197187509489&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7S9S8HSDHP7NYZ10DAJG
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3941776572197187509489&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame B87D 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3941776572197187509489&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:51 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 55595129AC1E45BAB4076753E06B095A Ref B: SYD03EDGE1416 Ref C: 2022-11-10T11:59:52Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame B87D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5268817596216608719&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=5268817596216608719&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 11:59:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Thu, 10 Nov 2022 11:59:52 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b03babd1-e9dc-4d70-b021-96fba4fc6820
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=5268817596216608719&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame BC20 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:52 GMT
AN-X-Request-Uuid
ba123ba0-2614-4cf2-ba40-0c5c14eae845
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1A82 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 01:45:16 GMT
x-content-type-options
nosniff
age
209676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 01:45:16 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1A82 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 11:07:40 GMT
x-content-type-options
nosniff
age
521532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Nov 2023 11:07:40 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1A82 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 16:52:01 GMT
x-content-type-options
nosniff
age
241671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 16:52:01 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1297 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
902f26762d256f720fea716e5230283bafb31ae50b5a7f2309ef0c7160b3912d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12466
x-xss-protection
0
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 0BCE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668081588&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668081588211&bpp=13&bdt=1116&idt=603&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=363639041706&frm=23&ife=1&pv=1&ga_vid=1833622361.1668081588&ga_sid=1668081589&ga_hid=1496115849&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2943784889&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773614%2C31070722%2C44770880%2C44775016%2C31070369%2C31065825&oid=2&pvsid=2164425293010798&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w0szxnkwwom2&fsb=1&dtd=619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 14:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 14:43:55 GMT
all
csm.as.criteo.net/ Frame 91D9 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=hiV9xyyYSBah6BrTvj0J7W8Dt3G9jeezatLgUxMZQZtggU24LHPrHRmd9sqoB6hhJ4jDE2DTkyNQ4sWjpwVQ-JxuZSyR4746qNfGaKGltsReSdD13wJ2r91Z8anjrg8TqO5LeFx-4wXaZ6boggFBxwxjaVFUSbJhS43mQgiS3WQqTWYMJvnoODBGn9nZhgC4Ws4oh4IFpKv-tRoBnw1_J6mIlBtpU4iaG_PzrleZQa0jzx0kpqzPO_kRN3GSHTywUuTYx6Aa8tQ3gC74&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2zntAAIGkkKj0kGAA6rKhLZqZFc6tRkFOtANA&u=%7CHRbaPH6f5d45oAy1h3qDaLcmHnRbQ9a446OnUtxfhwg%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1Tggr41hsii2dYHL6fU9m8luMN66dCpTP3RFN525DY9X-CW85RQNkw1NpGOGSLyOMjhDkydMSDnyzJnM_ro77ki1syb5HUGlX2kft87F6ITv4AtiOVedlepic33HaR0ASZtarqADD-xBy8EgEo4TDYWbYpc3nQkEyRFCEMOTBu_aJI_8Ye__v0HU50g7inVhasXEo-kXgbhBMhtL6tJAH4pZQuuNoz2L-es1CFQwa4uwqdO4OX0XBOHDPw8X4olDHQN0z8SHYSq7UDC-BgvVm9Q0SsuZRAkByDO7efllOopNMNe1lm63U_o4CHkqOnHhmIDBHIXdr8J5fzCRn0bi_yrNrNhpexgrea9SbJJkXH24nwjCmcbGce8kURKtba9E8zZzGrEpTGVFX5Y9-w5Is55QWTaloP1BWIfWwUmNcsViOwSAc9mmyDyrawbBU1JM9glpdKG10j73DGupBQEk8q7ZP7K3eFu1BSwM1lgJwge0UchGfHLr7ieDWd97BeibC7HI5WRA7F56QKLoDWXFMdtDSXGBA3PWz&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCArPvtOdsY8m0IIaSvQSq1rrACpj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAkonjNRviaU-4AIAqAMBqgS0Ak_Qzah5VoYskWPlztLbMhXjFBdsxA0i9LLB9cHd35Kcwk-SwqpzEC8c-7fYvfFsOrjEgBECJDPkF9Y-DJI_UKPcWjc7VccKeuMpZ3stgCXMbbuc2XkRRchVLqIkkM04NvdIgRkfsFim2WKz0uANvG236YGA0J62zeF8OpZZeL5YZ5pMcXvhgPY5xiXPaXkNSzHFxgJqKvQp6euKaj3pnn9BN9RG0YHJgtepE1Yjs6DtIdeDbRuD1o_GOlFR95yD6d0vm_6YZWlRYpuQC_pQmbFpV5ksUID_etsUZIZ6xYxEFJ3NRP0suZ9wq5CP_ED7mXIg4Tnx0pDUnPajbCul05GKcXjEUz1jrb8ckOs2Sz5LOrTborpjO9lnG1Lrp0_EJR-QG736z3yWfkb6C93jEudyQyfX4AQBgAbGleeN3crxqugBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XTBCTk8hgQW34ijV81TFJPwnLmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 11:59:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1297 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 11:59:54 GMT
usync.js
eus.rubiconproject.com/ Frame 4568 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9c04ce2b767d6acaca434f12b6d6486c4339fd21e3c5c883ad83ff2bf2246372

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 03:23:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55430
Connection
keep-alive
Content-Length
9884
Expires
Fri, 11 Nov 2022 03:23:42 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E210
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED9OupTgtWk7fqBkhmkimSU&google_cver=1
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED9OupTgtWk7fqBkhmkimSU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7xVKV1ZbyOt2mg83J%2FRR195vKqMzInxptMiMUqZEY4a%2BDsDv0RKVaGwzNP2ILrArECh3UJQsgjy%2FGFEeuUk9LP0v%2FT599tlBdDxJhLETdds%2BuaLCIJ%2B83h%2FizPfH4OV2l%2FeXdS1M3Hl0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
767e9fe13979fb94-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED9OupTgtWk7fqBkhmkimSU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E210
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1VYMHX9F2X1FGA41DNHE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CNYK5KM36E87EXXET648
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E210
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&expiration=1670673592&gdpr=0&gdpr_consent=
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&expiration=1670673592&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&expiration=1670673592&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame E210
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5268817596216608719
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5268817596216608719
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 10 Nov 2022 11:59:53 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
46d03631-e1a7-4a9f-961c-f2206fff6bb8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5268817596216608719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E210
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=M3T2fVLYPT3xfyum3JlZ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TJTKQZGM...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=M3T2fVLYPT3xfyum3JlZ
0
0
crum
dsum.casalemedia.com/ Frame E210
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5268817596216608719
43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5268817596216608719
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37TC4H%2BejPPKTALNbGb61SQ%2FY3otAiVBTAoYSx1uzN0sTHB7NlWvuH%2BomvYn%2FT%2FAQdwF%2Fa24V4TxhptfxcPXEgxqgrLNikEgi9Sc04o468Pt0Dpw6tHvGGkqWlmxRK1hldgiMSKI"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
767e9fe539fcee96-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Thu, 10 Nov 2022 11:59:52 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3959cca0-9e2a-433d-a63e-d79216a70431
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5268817596216608719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us.php
gu.dyntrk.com/adx/ie/ Frame E210 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.106.69.72 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
rum
dsum-sec.casalemedia.com/ Frame E210
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y2zntwAHCQ8i2QAO
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y2zntwAHCQ8i2QAO
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-mel11237-MEL
pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668081592.350320,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y2zntwAHCQ8i2QAO
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame E210 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y2zntpX8d22C7tHk7dTWjAAA%264894
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:52 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
48616
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
767e9fe1fe02aaff-SYD
content-length
43
expires
Fri, 11 Nov 2022 11:59:52 GMT
sync
gum.criteo.com/ Frame D6C8 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
765291
expires
60
usync.html
eus.rubiconproject.com/ Frame A95E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Nov 2022 11:59:53 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 10 Nov 2022 11:59:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame B076
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Drkt%26refUrl%3D%26vid%3D808159223431108319174436760...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3110831917443676000V10&type=rkt&refUrl=&vid=80815922343110831917443676000V10&ovsid=1972928490934502827
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3110831917443676000V10&type=rkt&refUrl=&vid=80815922343110831917443676000V10&ovsid=1972928490934502827
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Thu, 10 Nov 2022 11:59:54 GMT
expires
Thu, 10 Nov 2022 11:59:54 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 10 Nov 2022 11:59:53 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3110831917443676000V10&type=rkt&refUrl=&vid=80815922343110831917443676000V10&ovsid=1972928490934502827
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C38E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.217.19 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-217-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=92661
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 11:59:52 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 11 Nov 2022 13:44:13 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame D6C8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dapx%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110831917443676000V10&type=apx&refUrl=&vid=80815922343110831917443676000V10&ovsid=5268817596216608719
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3110831917443676000V10&type=apx&refUrl=&vid=80815922343110831917443676000V10&ovsid=5268817596216608719
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 11:59:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 11:59:52 GMT

Redirect headers

Date
Thu, 10 Nov 2022 11:59:52 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bbd5c4db-c36b-421a-bb68-0e0e9e373230
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3110831917443676000V10&type=apx&refUrl=&vid=80815922343110831917443676000V10&ovsid=5268817596216608719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame D6C8
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3110831917443676...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3110831917443676000V10&type=opx&refUrl=&vid=80815922343110831917443676000V10&ovsid=ece94518-8f17-4299-925a-0541b3c02791
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3110831917443676000V10&type=opx&refUrl=&vid=80815922343110831917443676000V10&ovsid=ece94518-8f17-4299-925a-0541b3c02791
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 11:59:52 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 11:59:52 GMT

Redirect headers

date
Thu, 10 Nov 2022 11:59:52 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3110831917443676000V10&type=opx&refUrl=&vid=80815922343110831917443676000V10&ovsid=ece94518-8f17-4299-925a-0541b3c02791
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame D6C8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dmma%26refUrl%3D%26vid%3D808159223431108319174436...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110831917443676000V10&type=mma&refUrl=&vid=80815922343110831917443676000V10&ovsid=9fec636c-e7b6-4900-95eb-292c64b1d1d7
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3110831917443676000V10&type=mma&refUrl=&vid=80815922343110831917443676000V10&ovsid=9fec636c-e7b6-4900-95eb-292c64b1d1d7
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 11:59:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 11:59:52 GMT

