urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Submission: On November 10 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 94 IPs in 12 countries across 90 domains to perform 495 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 99821.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
20 74.125.24.132 15169 (GOOGLE)
1 3 23.108.102.145 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
22 104.26.3.91 13335 (CLOUDFLAR...)
32 172.253.118.156 15169 (GOOGLE)
3 64.120.88.131 133752 (LEASEWEB-...)
2 69.16.175.10 20446 (STACKPATH...)
13 74.125.68.157 15169 (GOOGLE)
2 172.217.194.97 15169 (GOOGLE)
3 142.251.12.138 15169 (GOOGLE)
2 142.251.12.154 15169 (GOOGLE)
5 172.217.194.155 15169 (GOOGLE)
6 172.217.194.157 15169 (GOOGLE)
1 9 142.250.4.154 15169 (GOOGLE)
3 172.217.194.94 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
3 182.161.74.19 55569 (CRITEO-AS...)
3 182.161.73.148 55569 (CRITEO-AS...)
26 74.125.200.132 15169 (GOOGLE)
4 74.125.24.156 15169 (GOOGLE)
27 182.161.73.129 55569 (CRITEO-AS...)
3 182.161.73.132 55569 (CRITEO-AS...)
1 8 74.125.24.103 15169 (GOOGLE)
42 182.161.73.135 55569 (CRITEO-AS...)
6 182.161.73.142 55569 (CRITEO-AS...)
1 3 103.229.10.211 16509 (AMAZON-02)
1 104.16.89.20 13335 (CLOUDFLAR...)
4 24 51.79.234.100 16276 (OVH)
1 35.213.117.18 15169 (GOOGLE)
1 35.166.214.217 16509 (AMAZON-02)
1 2 145.40.89.200 54825 (PACKET)
1 52.77.194.193 16509 (AMAZON-02)
2 12 35.244.159.8 15169 (GOOGLE)
2 7 104.18.19.126 13335 (CLOUDFLAR...)
1 182.161.73.145 55569 (CRITEO-AS...)
3 3.113.214.6 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
6 9 68.67.160.132 29990 (ASN-APPNEX)
1 184.51.137.72 16625 (AKAMAI-AS)
15 34.246.45.103 16509 (AMAZON-02)
1 13.33.88.61 16509 (AMAZON-02)
2 104.211.156.162 8075 (MICROSOFT...)
3 20.212.157.225 8075 (MICROSOFT...)
3 172.253.118.95 15169 (GOOGLE)
4 7 18.142.1.26 16509 (AMAZON-02)
15 41 142.251.12.157 15169 (GOOGLE)
2 2 35.186.253.211 15169 (GOOGLE)
12 12 70.42.32.95 22075 (AS-OUTBRAIN)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
1 1 52.193.190.16 16509 (AMAZON-02)
1 1 3.1.247.163 16509 (AMAZON-02)
1 104.17.24.14 13335 (CLOUDFLAR...)
4 74.125.204.120 15169 (GOOGLE)
3 182.161.73.136 55569 (CRITEO-AS...)
12 13 15.197.193.217 16509 (AMAZON-02)
3 10 52.223.2.229 16509 (AMAZON-02)
9 184.51.136.24 16625 (AKAMAI-AS)
1 52.222.158.9 16509 (AMAZON-02)
2 104.18.13.76 13335 (CLOUDFLAR...)
8 23.75.85.227 16625 (AKAMAI-AS)
1 184.51.240.199 16625 (AKAMAI-AS)
3 4 13.107.42.14 8068 (MICROSOFT...)
3 3 124.146.215.45 2514 (INFOSPHER...)
1 124.146.215.3 2514 (INFOSPHER...)
1 1 150.95.47.241 7506 (INTERQ GM...)
1 1 13.251.2.7 16509 (AMAZON-02)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 2 162.19.138.82 16276 (OVH)
1 1 142.250.4.102 15169 (GOOGLE)
2 74.125.152.105 15169 (GOOGLE)
2 2 50.116.239.135 6336 (TURN-US-ASN)
2 2 13.33.88.20 16509 (AMAZON-02)
6 6 103.229.206.241 30419 (MEDIAMATH...)
1 2 69.173.144.139 26667 (RUBICONPR...)
8 13 69.173.158.64 26667 (RUBICONPR...)
1 2 23.106.127.164 59253 (LEASEWEB-...)
2 4 35.190.60.146 15169 (GOOGLE)
4 9 52.46.128.147 16509 (AMAZON-02)
7 9 103.231.98.197 62713 (AS-PUBMATIC)
4 5 52.74.162.2 16509 (AMAZON-02)
5 6 35.213.12.39 15169 (GOOGLE)
3 3 23.41.65.80 16625 (AKAMAI-AS)
2 2 198.8.71.131 54312 (ROCKETFUEL)
4 184.51.240.213 16625 (AKAMAI-AS)
12 12 74.118.186.45 26120 (RHYTHMONE)
2 96.17.188.24 16625 (AKAMAI-AS)
2 2 175.41.187.173 16509 (AMAZON-02)
1 182.161.73.146 55569 (CRITEO-AS...)
3 3 23.207.185.68 16625 (AKAMAI-AS)
2 2 3.124.32.217 16509 (AMAZON-02)
2 54.156.112.43 14618 (AMAZON-AES)
1 2 104.18.101.194 13335 (CLOUDFLAR...)
3 4 185.84.60.23 ()
1 204.79.197.200 8068 (MICROSOFT...)
1 54.65.159.169 16509 (AMAZON-02)
1 2 23.106.127.39 59253 (LEASEWEB-...)
4 4 209.191.163.208 14744 (INTERNAP-...)
2 3 52.94.220.185 16509 (AMAZON-02)
1 10 139.5.84.243 27381 (CASALE-MEDIA)
1 2 54.186.170.143 16509 (AMAZON-02)
1 23.106.69.73 59253 (LEASEWEB-...)
2 2 68.67.160.184 29990 (ASN-APPNEX)
2 2 54.163.172.97 ()
4 4 151.101.194.49 54113 (FASTLY)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
5 6 103.231.98.194 ()
1 103.231.98.196 62713 (AS-PUBMATIC)
1 13.237.117.95 16509 (AMAZON-02)
2 2 74.214.196.131 19189 (PULSEPOINT)
3 23.106.127.165 ()
2 2 18.176.162.247 ()
19 13.112.54.241 ()
1 1 35.213.93.179 ()
1 1 54.225.22.7 ()
1 193.122.174.27 ()
1 169.197.150.7 ()
2 2 52.74.140.155 16509 (AMAZON-02)
1 1 80.77.87.161 ()
2 2 185.184.8.90 ()
1 1 8.43.72.97 ()
1 103.231.98.195 ()
1 1 34.83.125.63 ()
495 94
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
20    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
b0b34d9644a03a76c35f13e857675187.safeframe.googlesyndication.com
42b468c16f0772d753874c29b744d369.safeframe.googlesyndication.com
6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
3    23.108.102.145 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
22    104.26.3.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
32    172.253.118.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f156.1e100.net
pagead2.googlesyndication.com
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
13    74.125.68.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f157.1e100.net
securepubads.g.doubleclick.net
2    172.217.194.97 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f97.1e100.net
www.googletagmanager.com
3    142.251.12.138 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f138.1e100.net
www.google-analytics.com
2    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
partner.googleadservices.com
5    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
adservice.google.co.nz
6    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
adservice.google.com
9    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
googleads.g.doubleclick.net
3    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
d-1131636251703099984.ampproject.net
fonts.gstatic.com
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
3    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
3    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
26    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
tpc.googlesyndication.com
4    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
www.googletagservices.com
googleads4.g.doubleclick.net
27    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
3    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
8    74.125.24.103 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f103.1e100.net
www.google.com
42    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
6    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
3    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    104.16.89.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
24    51.79.234.100 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip100.ip-51-79-234.net
onetag-sys.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
1    35.166.214.217 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-214-217.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
2    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    52.77.194.193 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-194-193.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
7    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
3    3.113.214.6 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-214-6.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
9    68.67.160.132 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    184.51.137.72 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-137-72.deploy.static.akamaitechnologies.com
a.teads.tv
15    34.246.45.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    13.33.88.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-61.sin2.r.cloudfront.net
rules.quantcount.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
3    20.212.157.225 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bi.adpushup.com
3    172.253.118.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f95.1e100.net
fonts.googleapis.com
imasdk.googleapis.com
7    18.142.1.26 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-1-26.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
41    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
cm.g.doubleclick.net
bid.g.doubleclick.net
ade.googlesyndication.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
12    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
1    52.193.190.16 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-190-16.ap-northeast-1.compute.amazonaws.com
google.dap.fw-ad.jp
1    3.1.247.163 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-247-163.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    104.17.24.14 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    74.125.204.120 (United States)

ASN15169 (GOOGLE, US)
PTR: ti-in-f120.1e100.net
csi.gstatic.com
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
13    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
10    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
9    184.51.136.24 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-136-24.deploy.static.akamaitechnologies.com
contextual.media.net
1    52.222.158.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-9.cdg52.r.cloudfront.net
public.servenobid.com
2    104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
8    23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    184.51.240.199 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-240-199.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    124.146.215.45 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    124.146.215.3 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
gdn.socdm.com
1    150.95.47.241 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-241.a00c.g.jpt1.static.cnode.io
sync.dsp.reemo-ad.jp
1    13.251.2.7 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-2-7.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
1    142.250.4.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f102.1e100.net
gcdn.2mdn.net
2    74.125.152.105 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s30-in-f9.1e100.net
r4---sn-ntq7yns7.c.2mdn.net
2    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    13.33.88.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-20.sin2.r.cloudfront.net
cr-p3.ladsp.com
6    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
13    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    23.106.127.164 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
9    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
9    103.231.98.197 (Japan)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
5    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
3    23.41.65.80 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-65-80.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    184.51.240.213 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-240-213.deploy.static.akamaitechnologies.com
ads.pubmatic.com
12    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    96.17.188.24 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-188-24.deploy.static.akamaitechnologies.com
cs.media.net
2    175.41.187.173 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-187-173.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
3    23.207.185.68 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-185-68.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    3.124.32.217 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-32-217.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    54.156.112.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-112-43.compute-1.amazonaws.com
cs.emxdgt.com
2    104.18.101.194 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
4    185.84.60.23 (None, )

ASN- ()
c1.adform.net
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
1    54.65.159.169 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-159-169.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
2    23.106.127.39 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
4    209.191.163.208 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ce.lijit.com
ap.lijit.com
3    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
10    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    54.186.170.143 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-170-143.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    23.106.69.73 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
2    68.67.160.184 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
2    54.163.172.97 (None, )

ASN- ()
sync.srv.stackadapt.com
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
6    103.231.98.194 (None, )