Redirect headers

Date
Thu, 10 Nov 2022 11:59:52 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x19 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3110831917443676000V10&type=mma&refUrl=&vid=80815922343110831917443676000V10&ovsid=9fec636c-e7b6-4900-95eb-292c64b1d1d7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 11:59:51 GMT
RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004
sync.targeting.unrulymedia.com/csync/ Frame D6C8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dr1%26refUrl%3D%26vid%3D80815922343110831917...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dr1%26refUrl%3D%26vid%3D80815922343110...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=226185385
  • https://sync.1rx.io/usersync/tradedesk/86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d
  • https://sync.targeting.unrulymedia.com/csync/RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dr1%2...
0
0
cksync.php
contextual.media.net/ Frame D6C8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80815922343110831917443...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80815922343110831...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110831917443676000V10&type=dxu&refUrl=&vid=80815922343110831917443676000V10&ovsid=S4TmoWoO1OT6dP5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3110831917443676000V10&type=dxu&refUrl=&vid=80815922343110831917443676000V10&ovsid=S4TmoWoO1OT6dP5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 11:59:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 11:59:53 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:52 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0be4466892d3f37f0@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3110831917443676000V10&type=dxu&refUrl=&vid=80815922343110831917443676000V10&ovsid=S4TmoWoO1OT6dP5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame D6C8 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
282056
expires
Thu, 10 Nov 2022 00:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame D6C8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=726ed447-99f2-412c-b05e-af3246a31eb6&ssp=medianet&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522238326756569765&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522238326756569765&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=755914e5-0f48-4956-8b26-13cf51e1f6b0&ssp=medianet&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522238326756569765&ssp=medianet&gdpr=0&gdpr_consent=
0
0
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame D6C8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dzem%26refUrl%3D%26vid%3D80815922343110831917443676...
  • https://stags.bluekai.com/site/23178?id=QQl5j8PC9D2QFXCkfpjq&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKRKFWDK2RYKBBTSRBSKFDFQQ3LMZYGU...
0
0
cksync.php
contextual.media.net/ Frame D6C8
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3110831917443676000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3110831917443676000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=fd967afe-d045-48c6-92de-17bc98f44411&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=fd967afe-d045-48c6-92de-17bc98f44411&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 11:59:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 11:59:54 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=fd967afe-d045-48c6-92de-17bc98f44411&cs=1
Date
Thu, 10 Nov 2022 11:59:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame D6C8 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Demx%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.238.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-238-86.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame D6C8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:52 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Thu, 10 Nov 2022 11:59:52 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
sodar
pagead2.googlesyndication.com/getconfig/ Frame 598E 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/show_ads_impl_fy2021.js?bust=31070786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9adf576ddd0442b6a67f51585018b423f7548df921fee9591b06f76b453593bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12513
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 872F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_JHvIKxy64B26ayr9ibtC8jsSWXJM0geZRuC7FtitJPclfmh9Z_v-6j2PUXpZg1P5JT_mG_Yexxx4ciQr5vSiK72wI9m972QNImEpZJvp5icitLsiVYp3FppjWtblpsehQPvsxZj4YcPNd3ik_7m8A2x5if_WDBmMozn3TjDdsqPTiMEhT7e4B9lWysGH4mCAPCmoyVMy6MmIlMjaokh46nC9xYV1I817j2ABcDAnHSTtL8tFJ69kaEvwlFYkqxluPgR-fu55isA8wFiTibUP4COiva5jla_GrsJCvuUDSmV_TAugd5FrzEgOAIDKNbKtKuUXGcyquo8Umh7UDZ6AEqZmdsDXqxm4v5NkrGaaX0p4Q02L9uZ4IQysNou1pZLuRXEPKoF1jkloqIWmyRpKVmkou3jJ_cAB-HaFHEELmXlVJSQ9HUmHhauPhcmmNS8RC42WPsjbhxkGIosDmqvM9vyetqlgToo5FRd0Hr4B4kRgu4TChx7LRvmi8uHHgo7OSlxwmZPjxiBGtrZ1XzmYtUmMQw3FFq2eAUcmcfGd5zjoSRgZQmzaUwG8_Bxw7rBSnPTwRbDN_IiQDNuSo4cZgXVntjhe5yvDf2-ENY89gP_8P5NCx3dbYX842pDnbGS-t5R1bwh254jyNZaGkDk2cc9BvzTydi91p5WkpTB_A3hBKRNCSzNs5_v-enxRWbeMrnTxbwVjPYtEIs4nANOOEeYIczVWmiiQJ85O1T-TvsEEDiHcBMo-HobNQK8xIC-M4rnyjixt3pmOOMizaX-up9PpTwIMbJDlpLj2zXbcZS_ar1YCQP2wqNe3Hy9Ehp2nSluN87YI6BAuPDt9eToPZ5We4tc-C78HWtxoK_-u-ODaFgeW5bbZIso1q_pu3pNh3lJD0_MVrKzI686bpr4dMbmn523g0illqXVLLcgP2A_pktQ4QxKTmNvBdgT5FlRrIIbd-t7kITV5CP6SWCtABQ_xCDMpbUCMaSwcXcxt6XBjUdUz0FPycI6A9YrquEMSMDRpfTYV2DjFuavmINsVr2LwA2BkgSrCZRCTdsSBXwY4S3zsDM3b8ocasnIkkAZyTyOQtbCcwQECsRIWV0606QWSLLdXvo4WmSEkLsoZUiUm9ZT3-rRShfM&sai=AMfl-YQHZDABWPf-bzMh6dNBgoZQ9feGZVCgfWtrkrZd8FrJ2nsyfZTP08H553SJpjaN1ZKeozuyHhgQU2TbbRWgRoQbu6z09M2xyph2hvI-tSjueJL_24yLEzad8Eq6yEw3Qy673uEUD2z5f5G6TNuOD_OQTDV4jJ4NO9V_xZvPS0_UihtKZK6Rpj7QABtTQKOW0KQESU2KnfuPEY4EbkY&sig=Cg0ArKJSzG2fFUUaUGAQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1911&vt=11&dtpt=855&dett=3&cstd=1911&cisv=r20221108.66086&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 10 Nov 2022 11:59:52 GMT
index.html
s0.2mdn.net/sadbundle/11279563131162724535/ Frame B52B 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
c699dae460d201dbfdf3a850a83c2cd9c41d0eb96873bdefe263808f531794d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
134938
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3551
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 22:30:54 GMT
expires
Wed, 08 Nov 2023 22:30:54 GMT
last-modified
Tue, 01 Nov 2022 06:23:49 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6D95 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuk_1dF2tOCz9ZIkWKW-FNdjoQihwBabIDtRCwnqChiClv7vXdnVeaS7dcGzrog8IJ7Sh0-barzM3zku2JT6uwrwKqvZiqkbqC9Iy1Hcm0ddn39M0WNEwwtfLAeigkP-i-xBug&sai=AMfl-YSsPLAZgUl7wSReWDn_FNmqqj-YD0Zjg69bOyllO4xDGGrkJsKVZVnJIv3c4vf2Zmexzav1x2nJF_93Im-seS_eu4Z3qM5boWLz_Rc8CLAG3YAjmorHjD30acpncw&sig=Cg0ArKJSzON35ClSGESFEAE&cid=CAQSOwDq26N9HNW44CzpZTSqc_TntLnjq-M8IJg28VUFMDTzFyiEZCqo2HtbinccDZfqKvYjco_ORxjmODjLGAEgEw&id=lidar2&mcvt=1000&p=60,450,314,750&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221109&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668081589022&rpt=2358&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c5cbe82c0ad4e8aa26b22fa10c5f7f96.js
s0.2mdn.net/sadbundle/11279563131162724535/ Frame B52B 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11279563131162724535/c5cbe82c0ad4e8aa26b22fa10c5f7f96.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
01b4f51cb4adacf39e490eb0b247798243ec108fe29d41f9858ddbdd40a7452a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 22:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134937
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16328
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 06:23:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 22:30:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 598E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211070101/show_ads_impl_fy2021.js?bust=31070786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 11:59:54 GMT
pixel
cm.g.doubleclick.net/ Frame 4568
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCMFBJRUYtMU8tTFE0RA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCMFBJRUYtMU8tTFE0RA==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCMFBJRUYtMU8tTFE0RA==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4568
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAYMdpTumuSa0lSlg9R4--Q&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAYMdpTumuSa0lSlg9R4--Q&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAYMdpTumuSa0lSlg9R4--Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4568
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzgwYmFmYjUwNmQ0NTlmZGQyNDBiNDE5ZDUyMmUwYzgxNTc1ZTJmOA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzgwYmFmYjUwNmQ0NTlmZGQyNDBiNDE5ZDUyMmUwYzgxNTc1ZTJmOA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzgwYmFmYjUwNmQ0NTlmZGQyNDBiNDE5ZDUyMmUwYzgxNTc1ZTJmOA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 4568
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAB0PIEF-1O-LQ4D
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAB0PIEF-1O-LQ4D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 28080CDB8EB340DC8A2C1F302FD80D1A Ref B: SYD03EDGE0707 Ref C: 2022-11-10T11:59:53Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtHILY4/cEOeTQlFLv0Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAB0PIEF-1O-LQ4D
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4568
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/UTW7Luge3__gnX1IkzRGRsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5558392876794673233
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5558392876794673233
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 10 Nov 2022 11:59:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5558392876794673233
content-length
0
token
pixel.rubiconproject.com/ Frame 4568
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-Mc76GyKTgOjOYtNPtiblA&rk=usync-other
0
0
ecm3
s.amazon-adsystem.com/ Frame 4568
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MFOOH1ibRN6lHH6ujMypIA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MFOOH1ibRN6lHH6ujMypIA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MFOOH1ibRN6lHH6ujMypIA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FYX7BVKHV5PY86XFD01C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MFOOH1ibRN6lHH6ujMypIA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4568
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&gdpr=0&gdpr_consent=&expires=30
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
13926
g2.gumgum.com/usync/ Frame 55A4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.73.244.105 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-244-105.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
452a447ab582c697f34c330864a68dc1cde9a8c096cb4658bf8c871d95bccd47

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 10 Nov 2022 11:59:53 GMT
etag
W/"03e9d8f808e2b88c17463841657c8a7b7"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 95E6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
5354c8c5c5e721837aa49b055959d9b0dbd2c04d2f367dd512f267401538e472
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1398
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame B462 		864 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
5255712642442166414e4cfc6182afcd7bd0ba36f38c467b50b5f572cfc01e6a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
864
content-type
text/html
date
Thu, 10 Nov 2022 11:59:52 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F060 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0c9266540fa62d3de329b74fe53d3c4d3c9e40eb1c504f8841d8bf12bd4091e

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
767e9fe22a08fb94-AKL
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 11:59:52 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLI2%2F5UfYBn1dliKI8Ml1a469%2B5Z3n7XgjWOaNtWA3kABrRPyE0DEBMGvVVYDC7tvxZylqttT5d0ClbgnZj4C7SnlhFROv2R61Y%2B6IiSFdlni4gZ65UrGLPRWEwzymKnb0P0FrF4sp6PLg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0706
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Nov 2022 11:59:53 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 10 Nov 2022 11:59:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8DB6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.217.19 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-217-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=92661
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 11:59:52 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 11 Nov 2022 13:44:13 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame 329A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=5268817596216608719
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=5268817596216608719
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Thu, 10 Nov 2022 11:59:52 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cf720293-701c-4f00-b606-dbebe9ce1565
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=5268817596216608719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 329A
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FoLPERZHj52U3WTTTNanIO2H
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FoLPERZHj52U3WTTTNanIO2H
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:53 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FoLPERZHj52U3WTTTNanIO2H
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 329A
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FoLPDLZH3bsTBgKSQQuqr85R
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FoLPDLZH3bsTBgKSQQuqr85R
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Thu, 10 Nov 2022 11:59:53 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FoLPDLZH3bsTBgKSQQuqr85R
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004
sync.targeting.unrulymedia.com/csync/ Frame 329A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1668081593145
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3323676669
  • https://sync.1rx.io/usersync/tradedesk/86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d
  • https://sync.targeting.unrulymedia.com/csync/RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dr1%2...
0
0
sync
ads.servenobid.com/ Frame 329A
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1917759394694553746
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1917759394694553746
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:54 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1917759394694553746
Date
Thu, 10 Nov 2022 11:59:53 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 329A 		0
0
getuid
eb2.3lift.com/ Frame 329A
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3866%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D22d39604-5410-4628-b3e4-bafb6793a5fd%26bidder%3Dappnexus%26cbx%3...
  • https://prebid.a-mo.net/cchain/0/3866?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=22d39604-5410-4628-b3e4-bafb6793a5fd&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&...
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3866%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D22d39604-5410-4628-b3e4-bafb6793a5fd%26bidder%3Dtriplelif...
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3866%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D22d39604-5410-4628-b3e4-bafb6793a5fd%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3866%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D22d39604-5410-4628-b3e4-bafb6793a5fd%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
date
Thu, 10 Nov 2022 11:59:53 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 329A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-E7dFAwNE2uFFxx5Kp2MqS9KvZfGrXG6zkSIUWT4-~A
0
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-E7dFAwNE2uFFxx5Kp2MqS9KvZfGrXG6zkSIUWT4-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-E7dFAwNE2uFFxx5Kp2MqS9KvZfGrXG6zkSIUWT4-~A
date
Thu, 10 Nov 2022 11:59:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
22053
prebid.a-mo.net/cchain/1/ Frame 329A
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUqU2h0dHBzOi8vYWRz...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F22053%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D22d396...
  • https://prebid.a-mo.net/cchain/1/22053?gdpr=0&gdpr_consent=&us_privacy=&A=22d39604-5410-4628-b3e4-bafb6793a5fd&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB6W...
0
0
sync
ads.servenobid.com/ Frame 329A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-E7dFAwNE2uFFxx5Kp2MqS9KvZfGrXG6zkSIUWT4-~A
0
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-E7dFAwNE2uFFxx5Kp2MqS9KvZfGrXG6zkSIUWT4-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-E7dFAwNE2uFFxx5Kp2MqS9KvZfGrXG6zkSIUWT4-~A
date
Thu, 10 Nov 2022 11:59:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
activeview
pagead2.googlesyndication.com/pcs/ Frame EB8A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOSxMXTRFbOpY_PvQj8uIKwRa2kY4WGkLNnQzeTb4Nion2tZiH1j3GW3OAJURx7UML_lOv0tUKgPoK2ZKdMqFCYJje&sig=Cg0ArKJSzMt1-NY7qu8sEAE&cid=CAASFeRouCDjCu1zaqmk_BgEK6GMtxQyOQ&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668081589059&rpt=2690&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A65F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth46TNBKO8-2Qlnhj--T_rbUdN1fwmXHPAbn2BZ29vJGs0a7WpUE-iZGtZot9uC9zHXt1ijB2WLk5VpDnqdV4P_Ei4CIHk9iNyN3o3-DAia6goGy1k6F35FOURxBez8U6WpYA&sai=AMfl-YTPTrSXZHrArUcEhhCI7cVyMFs_g4Vmsfj2CTHRJa4DADBbvjYv47geftk3Gxqj1bupx1au_G-dUzxXUlHVD_DOfxS8ld6HQx8uerlgm_pxbLQlE9Sr8L0gGmEOLg&sig=Cg0ArKJSzB7cgeKd_4SmEAE&cid=CAQSOwDq26N9HNW44CzpZTSqc_TntLnjq-M8IJg28VUFMDTzFyiEZCqo2HtbinccDZfqKvYjco_ORxjmODjLGAEgEw&id=lidar2&mcvt=1004&p=1110,436,1200,1164&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20221109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668081589052&rpt=2681&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
63464a0721a1851b79d844e2e2413b78.jpg
s0.2mdn.net/sadbundle/11279563131162724535/media/ Frame B52B 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11279563131162724535/media/63464a0721a1851b79d844e2e2413b78.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
64ee123f451321843d5f59ffd8859851b94703f219cf64708becea73171e7d25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 22:30:55 GMT
x-content-type-options
nosniff
age
134937
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26265
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 06:23:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 22:30:55 GMT
0dace56df84f76cd75a49561faa7141b.jpg
s0.2mdn.net/sadbundle/11279563131162724535/media/ Frame B52B 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11279563131162724535/media/0dace56df84f76cd75a49561faa7141b.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
2a0031d8e25051911b2fd368ca9766d16c003b8ed9f55a18a6d9a82b5f5c255c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 22:30:55 GMT
x-content-type-options
nosniff
age
134937
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24070
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 06:23:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 22:30:55 GMT
13d16310de2f9fe80c2a2d57a1db6082.jpg
s0.2mdn.net/sadbundle/11279563131162724535/media/ Frame B52B 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11279563131162724535/media/13d16310de2f9fe80c2a2d57a1db6082.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
32ed70d61b938655576f2f31d071f9718cc672efbb416ba69bb30f24eaf5ce9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 22:30:55 GMT
x-content-type-options
nosniff
age
134937
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19135
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 06:23:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 22:30:55 GMT
aaac52e52237af1ebf671778d845534e.jpg
s0.2mdn.net/sadbundle/11279563131162724535/media/ Frame B52B 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11279563131162724535/media/aaac52e52237af1ebf671778d845534e.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
ef23419b29829ad26bdbac33b6da62422531609065cee2adc0a8d17a001f0393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 22:42:27 GMT
x-content-type-options
nosniff
age
134245
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30242
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 06:23:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 22:42:27 GMT
b0d817eda60f9a21c106ee2f1dcf38ca.jpg
s0.2mdn.net/sadbundle/11279563131162724535/media/ Frame B52B 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11279563131162724535/media/b0d817eda60f9a21c106ee2f1dcf38ca.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
fd2e64384d5cc71927cf81f5573a619ed7ca3a09864a1b8ac9167bbe2b1f6f0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 22:30:56 GMT
x-content-type-options
nosniff
age
134936
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20825
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 06:23:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 22:30:56 GMT
async_usersync
ib.adnxs.com/ Frame BC20 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:53 GMT
AN-X-Request-Uuid
b850a66b-828d-4fc6-9f4a-7120b22f1e3a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A82 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKj6f-sa_ozDWK0vTJcHfzHwmFCSH3gOVASStKJiYdsqSEK3xdOywrpOOPQrZpjdbVzj9f2Wqipo_EmNnf0c0QPON-y0mLH2D4r5MH_kJ5vB0Z2k0CV5DrIg_GRyFbV4-m9OE&sai=AMfl-YSTnYo8TGRLKZY6h90Uul4CBRr2VwA5khHSE5n9dsmOxPzcxpWS6bTBVFaA_R4_cbuYemFNjHvpeP-UTp3kbjkJrR7D2YCb3yA8_w&sig=Cg0ArKJSzFAsCtakJOi4EAE&cid=CAQSKQDq26N9jxlhRzZBG-eiRbIllhNhCHZTvvescksX7wrg_hZu7cZqQfUSGAEgEw&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221109&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2844491747&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668081588832&rpt=3038&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F060 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.186.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-186-111.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F060
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
13.229.186.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-186-111.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB
date
Thu, 10 Nov 2022 11:59:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame F060
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAOVRk7G2c8AACFDjQ7ocA&expiration=1669291194
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAOVRk7G2c8AACFDjQ7ocA&expiration=1669291194
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAOVRk7G2c8AACFDjQ7ocA&expiration=1669291194
Date
Thu, 10 Nov 2022 11:59:54 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame F060
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9fec636c-e7b6-4900-95eb-292c64b1d1d7
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9fec636c-e7b6-4900-95eb-292c64b1d1d7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 10 Nov 2022 11:59:53 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x2 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9fec636c-e7b6-4900-95eb-292c64b1d1d7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 11:59:52 GMT
rum
dsum-sec.casalemedia.com/ Frame F060
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=TEss4x9PeLNXHHm0H0834UNAeeNXGy25Hx7dbk1v
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=TEss4x9PeLNXHHm0H0834UNAeeNXGy25Hx7dbk1v
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=TEss4x9PeLNXHHm0H0834UNAeeNXGy25Hx7dbk1v
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F060
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3086834813664652045
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3086834813664652045
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3086834813664652045
pragma
no-cache
date
Thu, 10 Nov 2022 11:59:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame F060
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=085b220419038e9163f4f0cb&expiration=[EXPIRATION]
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=085b220419038e9163f4f0cb&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=085b220419038e9163f4f0cb&expiration=[EXPIRATION]
date
Thu, 10 Nov 2022 11:59:54 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
dcm
s.amazon-adsystem.com/ Frame F060
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C63QS4K4HDJG56HKVXNZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W82PK08YDWRY22VY10ZZ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.servenobid.com/ Frame F060 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
cm.g.doubleclick.net/ Frame 95E6
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGFpK3oBvIlqBfqMeqUoqStqSPdgASIv9w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGFpK3oBvIlqBfqMeqUoqStqSPdgASIv9w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGFpK3oBvIlqBfqMeqUoqStqSPdgASIv9w
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 95E6 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame 95E6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=9fec636c-e7b6-4900-95eb-292c64b1d1d7&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=9fec636c-e7b6-4900-95eb-292c64b1d1d7&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 11:59:53 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x8 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=9fec636c-e7b6-4900-95eb-292c64b1d1d7&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 11:59:52 GMT
/
onetag-sys.com/match/ Frame 95E6
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LAB0PIEF-1O-LQ4D&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LAB0PIEF-1O-LQ4D&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LAB0PIEF-1O-LQ4D&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
/
onetag-sys.com/match/ Frame 95E6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5268817596216608719
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5268817596216608719
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 11:59:53 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
044909a4-a66b-4890-945b-6a23428f77a0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5268817596216608719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 95E6 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=eaQbPb9yXdK4JcpZRPbBxLhCRzf1x5MW5uP0wW42AVs
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 95E6
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=5311625886874947398
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=5311625886874947398
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=5311625886874947398
date
Thu, 10 Nov 2022 11:59:52 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 95E6
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=zsqQdgl_mdZeUD76_aPH-BVLBHFd7pYzsM0ipUWMmNg
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=zsqQdgl_mdZeUD76_aPH-BVLBHFd7pYzsM0ipUWMmNg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YM6W9MMZP2ZF5X3365ZT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=zsqQdgl_mdZeUD76_aPH-BVLBHFd7pYzsM0ipUWMmNg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 95E6
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUI4OUEzRDEtRjREOC00NzgwLTlGRUItRDU1MzI1MUI2ODQ4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
0
0
/
onetag-sys.com/match/ Frame 95E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMH1BFQdQGohpwm8tkW6CAs&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMH1BFQdQGohpwm8tkW6CAs&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMH1BFQdQGohpwm8tkW6CAs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 95E6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-E7dFAwNE2uFFxx5Kp2MqS9KvZfGrXG6zkSIUWT4-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-E7dFAwNE2uFFxx5Kp2MqS9KvZfGrXG6zkSIUWT4-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-E7dFAwNE2uFFxx5Kp2MqS9KvZfGrXG6zkSIUWT4-~A
date
Thu, 10 Nov 2022 11:59:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 95E6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
um
sync.teads.tv/ Frame 95E6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=726ed447-99f2-412c-b05e-af3246a31eb6&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171249737&expires=5
  • https://sync.teads.tv/um?eid=20&uid=726ed447-99f2-412c-b05e-af3246a31eb6&gdpr=&gdpr_consent=&us_privacy=
0
0
sync
ads.servenobid.com/ Frame 95E6 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=eaQbPb9yXdK4JcpZRPbBxLhCRzf1x5MW5uP0wW42AVs
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame C38E 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84011269&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
329207b92af69436ae27bd18018708800f455ee6ceb825411c86a3c659975c05

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 11:59:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.servenobid.com/ Frame B462 		0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=81553157229072134&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame B462
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=9geUITQ3mV6RMiyD66rOsdVyA
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=9geUITQ3mV6RMiyD66rOsdVyA
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.52 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 10 Nov 2022 11:59:54 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Thu, 10 Nov 2022 11:59:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=9geUITQ3mV6RMiyD66rOsdVyA
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame B462
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=IZVa23vh6Ef2RuPAQcOj&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC...
0
0
/
rtb-csync.smartadserver.com/redir/ Frame B462
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=ODE1NTMxNTcyMjkwNzIxMzQ=&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEB1uJnKwQo46u-2IA0s3170&gdpr=0&gdpr_consent=&google_cver=1
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEB1uJnKwQo46u-2IA0s3170&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.52 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 10 Nov 2022 11:59:54 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEB1uJnKwQo46u-2IA0s3170&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame B462
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=gNv5RdPfrRWbjKwS09_iR4_QrEWbi_gf044ZX_97
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=gNv5RdPfrRWbjKwS09_iR4_QrEWbi_gf044ZX_97
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.52 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 10 Nov 2022 11:59:53 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=gNv5RdPfrRWbjKwS09_iR4_QrEWbi_gf044ZX_97
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A95E 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9c04ce2b767d6acaca434f12b6d6486c4339fd21e3c5c883ad83ff2bf2246372

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 03:23:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55429
Connection
keep-alive
Content-Length
9884
Expires
Fri, 11 Nov 2022 03:23:42 GMT
usync.js
eus.rubiconproject.com/ Frame 0706 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9c04ce2b767d6acaca434f12b6d6486c4339fd21e3c5c883ad83ff2bf2246372