ASN- ()
image2.pubmatic.com
1    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    13.237.117.95 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-237-117-95.ap-southeast-2.compute.amazonaws.com
www.adtrek.co
2    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    23.106.127.165 (None, )

ASN- ()
rtb-csync.smartadserver.com
2    18.176.162.247 (None, )

ASN- ()
match.prod.bidr.io
19    13.112.54.241 (None, )

ASN- ()
usersync.gumgum.com
1    35.213.93.179 (None, )

ASN- ()
a.sportradarserving.com
1    54.225.22.7 (None, )

ASN- ()
sync.ipredictive.com
1    193.122.174.27 (None, )

ASN- ()
sync.technoratimedia.com
1    169.197.150.7 (None, )

ASN- ()
match.deepintent.com
2    52.74.140.155 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-140-155.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
1    80.77.87.161 (None, )

ASN- ()
cs.admanmedia.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    8.43.72.97 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
1    103.231.98.195 (None, )

ASN- ()
image4.pubmatic.com
1    34.83.125.63 (None, )

ASN- ()
um.simpli.fi
Apex Domain
Subdomains		 Transfer
75 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
pix.as.criteo.net — Cisco Umbrella Rank: 15906
csm.as.criteo.net — Cisco Umbrella Rank: 15767
805 KB
66 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
b0b34d9644a03a76c35f13e857675187.safeframe.googlesyndication.com
42b468c16f0772d753874c29b744d369.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 275
619 KB
61 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
bid.g.doubleclick.net — Cisco Umbrella Rank: 672
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294
546 KB
31 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 922
fastlane.rubiconproject.com — Cisco Umbrella Rank: 439
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2024
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 861
token.rubiconproject.com — Cisco Umbrella Rank: 544
pixel-us-east.rubiconproject.com
55 KB
24 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 723
11 KB
23 bg3.co
www.bg3.co — Cisco Umbrella Rank: 99821
static.bg3.co
13 KB
21 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 561
ads.pubmatic.com — Cisco Umbrella Rank: 458
image2.pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 662
image4.pubmatic.com
simage4.pubmatic.com Failed
37 KB
20 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1324
usersync.gumgum.com
6 KB
17 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 491
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
14 KB
17 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15170
e3.adpushup.com — Cisco Umbrella Rank: 16671
campaign.adpushup.com — Cisco Umbrella Rank: 29370
aplogger.adpushup.com — Cisco Umbrella Rank: 16187
bi.adpushup.com — Cisco Umbrella Rank: 17664
313 KB
16 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1592
public.servenobid.com — Cisco Umbrella Rank: 3158
9 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 353
325 KB
14 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13712
rtb.openx.net — Cisco Umbrella Rank: 1473
u.openx.net — Cisco Umbrella Rank: 656
us-u.openx.net — Cisco Umbrella Rank: 407
jp-u.openx.net — Cisco Umbrella Rank: 10594
8 KB
14 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 20361
ads.as.criteo.com — Cisco Umbrella Rank: 15481
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 16096
bidder.criteo.com — Cisco Umbrella Rank: 691
gum.criteo.com — Cisco Umbrella Rank: 390
dis.criteo.com — Cisco Umbrella Rank: 631
155 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
5 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
7 KB
12 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915
7 KB
12 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 531
8 KB
12 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
5 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
acdn.adnxs.com — Cisco Umbrella Rank: 579
secure.adnxs.com — Cisco Umbrella Rank: 426
28 KB
12 media.net
prebid.media.net — Cisco Umbrella Rank: 1201
contextual.media.net — Cisco Umbrella Rank: 535
cs.media.net — Cisco Umbrella Rank: 1349
18 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 554
eb2.3lift.com — Cisco Umbrella Rank: 339
5 KB
9 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 519
6 KB
7 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1720
ssbsync.smartadserver.com — Cisco Umbrella Rank: 807
rtb-csync.smartadserver.com
3 KB
7 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 899
x.bidswitch.net — Cisco Umbrella Rank: 281
3 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
3 KB
6 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27807
sync.aralego.com — Cisco Umbrella Rank: 2762
4 KB
5 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 150757
1 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 533
1 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 862
ap.lijit.com — Cisco Umbrella Rank: 599
2 KB
4 adform.net
c1.adform.net
2 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 540
573 B
4 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 883
gdn.socdm.com — Cisco Umbrella Rank: 78863
4 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
2 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9020
46 KB
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 480
2 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 906
r4---sn-ntq7yns7.c.2mdn.net
2 MB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
imasdk.googleapis.com — Cisco Umbrella Rank: 413
131 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 917
pixel.quantserve.com — Cisco Umbrella Rank: 664
cms.quantserve.com — Cisco Umbrella Rank: 615
11 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
142 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
510 B
2 creativecdn.com
creativecdn.com
700 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 645
624 B
2 bidr.io
match.prod.bidr.io
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 510
1 KB
2 stackadapt.com
sync.srv.stackadapt.com
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
2 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 471
477 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 942
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 865
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
2 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 695
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25501
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 708
866 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 479
3 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1763
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 587
cdn.indexww.com — Cisco Umbrella Rank: 1490
2 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6521
960 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 881
898 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
1009 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
77 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 669
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 16217
10 KB