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 03:23:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55429
Connection
keep-alive
Content-Length
9884
Expires
Fri, 11 Nov 2022 03:23:42 GMT
usersync
usersync.gumgum.com/ Frame 55A4
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5268817596216608719
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5268817596216608719
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Thu, 10 Nov 2022 11:59:53 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
17bfb43a-3ace-46c1-82dd-6360ace3746c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=5268817596216608719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
pool.admedo.com/ul_cb/ Frame 55A4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_8e7044ff-a795-445b-9f5a-86c8ef7e9cf2&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=726ed447-99f2-412c-b05e-af3246a31eb6
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=726ed447-99f2-412c-b05e-af3246a31eb6
0
0
usersync
usersync.gumgum.com/ Frame 55A4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-93bc378b-df8f-46d7-64eb-bd3e933d7953$ip$116.90.74.196
0
0
usersync
usersync.gumgum.com/ Frame 55A4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_8e7044ff-a795-445b-9f5a-86c8ef7e9cf2&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=mnwKITnnwMYqdSjqabcF&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23LOO5FUSVDONZ3U2WLRMRJWU4LBMJRUM...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=mnwKITnnwMYqdSjqabcF&us_privacy=1---
0
0
RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004
sync.targeting.unrulymedia.com/csync/ Frame 55A4
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1668081593491
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=780831010
  • https://sync.1rx.io/usersync/tradedesk/86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d
  • https://sync.targeting.unrulymedia.com/csync/RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
0
0
usersync
usersync.gumgum.com/ Frame 55A4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=7lVctOWxxRJo&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=7lVctOWxxRJo&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=7lVctOWxxRJo&ev=1&pid=558355
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-79d45ddf-j9mwp
expires
-1
syncUser
sync.outbrain.com/ Frame 55A4
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28oxKLqhFzJL7PUSEH9XCs3BkSlfOrsOR8-PdSPztg7Zi5JXcKxkN84Wad6_QoaP8Y%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_8e7044ff-a795-445b-9f5a-86c8ef7e9cf2&obuid=ENC(oxKLqhFzJL7PUSEH9XCs3BkSlfOrsOR8-PdSPztg7Zi5JXcKxkN84Wad6_QoaP8Y)
0
0
usersync
usersync.gumgum.com/ Frame 55A4
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=d3f888f7-0c02-402f-966e-6bc2c97fb40b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=d3f888f7-0c02-402f-966e-6bc2c97fb40b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 10 Nov 2022 11:59:53 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=d3f888f7-0c02-402f-966e-6bc2c97fb40b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 55A4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-bw88tDxE2pfXAzA_UdsX9SmMR2qc_zyCqQfP~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-bw88tDxE2pfXAzA_UdsX9SmMR2qc_zyCqQfP~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 10 Nov 2022 11:59:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-bw88tDxE2pfXAzA_UdsX9SmMR2qc_zyCqQfP~A
content-length
0
usersync
usersync.gumgum.com/ Frame 55A4
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=2e332aa3-4fdd-4524-b495-8998e0874392
0
0
services
sync.technoratimedia.com/ Frame 55A4 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.26.45 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:54 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
330374871
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 55A4 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 55A4
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=e8122a17-f734-491b-9cbe-2b5f2c1523d8
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=e8122a17-f734-491b-9cbe-2b5f2c1523d8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=e8122a17-f734-491b-9cbe-2b5f2c1523d8
access-control-allow-origin
*
date
Thu, 10 Nov 2022 11:59:54 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 55A4
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=81553157229072134
0
0
sync
ads.servenobid.com/ Frame 55A4 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_8e7044ff-a795-445b-9f5a-86c8ef7e9cf2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 58A5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.217.19 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-217-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=92660
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 11:59:53 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 11 Nov 2022 13:44:13 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 13DE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 11:59:54 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Thu, 10 Nov 2022 11:59:53 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 76A8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=9fec636c-e7b6-4900-95eb-292c64b1d1d7&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=9fec636c-e7b6-4900-95eb-292c64b1d1d7&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 11:59:54 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 10 Nov 2022 11:59:53 GMT
Expires
Thu, 10 Nov 2022 11:59:52 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4629 97bee97 master hkg-pixel-x17 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=9fec636c-e7b6-4900-95eb-292c64b1d1d7&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame C382
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=Y2zntwAHCQ8i2QAO&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y2zntwAHCQ8i2QAO&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 11:59:54 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 10 Nov 2022 11:59:53 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y2zntwAHCQ8i2QAO&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11237-MEL
x-timer
S1668081593.453562,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 4F69 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84ZTcwNDRmZi1hNzk1LTQ0NWItOWY1YS04NmM4ZWY3ZTljZjI=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame 6652 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.238.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-238-86.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 10 Nov 2022 11:59:53 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 9F12
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y2znt8Co5ugAAP59RpwAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y2znt8Co5ugAAP59RpwAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 11:59:54 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 10 Nov 2022 11:59:53 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y2znt8Co5ugAAP59RpwAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
35
X-SO-HostName
a-ad40123.dc2p.scaleout.jp
X-SO-IP
116.90.74.196
X-SO-Key
Y2znt8Co5ugAAP59RpwAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":35,"gdpr":false,"ipv4":"116.90.74.196","key":"Y2znt8Co5ugAAP59RpwAAAAA","privacy_sensitive":false,"uid":"Y2znt8Co5ugAAP59RpwAAAAA","upstream_id":"a-ad40123"}
X-SO-LB-Hostname
a-tgng40017.dc2p.scaleout.jp
X-SO-UID
Y2znt8Co5ugAAP59RpwAAAAA
X-SO-Upstream-ID
a-ad40123
gumgum
cs.admanmedia.com/sync/ Frame FA00 		0
0
usersync
usersync.gumgum.com/ Frame 1B0A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y2zntpX8d22C7tHk7dTWjAAA%264894
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y2zntpX8d22C7tHk7dTWjAAA%264894
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 11:59:54 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
767e9fe6fceffb94-AKL
content-length
0
date
Thu, 10 Nov 2022 11:59:53 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y2zntpX8d22C7tHk7dTWjAAA%264894
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZF%2Bv3GcK0lKlBwvPitv5ViYeqxbPjUU7eTuo9GrRXcuGv9zzyx%2BQRthff1IgiBOimHBNhuqVj2OCURrs29r%2ByANUZJJlCoBbaNQT%2B5kTuheAbnm1%2FrjB3VhqATqtYy1njizpgl3y1Ke4g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 0DCA
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=sh4mXtEJvgo169K6UtYw&pi=gumgum&tc=1
0
0
usync.html
eus.rubiconproject.com/ Frame 29A0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Nov 2022 11:59:53 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 10 Nov 2022 11:59:53 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb90&_p=1194&cid=1833622361.1668081588&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1668081588&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&dt=270%E8%90%AC%E5%8D%A1%E5%8F%8B%E6%B3%A8%E6%84%8F%EF%BC%81%E3%80%8C%E5%A5%BD%E5%B8%82%E5%A4%9A%E8%81%AF%E5%90%8D%E5%8D%A1%E3%80%8D%E7%A2%BA%E5%AE%9A%E6%8F%9B%E4%BA%BA%E7%99%BC%E3%80%80%E6%A5%AD%E8%80%85%E9%A6%96%E5%BA%A6%E7%99%BC%E8%81%B2%E4%BA%86%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame A95E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LAB0PIEF-1O-LQ4D
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAB0PIEF-1O-LQ4D
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAB0PIEF-1O-LQ4D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 11:59:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 11:59:54 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAB0PIEF-1O-LQ4D
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
ad-s.css
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame 416C 		549 B
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ad-s.css
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCIG04tOdsY8e0IIaSvQSq1rrACtKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKCnxr7QrejPqgDAaoE2AFP0FKmk82LS20KF3dYjXTIBLjeY3lIwXT3M8BOrsWG-AO0mzukNik3dkuHV99gj1BBK5SGbZacKhBic6pNv0zIVHIfu9X8HXIPZhZ6_qIO0fJaElA_1sLA8lM53O49CeFlTqWxnVqyXH8xMDc0XBamAt-bMx6pYnpzLnm3sPZR_lqrvQ2cT1_9rhh4Ot4htpdBYf0XslOh_i-iuE0ZHVwmoQOWsEEqLu597Ru7trgVoXVqXaOGIUBoP5WSCtCOWooHD3UEBpnILnCmy2LddDZyMGuFV4uY0mfABM3vyeyGBOAEA5AGAaAGTYAHuP3U7AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBsBPb6fEQyBO3jKThA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9HNW44CzpZTSqc_TntLnjq-M8IJg28VUFMDTzFyiEZCqo2HtbinccDZfqKvYjco_ORxjmODjLGAEgEw%26sig%3DAOD64_2x27y4DsoLGq2wE1AeDDaXNhby-Q%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CiNHTL3QoSfzinSV6EWjqbyQ4GKR_W45HH7Oeh0tSShWdYiFUfMufvYIrJF-i9VFAqQOJGUASJcd3hwpTG6vOeNsQr1HJwqkOGPgbcRKTIlIF3C0OXIvQJZMG_jN6gzVzt2Xbjj1RPSKCoBpiZn4oQ_JqYZ5E34VlgI4cKPnmkGPLySMw%26cry%3D1%26dbm_d%3DAKAmf-D2TXzJdoXyRK3vfjX4AMseO5662jf53wI3j5RekBt95xOC9haZqiRX5GkecuyeimU45_dYKmb1EwbUce4PvF_U_j1FR_VwyNnj4s-FUlkx_dGMdRip5lF3VWksSK_e1xvFvlgfbrWVRiE4GhFu1Rkgnt_dY9jhFrXJZU_Fd4IJQSaUK5WBqscbMY-xYCqBZCEO_vUs1YPEVaUQw-_2LhYGNvUTsdFEO04UarLIZZu9oMRMqqSMwQyVIeXQHUo0gOhtOiY1hi1eyqT4m1nJV5Q-eIbwfsIpzXMmwLctCMgIwGcN7naX_N0IqiTUAx4Zf7igyWg1o9ikI0_LjHhwa7kX4Wm7JBZOPXOYX1ypsdXgL2ZxrD4wmZV6PyWQ0AJ85ehRHiEL5BSEEyNQ9IebF8RM-RO2hvuhtOnEAZqIlv_JAf7YQcTMojrmDEVmmrKG6zJ5Btqq-WWuI7yLDZ73Rr_Ewo86yYTv0kKy6SA2KYG5i4qGibie-_NFvTDFwe-1lsqAtJJt4_r7b5cjXOrMZJFF-Sjh5rdU6K3ksf0jyCdZmoU4fudTSchS0bbXoYl3is8R8o5cH2lubOZFyV1pf-cSF9-nkSHLVglnB3WAEaQF5M7bAIrtzHK_Zt1cyGwmOGNHO8A8DHzVUtLM3AZf91f88cdsm6VEISykof2qSdBZfpe4hxs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1668081588531015
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.116 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
3affb7138a23846fc1abd98ec56528e801dc9967fa0a9115c5ed4d80aa511183

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:25 GMT
Server
AmazonS3
x-amz-request-id
SR1SCZZAP5Z2MSQX
ETag
"fff088d095049a532e08414ffbf79c8b"
x-amz-meta-info
inline html5 ForScript
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
222
x-amz-id-2
/LWs7m7s04BX6uZdsHjm3IWWuZ/iTZ6dJ8y6NgzNoo5bkSwAthwLhT5fISsYBaljgpt55bpMIxI=
hype_generated_script.js
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame 416C 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/hype_generated_script.js?497
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCIG04tOdsY8e0IIaSvQSq1rrACtKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKCnxr7QrejPqgDAaoE2AFP0FKmk82LS20KF3dYjXTIBLjeY3lIwXT3M8BOrsWG-AO0mzukNik3dkuHV99gj1BBK5SGbZacKhBic6pNv0zIVHIfu9X8HXIPZhZ6_qIO0fJaElA_1sLA8lM53O49CeFlTqWxnVqyXH8xMDc0XBamAt-bMx6pYnpzLnm3sPZR_lqrvQ2cT1_9rhh4Ot4htpdBYf0XslOh_i-iuE0ZHVwmoQOWsEEqLu597Ru7trgVoXVqXaOGIUBoP5WSCtCOWooHD3UEBpnILnCmy2LddDZyMGuFV4uY0mfABM3vyeyGBOAEA5AGAaAGTYAHuP3U7AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDmAsByAsBgAwBsBPb6fEQyBO3jKThA9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9HNW44CzpZTSqc_TntLnjq-M8IJg28VUFMDTzFyiEZCqo2HtbinccDZfqKvYjco_ORxjmODjLGAEgEw%26sig%3DAOD64_2x27y4DsoLGq2wE1AeDDaXNhby-Q%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CiNHTL3QoSfzinSV6EWjqbyQ4GKR_W45HH7Oeh0tSShWdYiFUfMufvYIrJF-i9VFAqQOJGUASJcd3hwpTG6vOeNsQr1HJwqkOGPgbcRKTIlIF3C0OXIvQJZMG_jN6gzVzt2Xbjj1RPSKCoBpiZn4oQ_JqYZ5E34VlgI4cKPnmkGPLySMw%26cry%3D1%26dbm_d%3DAKAmf-D2TXzJdoXyRK3vfjX4AMseO5662jf53wI3j5RekBt95xOC9haZqiRX5GkecuyeimU45_dYKmb1EwbUce4PvF_U_j1FR_VwyNnj4s-FUlkx_dGMdRip5lF3VWksSK_e1xvFvlgfbrWVRiE4GhFu1Rkgnt_dY9jhFrXJZU_Fd4IJQSaUK5WBqscbMY-xYCqBZCEO_vUs1YPEVaUQw-_2LhYGNvUTsdFEO04UarLIZZu9oMRMqqSMwQyVIeXQHUo0gOhtOiY1hi1eyqT4m1nJV5Q-eIbwfsIpzXMmwLctCMgIwGcN7naX_N0IqiTUAx4Zf7igyWg1o9ikI0_LjHhwa7kX4Wm7JBZOPXOYX1ypsdXgL2ZxrD4wmZV6PyWQ0AJ85ehRHiEL5BSEEyNQ9IebF8RM-RO2hvuhtOnEAZqIlv_JAf7YQcTMojrmDEVmmrKG6zJ5Btqq-WWuI7yLDZ73Rr_Ewo86yYTv0kKy6SA2KYG5i4qGibie-_NFvTDFwe-1lsqAtJJt4_r7b5cjXOrMZJFF-Sjh5rdU6K3ksf0jyCdZmoU4fudTSchS0bbXoYl3is8R8o5cH2lubOZFyV1pf-cSF9-nkSHLVglnB3WAEaQF5M7bAIrtzHK_Zt1cyGwmOGNHO8A8DHzVUtLM3AZf91f88cdsm6VEISykof2qSdBZfpe4hxs%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1668081588531015
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.116 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
c156e2771927ce196034439e75f43effeb52ad6875d40bd12daf6f8124a8d445

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:25 GMT
Server
AmazonS3
x-amz-request-id
SR1RN0W895JWQ7MJ
ETag
"3d9647ddaddf09c9cf8fe85132809967"
x-amz-meta-info
main HYPE file
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
7156
x-amz-id-2
kp7wLNqLNpt3k2fipn2rOaxk670Qcu0hrR269CovNL7+iwMOej+3YmMA8IsxNHxXTX4Ksd2lOOE=
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 0706 		0
0
match
c1.adform.net/serving/cookie/ Frame D111 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 10 Nov 2022 11:59:53 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
ImgSync
image8.pubmatic.com/AdServer/ Frame B791
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9fec636c-e7b6-4900-95eb-292c64b1d1d7&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 10 Nov 2022 11:59:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 10 Nov 2022 11:59:54 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame DB86
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2zntwAHCQ8i2QAO&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 10 Nov 2022 11:59:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 10 Nov 2022 11:59:54 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 0991
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xrgnv70ycuo
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
/
onetag-sys.com/match/ Frame F66A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CmmJhFlt3dQRPtzTWW2ShgVi3IQROYjeWTyobY4X
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
0
0
/
onetag-sys.com/match/ Frame 3111
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5268817596216608719&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
0
0
usersync.aspx
dis.criteo.com/dis/ Frame A80A 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:53 GMT
expires
Thu, 10 Nov 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
433135
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9187
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3s9OYmxLQyt3HO7y9fI7qnRaSsQ
42 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3s9OYmxLQyt3HO7y9fI7qnRaSsQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 10 Nov 2022 11:59:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 10 Nov 2022 11:59:54 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3s9OYmxLQyt3HO7y9fI7qnRaSsQ
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 1B5F 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 10 Nov 2022 11:59:54 GMT
Pragma
no-cache
Server
nginx
expires
-1
/
onetag-sys.com/match/ Frame 7DD9
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Smy2IJSrDWOUslVos-dsYw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 7E1F
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=5cd34a27133544ca83df1e7ff01312d1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 10 Nov 2022 11:59:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 10 Nov 2022 11:59:54 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame D942 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 10 Nov 2022 11:59:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pxd
dps.jp.cinarra.com/ Frame 77FE 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.204.37 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Thu, 10 Nov 2022 11:59:54 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame D8E7
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:S4TmoWoO1OT6dP5&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 10 Nov 2022 11:59:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 10 Nov 2022 11:59:54 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
bridge
cm.adgrx.com/ Frame 3DEC 		0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.207.233 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
date
Thu, 10 Nov 2022 11:59:54 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1a-delivery-1
RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004
sync.targeting.unrulymedia.com/csync/ Frame B6F0
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7824538253
  • https://sync.1rx.io/usersync/tradedesk/86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d
  • https://sync.targeting.unrulymedia.com/csync/RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004
0
0
i.match
a.tribalfusion.com/ Frame 7895 		43 B
672 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
767e9feadcd2eeaa-AKL
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 10 Nov 2022 11:59:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
cookiesync
core.iprom.net/ Frame F067 		0
0
/
csync.loopme.me/ Frame C69A 		0
0
cksync.php
contextual.media.net/ Frame 055D 		45 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3110831917443676000V10&type=pba&refUrl=&vid=80815922343110831917443676000V10&ovsid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Thu, 10 Nov 2022 11:59:54 GMT
expires
Thu, 10 Nov 2022 11:59:54 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C38E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kODejRB9SwOj7oqZge9-vw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.78.217.19 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-217-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:54 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=92659
accept-ranges
bytes
content-length
5549
expires
Fri, 11 Nov 2022 13:44:13 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C38E
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
  • https://pippio.com/api/sync?pid=5324&it=1&iv=cd504a75403f5e99a88e793416ab09c0cb6d316e88876dd14717b1eab8d5f114791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBjZDUwNGE3NTQwM2Y1ZTk5YTg4ZTc5MzQxNmFiMDljMGNiNmQzMTZlODg4NzZkZDE0NzE3YjFlYWI4ZDVmMTE0NzkxNDI2YjU...
0
0
SPug
image4.pubmatic.com/AdServer/ Frame C38E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9fec636c-e7b6-4900-95eb-292c64b1d1d7
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9fec636c-e7b6-4900-95eb-292c64b1d1d7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 10 Nov 2022 11:59:53 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9fec636c-e7b6-4900-95eb-292c64b1d1d7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 11:59:52 GMT
/
onetag-sys.com/match/ Frame C38E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTBFMERFOEQtMTA3RC00QjAzLUEzRUUtOEE5OTgxRUY3RUJG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
0
0
/
onetag-sys.com/match/ Frame C38E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKwxadLwJAZi2nWX8yNhpjA&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
0
0
/
onetag-sys.com/match/ Frame C38E
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:92A6B737A16741888CE33D46A33B58A8
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
0
0
90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C38E 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.186.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-186-111.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ImgSync
image8.pubmatic.com/AdServer/ Frame C38E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:54 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 10 Nov 2022 11:59:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame C38E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4307815592895647751
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:54 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 10 Nov 2022 11:59:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
x.bidswitch.net/ Frame C38E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d5fd2c13-9351-405b-a8d8-4842d40520de&ssp=pubmatic
0
0
SPug
image4.pubmatic.com/AdServer/ Frame C38E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Xj5U93NE2uXGbE.qwBUBKKsxmgCQKkw-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Xj5U93NE2uXGbE.qwBUBKKsxmgCQKkw-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Xj5U93NE2uXGbE.qwBUBKKsxmgCQKkw-~A&gdpr=0&gdpr_consent=
date
Thu, 10 Nov 2022 11:59:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ImgSync
image8.pubmatic.com/AdServer/ Frame C38E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3086834813664652045&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:18 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 10 Nov 2022 11:59:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame C38E
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5268817596216608719
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame C38E
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=157887a089322062&is_secure=true&networkId=17100&version=1&nuid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF&gdpr=0&gdpr_consent=
0
0
d1ba4609
rtb.gumgum.com/getuid/ Frame C38E 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dpba%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.73.244.105 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-244-105.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 11:59:53 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
usync.js
eus.rubiconproject.com/ Frame 29A0 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9c04ce2b767d6acaca434f12b6d6486c4339fd21e3c5c883ad83ff2bf2246372

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 03:23:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55428
Connection
keep-alive
Content-Length
9884
Expires
Fri, 11 Nov 2022 03:23:42 GMT
HYPE-740.thin.min.js
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame 416C 		56 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/HYPE-740.thin.min.js
Requested by
Host: s3-ap-southeast-2.amazonaws.com
URL: https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/hype_generated_script.js?497
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.116 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
1b672d771ea2e2d6cf15df45fa4978c98d571b4521e5ebedb7b060e65577c127

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:25 GMT
Server
AmazonS3
x-amz-request-id
EHNBKFH7BNT81AGP
ETag
"9e7db1868051997b3db193c0cefceb81"
x-amz-meta-info
HYPE file
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
24698
x-amz-id-2
FYJHaka4SPNQBpX6aUeztpv97FGrL+6VSDNJGekO3+xbrleMTv9vBBurs0TCQTV0OHc3JvRwAJc=
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2134 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
79467
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 13:55:27 GMT
expires
Thu, 09 Nov 2023 13:55:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7026 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
GSE /
Resource Hash
dee1d66ca0d1c8bd758668a8ca82fd9e98d10eefcd1f3f10e0336725cab41375
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D-a16iv-NIvvhseWoABzYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-D-a16iv-NIvvhseWoABzYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:54 GMT
expires
Thu, 10 Nov 2022 11:59:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CB1E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
79467
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 13:55:27 GMT
expires
Thu, 09 Nov 2023 13:55:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 52CE 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
GSE /
Resource Hash
6f123aa53cf5ce3f5b2775d908132ea60d7dc3de3cf16cb11e1c7be27e37aa0d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4bmDqw0-AiSg13yj14Ne7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-4bmDqw0-AiSg13yj14Ne7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 11:59:54 GMT
expires
Thu, 10 Nov 2022 11:59:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usersync
usersync.gumgum.com/ Frame 29A0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LAB0PIEF-1O-LQ4D
  • https://usersync.gumgum.com/usersync?b=mag&i=LAB0PIEF-1O-LQ4D
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LAB0PIEF-1O-LQ4D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 11:59:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LAB0PIEF-1O-LQ4D
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
css
fonts.googleapis.com/ Frame 416C 		986 B
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Alkalami&subset=latin
Requested by
Host: s3-ap-southeast-2.amazonaws.com
URL: https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/HYPE-740.thin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
f3ebfd3bcea84282729c9026fc76647b7bd47fe90e58732e1a4404e4b3f7d2b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 11:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 11:59:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Nov 2022 11:59:54 GMT
van_welkam_logo.svg
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame 416C 		77 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/van_welkam_logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.116 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
c44d01dcc4b5ec2d67d2a22a65507a24f24b2c95efa5fb3bd370dace12515d69

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:25 GMT
Server
AmazonS3
x-amz-request-id
EHNEMSK8EPFY0NY7
ETag
"96759fdcbaf3c91daf647466f0c91cc3"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
22006
x-amz-id-2
tA+2DuEyEn4SJtYapJt42fx2d5zBA53YKh3lRpnDpemssbodn9d+yIUkq+UvlWU/byxG1fwVHVU=
Experience%20BTN.svg
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame 416C 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/Experience%20BTN.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.116 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
3eff40b5baa173579a18a83e983bc913aa99df9cdde0df72849e6c9309c5ab88

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:24 GMT
Server
AmazonS3
x-amz-request-id
EHNF7AA9NHRFCC9H
ETag
"6e9e34eefd6a9eb35a7a4da3a5372ccc"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2534
x-amz-id-2
sftHSHZA0hcdPIjapUsHgRhbFj+iZvqhIsZjPx1ZFKgxbhWunisRBlk3i4mdsE55m9vzy0DgVOI=
Youre%20invited.svg
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame 416C 		206 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/Youre%20invited.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.116 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
682ffa5a005176cfbe0c4e5e062b7d9aa5e406c4031e289a4c220d1c00211642

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:25 GMT
Server
AmazonS3
x-amz-request-id
EHNB61GQQ0A97EWZ
ETag
"e9a3e2a0f2f489ba28339460153e64f5"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
34234
x-amz-id-2
Wt/BF+MIU1uG+KzxiPETRevrGy6xsLpL4DZDzSbEpr6f16CepJo+I9zxudGhekhIJszi+DR/tEw=
Arrow_1.svg
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame 416C 		473 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/Arrow_1.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.116 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
be524e23870aef024868b813321f41497da19f0eac18c195fa22865f5027c555

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:24 GMT
Server
AmazonS3
x-amz-request-id
EHN179G9ATHEND31
ETag
"7eba75f19981f3d2ddf658dcc42973d1"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
337
x-amz-id-2
FzghGWyGAMrdqQ1c1dTMP5fYvipb9vf1u78baIf3KouZxs+qvGr97gYPI/BAQNofvMt/JbGxkV4=
sodar
pagead2.googlesyndication.com/pagead/ Frame 52CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221108&jk=2164425293010798&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 7026 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221108&jk=3833204497333993&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 2134 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 14:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 14:43:55 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame CB1E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 14:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 14:43:55 GMT
van_welkam_logo.svg
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame 416C 		77 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/van_welkam_logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.116 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
c44d01dcc4b5ec2d67d2a22a65507a24f24b2c95efa5fb3bd370dace12515d69

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:25 GMT
Server
AmazonS3
x-amz-request-id
EHN4JZE8GQYFHBAR
ETag
"96759fdcbaf3c91daf647466f0c91cc3"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
22006
x-amz-id-2
XZHhzdtxXoQ1zGrTrKIk1e1Xr8Jq08IgxsRU+eV6qQlJJSL1AXeMbuLxZeKVGBpbjOzBgroDZ/o=
300x250-bungalow.jpg
s3-ap-southeast-2.amazonaws.com/adtrek/d2653d59-0488-404e-a515-ea99c7e389c3/bc6ba6f0-d4ea-40c9-a9a3-83601911d4aa/ Frame 416C 		38 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/d2653d59-0488-404e-a515-ea99c7e389c3/bc6ba6f0-d4ea-40c9-a9a3-83601911d4aa/300x250-bungalow.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.116 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:41:44 GMT
Server
AmazonS3
x-amz-request-id
EHN4N6NN0RYJKYMP
ETag
"1fdc20431768782ff88a0325f5e57ea1"
x-amz-meta-info
feed-image
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
78919
x-amz-id-2
mSDiL3HxEgEOq4SS09gUF4PDE915rQJzKA+Y6v5irUVZ3AXGInyoJWa3LN3YkZb8I85Y0eapnxM=
Experience%20BTN.svg
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame 416C 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/Experience%20BTN.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.116 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
3eff40b5baa173579a18a83e983bc913aa99df9cdde0df72849e6c9309c5ab88