1 simpli.fi
um.simpli.fi
659 B
1 admanmedia.com
cs.admanmedia.com
660 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 sportradarserving.com
a.sportradarserving.com
280 B
1 adtrek.co
www.adtrek.co
399 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2180
419 B
1 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 924
215 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 241
667 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 618
514 B
1 reemo-ad.jp
sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 133976
401 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 201
5 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 498
356 B
1 fw-ad.jp
google.dap.fw-ad.jp — Cisco Umbrella Rank: 139648
526 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 8225
485 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 847
634 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1371
521 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3711
visitor-fra02.omnitagjs.com Failed
518 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
2 KB
1 ampproject.net
d-1131636251703099984.ampproject.net
0 linksynergy.com Failed
tags.rd.linksynergy.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
495 90
Domain Requested by
42 pix.as.criteo.net ads.as.criteo.com
37 cm.g.doubleclick.net 15 redirects 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
www.bg3.co
u.openx.net
onetag-sys.com
eb2.3lift.com
g2.gumgum.com
32 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
www.googletagservices.com
6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
27 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
www.bg3.co
26 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
imasdk.googleapis.com
24 onetag-sys.com 4 redirects cdn.adpushup.com
onetag-sys.com
public.servenobid.com
ads.pubmatic.com
22 static.bg3.co www.bg3.co
19 usersync.gumgum.com g2.gumgum.com
eus.rubiconproject.com
15 ads.servenobid.com cdn.adpushup.com
contextual.media.net
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
ssbsync.smartadserver.com
g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
15 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
13 match.adsrvr.org 12 redirects cdn.adpushup.com
13 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
12 b1sync.zemanta.com 12 redirects
10 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
www.bg3.co
10 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
9 sync.1rx.io 9 redirects
9 image8.pubmatic.com 7 redirects onetag-sys.com
public.servenobid.com
9 s.amazon-adsystem.com 4 redirects onetag-sys.com
eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
9 pixel.rubiconproject.com 4 redirects onetag-sys.com
www.bg3.co
9 contextual.media.net cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
9 ib.adnxs.com 6 redirects cdn.adpushup.com
acdn.adnxs.com
9 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
www.bg3.co
8 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
8 www.google.com 1 redirects tpc.googlesyndication.com
www.bg3.co
6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
7 pr-bh.ybp.yahoo.com 4 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
6 image2.pubmatic.com 5 redirects ads.pubmatic.com
6 x.bidswitch.net 5 redirects onetag-sys.com
ads.pubmatic.com
6 sync.mathtag.com 6 redirects
6 csm.as.criteo.net ads.as.criteo.com
6 e3.adpushup.com www.bg3.co
6 adservice.google.com pagead2.googlesyndication.com
cdn.ampproject.org
securepubads.g.doubleclick.net
5 ups.analytics.yahoo.com 4 redirects onetag-sys.com
5 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
5 us-u.openx.net 2 redirects u.openx.net
5 adservice.google.co.nz pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 sync-tm.everesttech.net 4 redirects
4 token.rubiconproject.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 id.rlcdn.com 2 redirects onetag-sys.com
ssbsync.smartadserver.com
4 px.ads.linkedin.com 3 redirects www.bg3.co
4 csi.gstatic.com imasdk.googleapis.com
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 ade.googlesyndication.com www.bg3.co
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 stags.bluekai.com 3 redirects
3 sync.targeting.unrulymedia.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 tg.socdm.com 3 redirects
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 bi.adpushup.com www.bg3.co
3 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 cat.sg1.as.criteo.com ads.as.criteo.com
3 www.googletagservices.com googleads.g.doubleclick.net
6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
3 ads.as.criteo.com googleads.g.doubleclick.net
6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
3 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
www.bg3.co
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 bh.contextweb.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 secure.adnxs.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 ap.lijit.com 2 redirects
2 ce.lijit.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 pm.w55c.net 2 redirects
2 cs.media.net contextual.media.net
2 p.rfihub.com 2 redirects
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 ad.turn.com 2 redirects
2 r4---sn-ntq7yns7.c.2mdn.net www.bg3.co
2 id5-sync.com 2 redirects
2 sync.inmobi.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 rtb2-useast.e-volution.ai 2 redirects
2 rtb.openx.net 2 redirects
2 imasdk.googleapis.com 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
2 aplogger.adpushup.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 prebid.a-mo.net 1 redirects cdn.adpushup.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 delivery.adrecover.com www.bg3.co
1 um.simpli.fi 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 a.sportradarserving.com 1 redirects
1 www.adtrek.co www.bg3.co
1 googleads4.g.doubleclick.net www.bg3.co
1 image6.pubmatic.com ads.pubmatic.com
1 s.company-target.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 gu.dyntrk.com ssum-sec.casalemedia.com
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 dis.criteo.com contextual.media.net
1 gcdn.2mdn.net 1 redirects
1 ads.yieldmo.com 1 redirects
1 sync.dsp.reemo-ad.jp 1 redirects
1 gdn.socdm.com www.bg3.co
1 acdn.adnxs.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 cdnjs.cloudflare.com ads.as.criteo.com
1 match.sharethrough.com 1 redirects
1 google.dap.fw-ad.jp 1 redirects
1 dsp.adkernel.com 1 redirects
1 fonts.googleapis.com 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 a.teads.tv cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 campaign.adpushup.com www.bg3.co
1 42b468c16f0772d753874c29b744d369.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 b0b34d9644a03a76c35f13e857675187.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d-1131636251703099984.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 simage4.pubmatic.com Failed ads.pubmatic.com
0 tags.rd.linksynergy.com Failed ads.pubmatic.com
0 sync.outbrain.com Failed g2.gumgum.com
0 csync.loopme.me Failed ssum-sec.casalemedia.com
0 sync.go.sonobi.com Failed public.servenobid.com
0 visitor-fra02.omnitagjs.com Failed contextual.media.net
495 152