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:24 GMT
Server
AmazonS3
x-amz-request-id
EHNEND43MBQBE8NY
ETag
"6e9e34eefd6a9eb35a7a4da3a5372ccc"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2534
x-amz-id-2
PiBUrg8KCVHquQxHEB06xPL4g3THF6/OhjWxCntUOr//0IcJ9DgvSuqH8sxp49dM8HIIGgUkvc4=
truncated
/ Frame 416C 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Youre%20invited.svg
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame 416C 		83 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/Youre%20invited.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.129.116 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:25 GMT
Server
AmazonS3
x-amz-request-id
EHN5EMYDG6E995G7
ETag
"e9a3e2a0f2f489ba28339460153e64f5"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
34234
x-amz-id-2
ejixE/AJuiz22Fyc1cqmYc6x1VV1CN9TpK/AbDMgpENokZ36UoJjCACMgaEK+xu8ZCdLu2NC90M=
300x250-cave.jpg
s3-ap-southeast-2.amazonaws.com/adtrek/d2653d59-0488-404e-a515-ea99c7e389c3/10466870-7186-4c07-bcd2-f264ffcfd3d8/ Frame 416C 		0
0
Arrow_1.svg
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame 416C 		0
0
Aleo-Regular.ttf
www.adtrek.co/content/webkits/Aleo/ Frame 416C 		17 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.adtrek.co/content/webkits/Aleo/Aleo-Regular.ttf
Requested by
Host: s3-ap-southeast-2.amazonaws.com
URL: https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ad-s.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.237.117.95 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-237-117-95.ap-southeast-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer
https://s3-ap-southeast-2.amazonaws.com/
Origin
https://www.adtrek.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 11:59:50 GMT
Last-Modified
Wed, 21 Sep 2022 10:49:02 GMT
Server
Microsoft-IIS/8.5
ETag
"023dec2a7cdd81:0"
X-Powered-By
ASP.NET
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93380
AcrylicHandSans-Regular.ttf
www.adtrek.co/content/webkits/AcrylicHandSans/ Frame 416C 		0
0
AstLd
www.adtrek.co/adserver/ Frame 416C 		0
0
generate_204
tpc.googlesyndication.com/ Frame 2134 		0
0
generate_204
tpc.googlesyndication.com/ Frame CB1E 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=M3T2fVLYPT3xfyum3JlZ
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dr1%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DRX-f15b192a-1fae-4246-9349-f0bfd64d658f-004
Domain
aa.agkn.com
URL
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522238326756569765&ssp=medianet&gdpr=0&gdpr_consent=
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKRKFWDK2RYKBBTSRBSKFDFQQ3LMZYGU4JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4DAOBRGU4TEMRTGQZTCMJQHAZTCOJRG42DIMZWG43DAMBQKYYTAJTWONUWIPJTGEYTAOBTGE4TCNZUGQZTMNZWGAYDAVRRGA
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-Mc76GyKTgOjOYtNPtiblA&rk=usync-other
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110831917443676000V10%26type%3Dr1%26refUrl%3D%26vid%3D80815922343110831917443676000V10%26ovsid%3DRX-f15b192a-1fae-4246-9349-f0bfd64d658f-004
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/cchain/1/22053?gdpr=0&gdpr_consent=&us_privacy=&A=22d39604-5410-4628-b3e4-bafb6793a5fd&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB6WWpReE5HRXlaUzB5WVRFMUxUTTJZekV0WWprNVpDMHdPRGhrTkRsak1qSXlNV1VxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE0ySTBNVFJoTW1VdE1tRXhOUzB6Tm1NeExXSTVPV1F0TURnNFpEUTVZekl5TWpGbE1nRUdPQUU9JmJ1eWVydWlkPQ%3D%3D&uid=Y2zntpX8d22C7tHk7dTWjAAA%264894
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Domain
sync.teads.tv
URL
https://sync.teads.tv/um?eid=20&uid=726ed447-99f2-412c-b05e-af3246a31eb6&gdpr=&gdpr_consent=&us_privacy=
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5JFNFMYJSGN3GQNSFMYZFE5KQIFIWGT3K
Domain
pool.admedo.com
URL
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=726ed447-99f2-412c-b05e-af3246a31eb6
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sta&i=0-93bc378b-df8f-46d7-64eb-bd3e933d7953$ip$116.90.74.196
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=mnwKITnnwMYqdSjqabcF&us_privacy=1---
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-f15b192a-1fae-4246-9349-f0bfd64d658f-004
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_8e7044ff-a795-445b-9f5a-86c8ef7e9cf2&obuid=ENC(oxKLqhFzJL7PUSEH9XCs3BkSlfOrsOR8-PdSPztg7Zi5JXcKxkN84Wad6_QoaP8Y)
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=vnt&i=2e332aa3-4fdd-4524-b495-8998e0874392
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sad&i=81553157229072134
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=rth&i=sh4mXtEJvgo169K6UtYw&pi=gumgum&tc=1
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LAB0PIEF-1O-LQ4D
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBjZDUwNGE3NTQwM2Y1ZTk5YTg4ZTc5MzQxNmFiMDljMGNiNmQzMTZlODg4NzZkZDE0NzE3YjFlYWI4ZDVmMTE0NzkxNDI2YjU0MTdkY2UyMRAAGgwIus-zmwYSBAgCEABCAEoA
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d5fd2c13-9351-405b-a8d8-4842d40520de&ssp=pubmatic
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
pubmatic-match.dotomi.com
URL
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=157887a089322062&is_secure=true&networkId=17100&version=1&nuid=90E0DE8D-107D-4B03-A3EE-8A9981EF7EBF&gdpr=0&gdpr_consent=
Domain
s3-ap-southeast-2.amazonaws.com
URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/d2653d59-0488-404e-a515-ea99c7e389c3/10466870-7186-4c07-bcd2-f264ffcfd3d8/300x250-cave.jpg
Domain
s3-ap-southeast-2.amazonaws.com
URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/Arrow_1.svg
Domain
www.adtrek.co
URL
https://www.adtrek.co/content/webkits/AcrylicHandSans/AcrylicHandSans-Regular.ttf
Domain
www.adtrek.co
URL
https://www.adtrek.co/adserver/AstLd?cc=32c8794c-79f1-49bb-a03f-85569be09a9f
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?flUZJA
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?R8RRDA

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover object| ucf object| request string| paramsString function| setImmediate function| clearImmediate number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter undefined| $ undefined| jQuery function| jqAlias string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| ggeac object| google_tag_data object| google_js_reporting_queue object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries undefined| google_measure_js_timing object| _qevents object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo object| criteo_syncframe_state boolean| descriptionPage function| quantserve function| __qc object| ezt object| _qoptions object| dataLayer function| gtag object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

130 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQmcuki8YwCgoIgQIQmcuki8YwCgoI4gEQmcuki8YwCgoI5gEQmcuki8YwCgoIhwIQmcuki8YwCgkICRCZy6SLxjAKCQg6EJnLpIvGMAoKCIwCEJnLpIvGMAoJCF8Qmcuki8YwCgkIHxCZy6SLxjA=
.aralego.com/ Name: sspid
Value: 70e82f2e-4c30-3e86-8bdd-5a51bf474921
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: b492577e-3f76-4c6a-af70-8e591da75e20
www.bg3.co/ Name: CFFPCKUUID
Value: 9750-ROQS9ww2tOvxh1bjqzgPUfC6uUJaxiQa
.www.bg3.co/ Name: CFFPCKUUIDMAIN
Value: 3016-y7NCkBQ2izDZ09Gy2eRsnPWqDI5wIyPR
.hinet.net/ Name: uuid
Value: e19a34cd-4cdd-4d91-822a-d2499a5b1a8b
.adpushup.com/ Name: ap_uid
Value: 2ad16690-60ef-11ed-b043-000d3aa2a065
.adpushup.com/ Name: ap_usid
Value: 2ad16691-60ef-11ed-b043-000d3aa2a065
.holmesmind.com/ Name: Vision
Value: 20221110-23:59,20221110-22,20221110-22,20221110-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.holmesmind.com/ Name: P
Value: 159090-9cSrv90qcfhDmJ24WQt6K1II5P1hHRYR
.bg3.co/ Name: __htid
Value: e19a34cd-4cdd-4d91-822a-d2499a5b1a8b
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: f76913de-8d90-478e-abc3-b3c7650886b0
.bg3.co/ Name: _ht_50ef57
Value: 1
.bg3.co/ Name: _ht_em
Value: 1
.openx.net/ Name: i
Value: f76913de-8d90-478e-abc3-b3c7650886b0|1668081586
.omnitagjs.com/ Name: ayl_visitor
Value: 13e2a47a51be2e9f04d9fa886fe826ef
.c.appier.net/ Name: _auid
Value: Smy2IJSrDWOUslVos-dsYw
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEws8-zmwY4AUABSAEQs8-zmwYYAA..
.adnxs.com/ Name: uuid2
Value: 5268817596216608719
.teads.tv/ Name: tt_viewer
Value: b2407e7b-9be6-433f-be22-9bc10c29526b
.rubiconproject.com/ Name: khaos
Value: LAB0PIEF-1O-LQ4D
.quantserve.com/ Name: mc
Value: 636ce7b3-dc4e7-a98cc-c79ef
.bg3.co/ Name: __qca
Value: P0-2017867598-1668081587049
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1668081588.1.0.1668081588.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1833622361.1668081588
.bg3.co/ Name: __gads
Value: ID=018031f5efb03d6d-226d945837d8008a:T=1668081589:RT=1668081589:S=ALNI_Mbq3XyMDF2T_bpFPTA4fQtlVjq1KQ
.bg3.co/ Name: __gpi
Value: UID=00000b792731ec51:T=1668081589:RT=1668081589:S=ALNI_MagRqvGPN7okkGNT_4WO11PXUTR_Q
.doubleclick.net/ Name: IDE
Value: AHWqTUkk5EQclHA1ZbIeie6oXGIBhajEClldk_YBqf1XykxUJ8O9LK2HVmPF3GKXvtk
.blismedia.com/ Name: b
Value: 636CE7B67376129662DB6825BLIS
.doubleclick.net/ Name: DSID
Value: NO_DATA
.yahoo.com/ Name: A3
Value: d=AQABBLbnbGMCEMhWhklTNZnap0wyuZXFmxQFEgEBAQE5bmN2YwAAAAAA_eMAAA&S=AQAAAmmMlzKYrvAGC-VZuNvp5Ac
.sharethrough.com/ Name: stx_user_id
Value: 3fa08710-ff3a-4fce-86f2-34b575a98113
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Ilcm]gWL!]tbPl1M>e)ZlrFUfJ+tGXxoeWzabWX>abhZf^By:%wB6Xp4$nX^W$0VvO)!3If)y3KL9D3I?+KQ('LA
.dap.fw-ad.jp/ Name: user
Value: 24464bce-7305-39a9-b997-9ba43946e8b7
.dap.fw-ad.jp/ Name: gcm_usec
Value: 1668081590765000
.bidswitch.net/ Name: tuuid
Value: 726ed447-99f2-412c-b05e-af3246a31eb6
.bidswitch.net/ Name: c
Value: 1668081590
.mathtag.com/ Name: uuid
Value: 9fec636c-e7b6-4900-95eb-292c64b1d1d7
.mathtag.com/ Name: mt_mop
Value: 4:1668081590
fksnk.com/ Name: AWSALBCORS
Value: VbHsdPu19R4zS9Ju3AGh4aUzYLGW77/QHEdE7rsgTvnaviOrqudM7C+5abKO+s83Owc0Ky2Hy0f7zkp0Q3cZ5REmE37nIEl9FIZMvpCRA2RnHjBYk4ea/qaJqwOR
.fksnk.com/ Name: f_001
Value: 8A464E90DD489900
.fksnk.com/ Name: g_001
Value: 1
.casalemedia.com/ Name: CMPS
Value: 4894
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: 92A6B737A16741888CE33D46A33B58A8
.media.net/ Name: visitor-id
Value: 3110831917443676000V10
.media.net/ Name: data-g
Value: CAESEIXo9g2Zut3TPDIIhBiZD90~~3
.tribalfusion.com/ Name: ANON_ID
Value: aIntmIqkaHbBykt9ZbxaPSZboZbrNZdfwGxZd0JYq0iEGoAlgfHWsera7U45We0mMaAhvmtXGXQQtuG4TqA1m3e3HZaaFi
.yieldmo.com/ Name: yieldmo_id
Value: g1021530ccc7199b617f%7C1668081591246%7C0%7C
.adform.net/ Name: uid
Value: 4307815592895647751
.socdm.com/ Name: SOC
Value: Y2znt8Co5ugAAP59RpwAAAAA
.fout.jp/ Name: uid
Value: Q-qMhpspQpHWoEr6WLp7-pAq4qk
.bidswitch.net/ Name: tuuid_lu
Value: 1668081591
.bidswitch.net/ Name: google_push
Value: ASkJ3FbX_jCa5lqR-GVqm8ZS7gdL54bKelVCdWjNSZrfg33wDY3U_IiXQAlZ--RiWMnJrS2HSq5fBybTTDGkvKCcrHzsWsXU1UoCvBfCvG0ISxb9MiOi0nlZ3j79bQR7QABn3Mw61OEaFU6F
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y2zntwAHCQ8i2QAO
.casalemedia.com/ Name: CMID
Value: Y2zntpX8d22C7tHk7dTWjAAA
.casalemedia.com/ Name: CMPRO
Value: 4894
.openx.net/ Name: pd
Value: v2|1668081591|jElYiuvOiahI
.uncn.jp/ Name: t
Value: v_c25aabd3-e26a-4a2c-9c72-dc82d03a42b7
.r-ad.ne.jp/ Name: r_ad_token
Value: 51OBxp00mBDGa007Uvun
.adsrvr.org/ Name: TDID
Value: 86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%227f725c4d-c972-4dea-8c5e-bc72727f2432%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-10T11%3A59%3A51%22%7D
.3lift.com/ Name: tluid
Value: 3941776572197187509489
.openx.net/ Name: univ_id
Value: 537072971|86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d|1668081592052684
.ladsp.com/ Name: cr
Value: 1
.bing.com/ Name: MUID
Value: 0BFD7317935B65F80509614F92696485
.c.bing.com/ Name: MR
Value: 0
.turn.com/ Name: uid
Value: 3086834813664652045
.linkedin.com/ Name: li_sugr
Value: a3d9308c-d702-430f-bccc-da6abfdd182b
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&82f87a87-9cd3-4e41-850c-9aae66946649"
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2372:u=1:x=1:i=1668081592:t=1668167992:v=2:sig=AQGvp_ww0XGnePA8ZW1T0ShXid3ovKiS"
.socdm.com/ Name: SOSYNC
Value: anNvbjp7ImdkbiI6MTY2ODA4MTU5Mn0
.media.net/ Name: data-ttd
Value: 86ba788d-2e70-4b2d-a2b9-0863bf0e6a4d~~1
.ladsp.com/ Name: smn_uid
Value: ZRMlcGdFekFw0elmiPnU-A7--kBN0Mg
.ladsp.com/ Name: lum
Value: COjRpIvGMBIFCAMQ0AU
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.bg3.co/ Name: cto_bundle
Value: vlKxOF9oTW0lMkY4cDh0UmlVNktqZzI5NHQwYjJIVUs5aGJCR2QyTUZWSU4yeG9uSzVUbkFwN2dkUm1UV0tlYnhSdzZ1TE5kSSUyQlVHdkRBZ1lBMnIzVzklMkJqbVlQWnl2RzQ5UHVueVJTZzA1bzZMRDNXbyUzRA
.bg3.co/ Name: cto_bidid
Value: txaTzl91dFQzMW5Dd1dHZndkV08zQTZXcW1qdXZJM2MlMkJyQWt6QTlHbSUyQkVndFJEcG9FQmVJemU4TSUyQlVvM3BaRko0ZXNUNWNrJTJCTE1UeTR0bVlkdHYyZSUyRkpvWkElM0QlM0Q
.media.net/ Name: data-mm
Value: 9fec636c-e7b6-4900-95eb-292c64b1d1d7~~8
.media.net/ Name: data-a
Value: 5268817596216608719~~8
.media.net/ Name: data-o
Value: ece94518-8f17-4299-925a-0541b3c02791~~8
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.a-mo.net/ Name: amuid2
Value: 22d39604-5410-4628-b3e4-bafb6793a5fd
.prebid.a-mo.net/ Name: sd_amuid2
Value: 22d39604-5410-4628-b3e4-bafb6793a5fd
.onetag-sys.com/ Name: OTP
Value: zsqQdgl_mdZeUD76_aPH-BVLBHFd7pYzsM0ipUWMmNg
.ads.pubmatic.com/ Name: KCCH
Value: YES
.id5-sync.com/ Name: id5
Value: e999f4d5-fa49-43e7-bbb0-5deba07db5fa#1668081592530#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.w55c.net/ Name: wfivefivec
Value: S4TmoWoO1OT6dP5
.mookie1.com/ Name: id
Value: 10522238326756569765
.mookie1.com/ Name: mdata
Value: 1|10522238326756569765|1668081593090
.mookie1.com/ Name: ov
Value: 30863d497dbc42c51734b1dc485ade80
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.analytics.yahoo.com/ Name: IDSYNC
Value: "198o~287n:194o~287n"
.servenobid.com/ Name: pid_337
Value: y-E7dFAwNE2uFFxx5Kp2MqS9KvZfGrXG6zkSIUWT4-~A
.servenobid.com/ Name: pid_339
Value: y-E7dFAwNE2uFFxx5Kp2MqS9KvZfGrXG6zkSIUWT4-~A
.servenobid.com/ Name: pid_333
Value: Y2zntpX8d22C7tHk7dTWjAAAEx4AAAAB
.smartadserver.com/ Name: pid
Value: 81553157229072134
.adsymptotic.com/ Name: U
Value: 044854d6e64ba43ed3d2455940739e4e
.gumgum.com/ Name: vst
Value: a_8e7044ff-a795-445b-9f5a-86c8ef7e9cf2
.rlcdn.com/ Name: rlas3
Value: MXfsqz6saDXIrZIE/QVqftS4NjxNnSegw5lwFr8qgew=
.rlcdn.com/ Name: pxrc
Value: CAA=
.servenobid.com/ Name: pid_312
Value: 5268817596216608719
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f15b192a-1fae-4246-9349-f0bfd64d658f-004%22%2C%22zdxidn%22%3A%222069.26%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%22%7D
.servenobid.com/ Name: pid_318
Value: eaQbPb9yXdK4JcpZRPbBxLhCRzf1x5MW5uP0wW42AVs
.w55c.net/ Name: matchmedianet
Value: 5
.sportradarserving.com/ Name: zuuid
Value: d5fd2c13-9351-405b-a8d8-4842d40520de
.sportradarserving.com/ Name: c
Value: 1668081593
.sportradarserving.com/ Name: zuuid_lu
Value: 1668081593
.pubmatic.com/ Name: SyncRTB3
Value: 1669248000%3A220
.pubmatic.com/ Name: ipc
Value: 159706^https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID^1^0
.pubmatic.com/ Name: pi
Value: 159706:2
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1B89A3D1-F4D8-4780-9FEB-D553251B6848
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.lijit.com/ Name: ljt_reader
Value: FoLPERZHj52U3WTTTNanIO2H
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCNrRyLijx6E7EAUSFQoGY2FzYWxlEgsI3IzlvKPHoTsQBRIWCgdydWJpY29uEgsItpm_v6PHoTsQBRgBIAEoAjILCMrCtPS5x6E7EAU4AVoGZ3VtZ3VtYAI.
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMKfnW78mn9HpnXrd8oPN4aCe4QFZsXH9fayfrhxjexcAitzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.quantserve.com/ Name: d
Value: EEEBEwHFJ7jvsQz7sQA
.amazon-adsystem.com/ Name: ad-id
Value: A_bEgUC-H0nKsj4mqGN_wcc|t

22 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/50b5e9ed53fe23d53d20754a141d8986.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/98133df26070e5ac3de866674c620413.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/17b6af381326850d4e6c8dfd55ed2424.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/b3a56a0b9269b847f35d2d92cbe62651.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/4e1141951e6b15fd167a99eb3d56153a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/3b6e525b788406b1a1871637f0640459.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/a50a6e93c3e7e522b8c304c8b36c79d2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/34faec0f7c7deb3fdb5d7b9f6cdb98a7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/e993dbd1e8669aab0f48e752c78084d3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/e2d94e1a37c3cabbdd966ce2cce3c33a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/a028490a79d92d01b8f584b1df0dbbc5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/620e77af52328fe2c2d3c3d6650b4e53.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/a796f194bcdbb6c7f6878bd0c5fc78bb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/ff8be0fc1a61f7171e6b87cd15e37f6a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/b1e72afec2eea3bf8449208005d1d184.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/0e43d0838afb8375335f0e0fb5e6e25d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.adpushup.com/42753/L2EvMjcwbW8tcWlhLXlvdS16aHUteWktaGFvLXNoaS1kdW8tbGlhbi1taW5nLXFpYS1xdWUtZGluZy1odWFuLXJlbi1mYS15ZS16aGUtc2hvdS1kdS1mYS1zaGVuZy1saWFvLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html(Line 15)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/13885821050941341696/index.html".
other warning URL: https://de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3016-y7NCkBQ2izDZ09Gy2eRsnPWqDI5wIyPR&CFFPCKUUID=9750-ROQS9ww2tOvxh1bjqzgPUfC6uUJaxiQa&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&maindomain=www.bg3.co
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3016-y7NCkBQ2izDZ09Gy2eRsnPWqDI5wIyPR&CFFPCKUUID=9750-ROQS9ww2tOvxh1bjqzgPUfC6uUJaxiQa&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F270mo-qia-you-zhu-yi-hao-shi-duo-lian-ming-qia-que-ding-huan-ren-fa-ye-zhe-shou-du-fa-sheng-liao.html&maindomain=www.bg3.co
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://fcm.holmesmind.com/cm.php
Message:
Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