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-11-01 -
2023-01-10		 2 months crt.sh
*.dyntrk.com
R3		 2022-10-21 -
2023-01-19		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
www.adtrek.co
Amazon		 2022-10-22 -
2023-11-20		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh

This page contains 64 frames:

Primary Page: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Frame ID: B3018A356A58A8413CFEB34C3CF48CC8
Requests: 103 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: D071E02FC7420B9A2EC943DC1807C8AB
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 85411BFDA00E34341C3050CFFFBFA5D8
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: DEFFD7BC8221AF0F06763FE8F133B224
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 00F7E15FA96B19711E07455AE6C9DA03
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195318&bpp=12&bdt=1894&idt=1035&shv=r20221108&mjsv=m202211030101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=2&ga_vid=119349499.1668066196&ga_sid=1668066196&ga_hid=1196881040&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1513&biw=1600&bih=1200&isw=336&ish=280&ifk=641927352&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44776361%2C31070785%2C44770881%2C44775017&oid=2&pvsid=522746669676293&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qlveoaqs175x&btvi=1&fsb=1&dtd=1054
Frame ID: C0C9AF725A6CACE06C5B855A15730C72
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195418&bpp=11&bdt=2008&idt=1120&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=1&ga_vid=2015769107.1668066197&ga_sid=1668066197&ga_hid=472905987&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1771058701&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070722%2C31070762%2C44775016&oid=2&pvsid=1547193011255633&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u8ngh8mg8ci8&fsb=1&dtd=1137
Frame ID: 7FEB63A9242DC382D695ECF3FD61C89E
Requests: 8 HTTP requests in this frame

Frame: https://b0b34d9644a03a76c35f13e857675187.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=1
Frame ID: 2BFA553FB196A2DA8F23205A22D53AF3
Requests: 1 HTTP requests in this frame

Frame: https://42b468c16f0772d753874c29b744d369.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=1
Frame ID: FD626DE9DE0886BB87EDE074C3060AFD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1882676441639603292&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3279&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=26139005774&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&ga_hid=5774&dt=1668066196607&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&bdt=4534&dtd=521&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 52DA719DE6EBD863787155CED59734FE
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: BC0026CC5370763CE7B184E6BC0EB1F6
Requests: 30 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 67071713728EDCF0A1284E6CD9391156
Requests: 31 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A0293CA1641073B3E6A943E5F148E338
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ADAB1B6DC0FDDDCC51C89C16D98D1009
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2A3B3227E4430EBEB559406B63F4AFAD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8ADD5920338208D1C3C7A0FA80F492B1
Requests: 2 HTTP requests in this frame

Frame: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 2768EDCCF70CC9B0346DB34D0C8AEDFE
Requests: 1 HTTP requests in this frame

Frame: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: DD3E51AC9A1D8A68F73EF0C02ADD8D38
Requests: 31 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: 50A88A0B114F1009229233483E96B560
Requests: 13 HTTP requests in this frame

Frame: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 229E7660BF44A60714143B2B117286DD
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AF6D6204193C158CDE7745C77BA50098
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8F49D044A557F604E0A559579288CA3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AE9A22B170EB544240DED777D5FEB443
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 142972F23A1A0F98F72CA345F36983DF
Requests: 2 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 9EA0888EF8118F5C2BF7185047AA37AE
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4D2DE8D7EB50A72D57AAD2DB32BAEE65
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A5F13919E93BA992895A413C16BED51C
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1668066199911
Frame ID: 151BFBF6EA4060377ADDC33D3C4B41F9
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 10CB06B22D8C24C78FCE78DEB1520A11
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: C5833B0FCBA4DB334F07BCBCCBA959CB
Requests: 14 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 9567581D0FBC61743188220B01D46F99
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8E308F65DFA9E6A7F210278A52FE94CF
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 20FBB08E058B9BC0B2997C0BB4A6B18F
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9549CB5AC3E9DBF9474275B6483854D0
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3BBF67833CB235F0A247B3BD284ABE81
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 918018545D8EF6AF087D4FC93D57B1A8
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: AD6767056E0227E25FB6A837F637CE80
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: A46040FE3B0E7231182D56BDA5B1EDF4
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3110678047443697000V10&type=rkt&refUrl=&vid=80662044493110678047443697000V10&ovsid=1917759394693106554
Frame ID: 493DBDFFB66303D3EFC9E01AAFCF5A9C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Dpba%26refUrl%3D%26vid%3D80662044493110678047443697000V10%26ovsid%3DPM_UID
Frame ID: 2C733D73DF5DEE58297088DDD9CE20AB
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: C640F52C603DB750295AADC10EDFCA08
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 06555193160102C3065AA384F89B0BBB
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 81057E18D4D9B5F48E7D0C65991CD712
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: CEE7E29A86FB0C2B866B81EAF90ECBCD
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 1C1914635E50F0D0AEE24FC64C641E68
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: E96DC31089FB4255ED8D22798F6CA570
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 0850F64ECE499F641F47DFE423B60385
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4
Frame ID: E9A46709B40A0C23D6B8DF375E43AAF2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=57d5636c-ab9d-4000-a033-439ce896aa9d&gdpr=0&gdpr_consent=
Frame ID: 9C29D5D1E1211521924EF0358185A895
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y2yrnQAG9LQb5AAT&gdpr=0&gdpr_consent=&_test=Y2yrnQAG9LQb5AAT
Frame ID: 938F810F0C4C129C59A2AB7AFBD678D7
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV82ZmZhNzZiZC0xODBlLTRhOGEtOTZiNy0zMTdhNTg3NGNlYWY=&gdpr=0&gdpr_consent=
Frame ID: 59ECF8DB754E7C7777E85034A16ED81A
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 593E092E29ADEE22F530317B74081419
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y2yrnMCo8XUAADMqLl4AAAAA
Frame ID: 892AD182B04DB2A56F658C0D808E39E3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=74822500-8e9b-47da-a9ae-7b967e3c06cf
Frame ID: 69F801F06DB3D1124347E3756674B62B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y2yrnBf675.BQGUmFgNIngAA%265313
Frame ID: 49FC73A7294F0EC82509C9F6340F82F9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=uCtac6SHgVIIOB0xP2Hf&pi=gumgum&tc=1
Frame ID: AB94798DBC2C974778BE7379CD6D6CF2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 83EBCA6E131C3A60F86313CBCD85EE39
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=22DD144A-36EC-49C8-AF8E-9750A0E73917&gdpr=0&gdpr_consent=
Frame ID: 30EF4856DC7194991021EC539F6D1A66
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Frame ID: 3B56F4739B9CD4E45FE6845AD54970CC
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Frame ID: 32E1E610365F99EAABDAC934154BE53C
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Frame ID: 2BD4968354F8C31DCBBCF517038389CD
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
Frame ID: 4EE00F8B995712C13A87173EF67BEE1E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
Frame ID: B1E0DDF7C36D10CE9E1A283A1A6FFA75
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
Frame ID: C6452851EC08F971852B12B311C34E52
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

兄弟洋投魔力下週一軍先發 希克來臺後要10天調整期 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

495
Requests

75 %
HTTPS

0 %
IPv6

90
Domains

152
Subdomains

94
IPs

12
Countries

5086 kB
Transfer

10488 kB
Size

138
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 251
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 256
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGAtsCgWeRu8i_mxWjsYqdo&google_cver=1&google_push=ASkJ3FYDonXyctjVnmA4KV7UL4lyEsAzudhz0jrjV99YjoM5Z2T1dQ_6GEsxO_5gJ1yofn5EmEMG-nrookWaj4v2sH6uBjtj_3ws HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYDonXyctjVnmA4KV7UL4lyEsAzudhz0jrjV99YjoM5Z2T1dQ_6GEsxO_5gJ1yofn5EmEMG-nrookWaj4v2sH6uBjtj_3ws&google_hm=MzI3NTQ5NjU3NDI3NzcyMTQ0OA%3D%3D
Request Chain 257
  • https://rtb.openx.net/sync/dds?google_gid=CAESEF7PGIgiMHhYk426gEkaFEg&google_cver=1&google_push=ASkJ3FajYHUDHGSyJVPhhwzIrxhR8UXCTseK_mCraqYBjuxjVJmCln9jxsghJcXzJZqT2IpKttsWAEUtvjQhcVaxrenROJ32selP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FajYHUDHGSyJVPhhwzIrxhR8UXCTseK_mCraqYBjuxjVJmCln9jxsghJcXzJZqT2IpKttsWAEUtvjQhcVaxrenROJ32selP&google_hm=yvpaLHslzWwWXwB2LoL9Zw==
Request Chain 258
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESELx3ylBJ8rhUjAbKFaK89E8&google_cver=1&google_push=ASkJ3FYYkQXQc8hlaF3qiPmpSBM5bK4G7_F2zVH5Z3GRaNeERpg5eWPZp6yY_DCPvKeVCMegvH9_jgiWwCtoR5e9cpv_tk2LJkg HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESELx3ylBJ8rhUjAbKFaK89E8&google_push=ASkJ3FYYkQXQc8hlaF3qiPmpSBM5bK4G7_F2zVH5Z3GRaNeERpg5eWPZp6yY_DCPvKeVCMegvH9_jgiWwCtoR5e9cpv_tk2LJkg&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FYYkQXQc8hlaF3qiPmpSBM5bK4G7_F2zVH5Z3GRaNeERpg5eWPZp6yY_DCPvKeVCMegvH9_jgiWwCtoR5e9cpv_tk2LJkg&google_hm=OUlHYUVwX2RUN1Q1dkJ5dDdmck0=
Request Chain 259
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEITDiWikFfzYe6uzzv6_bLU&google_cver=1&google_push=ASkJ3FbpSEmo_Bg9AytgQyQlyIdLd5q3iWgcYAkbQZsGkJV--rX0fsH0jMMP6jO8DzRSRhxwmNTttsT-zR1A2U5uPwH76WYR_NEY HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEITDiWikFfzYe6uzzv6_bLU%26google_cver%3D1%26google_push%3DASkJ3FbpSEmo_Bg9AytgQyQlyIdLd5q3iWgcYAkbQZsGkJV--rX0fsH0jMMP6jO8DzRSRhxwmNTttsT-zR1A2U5uPwH76WYR_NEY HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8701406061917351773&exchange=193&google_gid=CAESEITDiWikFfzYe6uzzv6_bLU&google_cver=1&google_push=ASkJ3FbpSEmo_Bg9AytgQyQlyIdLd5q3iWgcYAkbQZsGkJV--rX0fsH0jMMP6jO8DzRSRhxwmNTttsT-zR1A2U5uPwH76WYR_NEY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg3MDE0MDYwNjE5MTczNTE3NzM&google_push=ASkJ3FbpSEmo_Bg9AytgQyQlyIdLd5q3iWgcYAkbQZsGkJV--rX0fsH0jMMP6jO8DzRSRhxwmNTttsT-zR1A2U5uPwH76WYR_NEY
Request Chain 260
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESECbXSQ0F4r4U7UjGcVlI5Xw&google_cver=1&google_push=ASkJ3FaQZcBTV_J_LdxvOECu723UbRoL1Qeo65F9e7dcFFo_GVM0jUlyeDo7JhvGbgvLwQ_3xOYHzpk_Zgq-2BI3S0csCWLiOPoR1w HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FaQZcBTV_J_LdxvOECu723UbRoL1Qeo65F9e7dcFFo_GVM0jUlyeDo7JhvGbgvLwQ_3xOYHzpk_Zgq-2BI3S0csCWLiOPoR1w&google_hm=YjI0ZTUzYzItOTM3Ni0zNGNjLWIxNzQtNjcyMmZmNTIyYjU2