76d80a4312d81001005c23532a6c38d7.safeframe.googlesyndication.com
a.audrte.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a3634f3cb0b4767cba36538c2be5a2c5.safeframe.googlesyndication.com
aa.agkn.com
acdn.adnxs.com
ad.360yield.com
ad.holmesmind.com
ad.turn.com
ad2.apx.appier.net
adcdn.holmesmind.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.co.nz
adservice.google.com
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bi.adpushup.com
bidder.criteo.com
c.bing.com
c.holmesmind.com
c1.adform.net
campaign.adpushup.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.holmesmind.com
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.com
cs.admanmedia.com
cs.emxdgt.com
cs.media.net
cs.r-ad.ne.jp
csm.as.criteo.net
csync.loopme.me
d-40497817543308984597.ampproject.net
de74f02ab777ebb64d4b04898af8c7af.safeframe.googlesyndication.com
delivery.adrecover.com
dis.criteo.com
dps.jp.cinarra.com
ds.uncn.jp
dsum-sec.casalemedia.com
dsum.casalemedia.com
e19a34cd-4cdd-4d91-822a-d2499a5b1a8b.t.ssp.hinet.net
e3.adpushup.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fcm.holmesmind.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fp.holmesmind.com
g2.gumgum.com
gdn.socdm.com
gocm.c.appier.net
google.dap.fw-ad.jp
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.scupio.com
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s3-ap-southeast-2.amazonaws.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.adotmob.com
sync.aralego.com
sync.fout.jp
sync.go.sonobi.com
sync.inmobi.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
t.ssp.hinet.net
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.adtrek.co
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
y.one.impact-ad.jp
aa.agkn.com
b1sync.zemanta.com
cm.g.doubleclick.net
core.iprom.net
cs.admanmedia.com
csync.loopme.me
dsum-sec.casalemedia.com
image8.pubmatic.com
onetag-sys.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pool.admedo.com
prebid.a-mo.net
pubmatic-match.dotomi.com
s3-ap-southeast-2.amazonaws.com
sync.go.sonobi.com
sync.outbrain.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
usersync.gumgum.com
www.adtrek.co
x.bidswitch.net
103.132.192.30
103.229.10.171
103.229.206.240
103.231.98.194
103.231.98.195
103.254.153.160
104.16.87.20
104.18.12.76
104.18.13.76
104.18.19.126
104.18.24.173
104.18.99.194
104.211.156.162
104.26.3.91
104.26.5.103
104.71.48.26
104.71.49.155
108.157.109.114
124.146.215.4
13.107.21.200
13.107.42.14
13.112.54.241
13.115.196.111
13.229.186.111
13.230.132.255
13.237.117.95
13.250.207.233
13.33.33.127
13.33.33.27
13.33.88.98
13.76.45.37
139.162.40.113
139.5.84.243
142.250.4.101
142.250.4.154
142.251.10.155
142.251.12.101
142.251.12.156
142.251.12.157
142.251.12.97
145.40.89.200
150.136.26.45
151.101.193.108
151.101.66.49
152.199.39.108
162.19.138.120
172.217.194.132
172.217.194.149
172.217.194.155
172.217.194.94
172.253.118.102
172.253.118.95
18.139.44.145
18.155.68.87
18.177.11.95
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
185.183.112.148
185.84.60.29
198.8.71.131
20.127.253.7
20.212.157.225
202.131.200.84
202.232.238.37
202.241.208.52
203.75.214.136
209.191.163.209
209.191.163.210
210.59.219.181
216.239.38.178
23.106.127.38
23.106.127.52
23.106.69.72
23.41.65.80
23.75.85.227
23.78.217.19
3.126.222.143
34.107.148.139
34.117.219.39
34.193.201.64
34.95.67.231
34.96.105.8
34.96.119.68
34.98.64.218
35.186.193.173
35.190.60.146
35.201.76.93
35.213.109.249
35.213.117.18
35.213.12.39
35.213.93.179
35.244.159.8
35.247.47.28
35.71.178.8
35.73.244.105
38.91.45.7
42.99.140.144
42.99.140.200
44.239.168.124
50.116.239.135
50.16.238.86
51.79.234.101
52.196.174.187
52.220.190.140
52.223.40.198
52.46.155.104
52.74.162.2
52.74.74.2
52.77.9.69
52.95.129.116
54.150.245.94
54.211.207.107
54.249.220.92
54.255.147.224
54.64.204.37
54.75.88.22
54.84.84.112
64.120.88.131
67.199.150.81
67.199.150.82
68.67.160.114
68.67.161.208
69.16.175.42
69.173.144.139
69.173.158.64
69.173.158.65
74.125.200.94
74.125.24.103
74.125.24.132
74.125.24.154
74.125.24.156
74.125.68.155
74.125.68.156
74.125.68.94
74.214.196.131
84.17.37.44
96.17.188.24
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01513572e7cf0b64bb892c936a545f572352a07993f97a63024461efbde136dc
01b4f51cb4adacf39e490eb0b247798243ec108fe29d41f9858ddbdd40a7452a
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
038192d5ad9475223f1dbc9d906ce02502daae866784df87ccecee8c3c8defe8
04af379c37398603077d9d44bfccfb4f4fa3cddcd33a3f1629f25c22031a09a6
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
08f21b415bd9e97d9fbcc9e7c1958b2d9d7a71471e3732fc25f0105f98a1d31c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ab416c95199e325861b98ac0e2fd955c062d2b3e14eec5c5caffb4cd430c3b5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d05d748e2bed6c06d43389b5ce1e231a15bbad2d5b0569106cf95249bc1ae92
0e74fbb4c49a44d222a938012bf4284b6f9484ceb05c828d39b7c84828f1629e
0f783484a5c5824a2d690b304ec6934cf448a29d0572213e147fe672978e6f6c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188e573bf1e6355ef4c477989d3871b5bad7e45ac71628ad3a3139284b1e0229
1ac3130c49137e3c7cf968a9f78ce7437699563dc2104b629791dfe7ce744f16
1b672d771ea2e2d6cf15df45fa4978c98d571b4521e5ebedb7b060e65577c127
1b918ab7ac683bfde6f789a81b77ffcaec1b7239fa1972c921e09cb5b28afe8e
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1d7a8675b6647538e61d96f183ab74523f08737993efdb3be807781572177bb7
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
21cae797f98ffb57af916d8cc1240a57ba56acffca7064cf03b8a71eb7ae2610
22df71a89a61194292e30547759fa7dd22b7c31e3b4d3b91494480a9b1e545e7
25c22eee2c69b4217b055a95f4bead73ec04923e53a7db83d8d435e4cae5a179
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
2a0031d8e25051911b2fd368ca9766d16c003b8ed9f55a18a6d9a82b5f5c255c
2a6b050dfbee40d9b3dec339c654771ddd057faa8cec3cb3ae9b5b03be10f50f
2d5c1c88c6c948d7508480ea94fabfc63f6c056f84ce2fa555290ebf28c39270
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3204ab2ad39117e6e6edca4b8cf442aba5bebe84d2551d2b13a0878e904e5c76
329207b92af69436ae27bd18018708800f455ee6ceb825411c86a3c659975c05
32ed70d61b938655576f2f31d071f9718cc672efbb416ba69bb30f24eaf5ce9c
330f76ee720927481e92c4f344a43bdf66af209bb74aad6be1ceaf75092928df
33de850682d1c7a0265eac72af330c39f0d59067c7371e6648a80a50f5a9c044
340bfbdf380cc93c957cdc41afd82b19a8ac39137de60e1e5058130823acbc60
355a9bb024259a7da67bbd02e38097bc18fe12f9f824859d7a98d6c066204809
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36bda3b04bf4ab6284353ade779bcd8b3eb4e245add4ca5df0ff31c25421ff02
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c
3a6471fa0019f76dcc734c925c544edf9608d392b40d4a26ef9244d01b7c6b24
3affb7138a23846fc1abd98ec56528e801dc9967fa0a9115c5ed4d80aa511183
3c1886ac9867da46d6c05ca1a0df4d0634b055826d142b12387e0b4fb483ae39
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e5596cfb1f92d12c210d363062b7ca07eacaa2840a4c73b095c2e87e652597d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eff40b5baa173579a18a83e983bc913aa99df9cdde0df72849e6c9309c5ab88
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ec72c152e2fb0c338e2759633457f0ea89297987019e50e2cf449798847340
41f2e55756b62016e6b26d2a6765eb5c74f243c9e0bd7f3254835f714d6997cc
43651d9987d330a8113243857b3e376194303e4ec962c2590676657b639ae99e
452a447ab582c697f34c330864a68dc1cde9a8c096cb4658bf8c871d95bccd47
45c2af6cf00270892b997265755b086541910d9f5192864a0903eea6b3101aec
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
480c6d422ac35b202cb5c0ff3e440a24c46c4d598282004216321f24544ae625
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e7fa596bba271c09bc91b45d8f11118823504374aff551e34c69a7627ecdca
4ac691506b5a85346f2528026f76e81e4a116bb10e318910065b1ffac686b3f3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5fd409ff8de592e62ceb5d7edbb3d0fde10bcc962c215926c26ae56d10e903
4b7c730c8bb7fb72b76d2e0094c7e002f3334c9e5222559cb323e5ca5b44780b
4c64dbc02e2995030212280c7de9d5c748e3239427a5f3fa1b8578f195e47db6
4cd4c62cef16c9c1060c218f31b42d39e2cb22d2ff282cf9cfa403f4e1224acf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5255712642442166414e4cfc6182afcd7bd0ba36f38c467b50b5f572cfc01e6a
5354c8c5c5e721837aa49b055959d9b0dbd2c04d2f367dd512f267401538e472
5359a5d1904791206d41de0e2c7b9c2ba9eab011833e2f5a474be252979c7e03
53d4699b215095f0487f97f41944872811301341b6aad368922b12e00c55acf0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
555c3daf2520cd7e8dc09dcc471b5780859dbc4415a4896a7906bf82ee19b6c6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
5be6d94a1c57ddcf9a15446cb0462d83e6f891adcd37d0c68e063bb736bd986b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5ff0e0bba1f87dcc790b41cbdf2247e0989f0165d2d4efe3e4514ca2531b50ef
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61ad68b4764fd7dd17722748665468efb0eef518b0ae7807587c944f3b7ff9c6
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621e7a9010633eb161c9b74eadc45bde15f83750588d8c4418e4b54ffe16acad
62fd7e69b709d10b25c2bfedde4cd56d4411868c1e88a385793badca55973cb9
63af0192ee2fd131b1b79cf8097cb830e3dc9b29580fb378fa089bf0340adfc2
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
63fef893caa8e132a1d76982f6f30e0b39515ed31063853d93ee01cff074798a
64ee123f451321843d5f59ffd8859851b94703f219cf64708becea73171e7d25
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66fa482bd3b385975db3abb16ffbc88f9fbb4f5b0b737540b3fae81e9b47b8e1
6828916f821123b594efeb74662d35fd5afb0b070a45563b35ebc473dc3ead52
682ffa5a005176cfbe0c4e5e062b7d9aa5e406c4031e289a4c220d1c00211642
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aec8ac2a7b20e7548ea318fd21f136c8e4167a99dc261562e7b8998f8c6977e
6b0cf53328e722c6397792a5b5db725ce7416d9e17895a0e457f41c256ad584b
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6e5b63ce9670129b72e251f4f9dbe67d87df8cc162c732c985612ff4b8ef1c75
6f123aa53cf5ce3f5b2775d908132ea60d7dc3de3cf16cb11e1c7be27e37aa0d
719ea747db8c1745533e9c64c78c9bf541073487fd61dba1b18c5f16d5f17088
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
7509a54fe5d827f469ccfedc968dffe35d21215a8323b4e954948b3fa4e5bace
75f50c261b08272f0db9cf668ef94aaf5fb2fd3bcf7f691c3b960581cd142530
7ab9a81460eec19771cfeddbfbe776142581358496b394f2259ff4f4dcefbefa
7b1748e516872d3ec44b5f5dd98131d5cf81f6e1821a7a6d0f886bc28720aa23
7b37126639961d0475f5f28c9887fbd21671e1a96a891120183d3182365eb586
7e61dcf5fa6f4ac47352e171d567b8c1c47f7d07241aecbfc06ce1b3a9a745db
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
8248df04ccb69bd161bda7d5abf2912054adffe61b2a70c86643e4e411dd63e3
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
89a3cd86231932c1f0588ac9327257c7e7102f9a4252fcaa4ad2269c486a53b1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eceb3b77fb85545a7deaf9b0b5a862291c6ec78d2256c5bdcd35419608d2e26
902f26762d256f720fea716e5230283bafb31ae50b5a7f2309ef0c7160b3912d
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92ed147fc15d3c39f07e271e6f81abbc19e102bddfd92deea299d5b84bef38a1
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
981688a9ab54df24eb8a49e339d34e635082005fb64a29e97059b4f291a3e38b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
999ec0b6b043fe0c44810a1484da546db599402645b13f1d6563a70a07d4af7c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adf576ddd0442b6a67f51585018b423f7548df921fee9591b06f76b453593bd
9c04ce2b767d6acaca434f12b6d6486c4339fd21e3c5c883ad83ff2bf2246372
9d10843b73211d37c1e21416b91114de626394eec8fdfd3ee51ad4de8de89107
9d4ec2fe4054de0bc85f2853bfbe67c2f57775e5508a2dee62fc0cc9e13565f8
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7
9eaa08418e3a297cbdf61fae0bcba3ac0f9531c44afc283a7da126199394b1af
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a338c761e41f1324cfd4118c0fc1009e815050f3fa15c421a0d0c8f516a8a014
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
ac7aedd5ad4b0074cf812f488d52171dece90d64bac34895eb6b8cb15604595a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0c9266540fa62d3de329b74fe53d3c4d3c9e40eb1c504f8841d8bf12bd4091e
b0e53026fbdf31995ad876262629de4c35487aca67620064532c8a77a9abfa18
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16382f8685a8cdb22fc410b4df0b485ca4f66d6004f8998023b36183be3e0f4
b24ccb72ecc2ae9647b0d7a8adb325240b3a65d4ee222fc24137fd823b7abc72
b2ec40061da9773e9e9eceeb7dbfaf4afd13f49d3ab890a8566aec199919624b
b81e2f9fd1425cfdb286de3f8c48da17b58ea35644eec07802406f73d0b410ed
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be524e23870aef024868b813321f41497da19f0eac18c195fa22865f5027c555
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c13dffe4a7ee42eb598e42476ae8148ff7139c789b737501a16701200aaa6233
c156e2771927ce196034439e75f43effeb52ad6875d40bd12daf6f8124a8d445
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e5ecf59c20cd885723675fc055814e6d0f839e139e24aee0b8aa359be98c2a
c3e473d479b570c98cb31c0e98bb2d7ae6284dbfd0e2631bfa4718b9157fdf8d
c44d01dcc4b5ec2d67d2a22a65507a24f24b2c95efa5fb3bd370dace12515d69
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87
c590106c538d6a794d33b08be9570898a47529098712f14a8f55b55f7d189f2c
c699dae460d201dbfdf3a850a83c2cd9c41d0eb96873bdefe263808f531794d5
c9cc37680d2bb1c1dc21bbcccecc2453d8993ecd73c646e16992fa8625202576
cabf0c93ba5889d582e985f93b156242d8c92ea6d3645097bc15d5f8038ab441
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d25748100cd828212b1c129e0e8cf70249c8b147a458db5cad88d9b19159b633
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d79977d6666ef96957fbfb1471a5668d29e63435248588f06094e5625d36ebe3
d7d23d3ab2ac96f03704a31fcf43f6a1bda607d4322caea23b6c8b87921cec3e
d8374bc6600715a545574b616214bcc76cc042df5a50f80a1e30c31c348139c4
d989d660e37338ede9ee8746a41f6c67bf628aeb5270ca47e93be75ef4c8d59c
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f
dd043f2f6b13ee8d7e7a04b0f7eaf247899d0d987a1d6dee72b56fdc447a2916
ddd61ecebf36941bd6d1aa20ca07868d826fd9eb6f3a5e660e0afbb703ae6793
dee1d66ca0d1c8bd758668a8ca82fd9e98d10eefcd1f3f10e0336725cab41375
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2c86c0baa1b5d23b94f0d1a632349311c08790bfe692c24903d7d851b8172be
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e396e37cbb706a967089f426f4705851bc6f4d3d2763e408ec27db0a1f54c664
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e57a4cf896194884fdb23b002e13a4650bc341d81651f5803f14b1c18f3bd6bb
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ea2baf6565755604335517bd75327839907dd1d8e51d52ecb754ad3b5f8c965b
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
eb850f0aa97c25e486a535d8ed2807b3389eb407cbf2bc566cb3f177d64d580b
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec587886fb7850e267d7d17b2c4611caa8b798b95fbacf7a3a6b77f42c848c65
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef23419b29829ad26bdbac33b6da62422531609065cee2adc0a8d17a001f0393
efc39ee011b8d6bd9782d73457c999dd6ed2dcea0803929e04968a7baa307dbd
efd5d702ff6a3fc55a83a8169b88378fce858743bf2e3fa228a9cab51170b884
f28ae6d64fc2b897822adde03cdf0b40bae06b2c4533d045e69e9229938190d4
f2fd7a35949782d3190c8fbbe987487385857a8954d65b5b24db9708865838cf
f3ebfd3bcea84282729c9026fc76647b7bd47fe90e58732e1a4404e4b3f7d2b8
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f824af6240aaa57ba4104f1969365afa9b6904544545284db4a7469e6a94768a
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fd2e64384d5cc71927cf81f5573a619ed7ca3a09864a1b8ac9167bbe2b1f6f0d
fda78dd6d350cd0f3175f0b9f88accd05c1a821199d84b63d9680553d501bc1f
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e