Request Chain 261
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESENpga0djb-o2uu2Zai5E44s&google_cver=1&google_push=ASkJ3Fa9SIPUW3Apyv7_ruh3aMClkAOZlJ7jV9OP93sZabWLpeThGy3tdGiKMK_6ZI49YMZfwyPXFjVLyTr3IDBw7l5amz5chwFyUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZTgyZDI4OTktZTMyNi00MzA1LTk4MzgtN2NhMTY2NTUzYWNm&google_push=ASkJ3Fa9SIPUW3Apyv7_ruh3aMClkAOZlJ7jV9OP93sZabWLpeThGy3tdGiKMK_6ZI49YMZfwyPXFjVLyTr3IDBw7l5amz5chwFyUQ
Request Chain 262
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEE41RIxNdufUX_Fq5qxzvfI&google_cver=1&google_push=ASkJ3FZ08I-m0XDImHb9issyaHZr2Fo8XKwEas5uQERpuQvfwiBgSWB_Rfn4S6zRXDCckP72vPInwiUmXVSXmGQDYS_vYGU0CvwboA HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEE41RIxNdufUX_Fq5qxzvfI&google_push=ASkJ3FZ08I-m0XDImHb9issyaHZr2Fo8XKwEas5uQERpuQvfwiBgSWB_Rfn4S6zRXDCckP72vPInwiUmXVSXmGQDYS_vYGU0CvwboA&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FZ08I-m0XDImHb9issyaHZr2Fo8XKwEas5uQERpuQvfwiBgSWB_Rfn4S6zRXDCckP72vPInwiUmXVSXmGQDYS_vYGU0CvwboA&google_hm=OUlHYUVwX2RUN1Q1dkJ5dDdmck0=
Request Chain 298
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 305
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPnirxurNhFKOwzzNbj2h70&google_cver=1&google_push=ASkJ3Fa53EY6OMnQJjxhCTbAVKilYiB7VZYxwAXDRMOoVt7g_p8MIscmMRwOcszdlj0qhPVieESC2FC0fzi28rrBiSp6wFW7xHfFtS-3j5CMxogxjVOzebKZmntEooi1W4Nd55UOiep3eQRZfwV6nkvV5O8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3Fa53EY6OMnQJjxhCTbAVKilYiB7VZYxwAXDRMOoVt7g_p8MIscmMRwOcszdlj0qhPVieESC2FC0fzi28rrBiSp6wFW7xHfFtS-3j5CMxogxjVOzebKZmntEooi1W4Nd55UOiep3eQRZfwV6nkvV5O8
Request Chain 306
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEH1Baf-Q8YIVb_3LEUl0q3Q&google_cver=1&google_push=ASkJ3FaPa1cqCOCWZNUTz8y1YSNinf7ZBDhmG5LDW0yoCyMra_qZqW9pf8deIY0tg5didOuljcbmm8xzVZzO_XqHEI2SQYVAiOpanRhmRWkQC3cy2heu7SSIjBiamHpcx8HpxqK4Xlea3SRXf43ZwWnlBks HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTJ5cm5NQ284WFVBQURNcUxsNEFBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEH1Baf-Q8YIVb_3LEUl0q3Q&google_cver=1
Request Chain 307
  • https://rtb.openx.net/sync/dds?google_gid=CAESEF7PGIgiMHhYk426gEkaFEg&google_cver=1&google_push=ASkJ3FZACjRgBH9dWeccH7LEImYZ16hHX30Z9hqhDnbGzNEbfRoa2Gu_EthuxP8ZaUtfx3VdjizAfLMXb9zxDx9XP6bgBm3oo1lAUOmNBs9tQhjQ7Yiwijx50rGF7j6NUpRPmudrg8Dt3asyOUaC-lw-J5c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FZACjRgBH9dWeccH7LEImYZ16hHX30Z9hqhDnbGzNEbfRoa2Gu_EthuxP8ZaUtfx3VdjizAfLMXb9zxDx9XP6bgBm3oo1lAUOmNBs9tQhjQ7Yiwijx50rGF7j6NUpRPmudrg8Dt3asyOUaC-lw-J5c&google_hm=yvpaLHslzWwWXwB2LoL9Zw==
Request Chain 308
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEHjIP_RGXK819H26k730x_U&google_cver=1&google_push=ASkJ3FYY2aPf1r4-fN-Cpda2l_DoUbGWGOiayVlLgCQybFsE3oHWCPCFOeiROdrC4GsBh-_7-L0rQBAMlbMV4H_Elvh_JoY6IgxKEOKjngq81Vvawmf8wiqeRKyzBYrj6fc8waqpFJLaXwRzZ7qcYcqOwg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ASkJ3FYY2aPf1r4-fN-Cpda2l_DoUbGWGOiayVlLgCQybFsE3oHWCPCFOeiROdrC4GsBh-_7-L0rQBAMlbMV4H_Elvh_JoY6IgxKEOKjngq81Vvawmf8wiqeRKyzBYrj6fc8waqpFJLaXwRzZ7qcYcqOwg
Request Chain 309
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEGdxK1w9rZ2sH-OXZoh3qfM&google_cver=1&google_push=ASkJ3FbOUc-_8a0tjREbP0JoTrx3bfhRBFH7kSjx4JeEVDHIyhJbXuT4cvdMMjZx6JCSO7_BJnJ9UsUus9EDCWem3ZbrGgy4szK3bB2nEX2TRrSaQGfzD4U-zMOXTddEqH3mES4Ld80Knd30hogWcG_kqqk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbOUc-_8a0tjREbP0JoTrx3bfhRBFH7kSjx4JeEVDHIyhJbXuT4cvdMMjZx6JCSO7_BJnJ9UsUus9EDCWem3ZbrGgy4szK3bB2nEX2TRrSaQGfzD4U-zMOXTddEqH3mES4Ld80Knd30hogWcG_kqqk&google_hm=ZzQxMDgwNjdhMTk3Y2YyZDgzMWY=
Request Chain 310
  • https://sync.inmobi.com/gob?google_gid=CAESEJaGKqhSHcw1RTmNSMUvx4Q&google_cver=1&google_push=ASkJ3FYCrWqmF6lgtBTlw0Pcn5Uw-HzpoWEiMv50vfyLidTGC2TqlCyXxbvuFxaTnRCAaih-6zhBlz3LSTlsmfttH4EIdifDxO_iUnEq6JSFPSZ6T314sKubPP9lHu3sR6dLjGlzKxM_9LRyID1WSiP8X50 HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FYCrWqmF6lgtBTlw0Pcn5Uw-HzpoWEiMv50vfyLidTGC2TqlCyXxbvuFxaTnRCAaih-6zhBlz3LSTlsmfttH4EIdifDxO_iUnEq6JSFPSZ6T314sKubPP9lHu3sR6dLjGlzKxM_9LRyID1WSiP8X50 HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOpKO80yO7jfZI2QyGbFO19nk0PZETU1se_YpoWA&google_push=ASkJ3FYCrWqmF6lgtBTlw0Pcn5Uw-HzpoWEiMv50vfyLidTGC2TqlCyXxbvuFxaTnRCAaih-6zhBlz3LSTlsmfttH4EIdifDxO_iUnEq6JSFPSZ6T314sKubPP9lHu3sR6dLjGlzKxM_9LRyID1WSiP8X50 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=9aCHoMJbErMJyBFxIS18&google_push=ASkJ3FYCrWqmF6lgtBTlw0Pcn5Uw-HzpoWEiMv50vfyLidTGC2TqlCyXxbvuFxaTnRCAaih-6zhBlz3LSTlsmfttH4EIdifDxO_iUnEq6JSFPSZ6T314sKubPP9lHu3sR6dLjGlzKxM_9LRyID1WSiP8X50&google_nid=inmobi_new_eb
Request Chain 311
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEE41RIxNdufUX_Fq5qxzvfI&google_cver=1&google_push=ASkJ3FZ79ZQVJfo49nuQwqZVMxWO-IlOIR1Kwus1RcvmTPaIVQuc5GjXTecgqoXq8x5JWJHP2YI5ozbxcKe5SCFJnuj8scu0-53ZY0ZIknhGlCifgLacB6aFzeM9Cov67YRZHGK003Yu0FaJigJrXOhvUA9K HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEE41RIxNdufUX_Fq5qxzvfI&google_push=ASkJ3FZ79ZQVJfo49nuQwqZVMxWO-IlOIR1Kwus1RcvmTPaIVQuc5GjXTecgqoXq8x5JWJHP2YI5ozbxcKe5SCFJnuj8scu0-53ZY0ZIknhGlCifgLacB6aFzeM9Cov67YRZHGK003Yu0FaJigJrXOhvUA9K&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FZ79ZQVJfo49nuQwqZVMxWO-IlOIR1Kwus1RcvmTPaIVQuc5GjXTecgqoXq8x5JWJHP2YI5ozbxcKe5SCFJnuj8scu0-53ZY0ZIknhGlCifgLacB6aFzeM9Cov67YRZHGK003Yu0FaJigJrXOhvUA9K&google_hm=WmtNUy1ma0ZfbG1sWWJkZ3dPMVY=
Request Chain 314
  • https://gcdn.2mdn.net/videoplayback/id/8f877c055b2c8c49/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699602203/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/6E7CAAE5DBACE8B24527A61E72617D4F31604BB2.444B814E7FE538770B8BD949E0B1889DE89E0AE2/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-ntq7yns7.c.2mdn.net/videoplayback/id/8f877c055b2c8c49/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699602203/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/83D1B464349D1379757CA7D9715C42433CDE058C.62782B29063FEB45A41073E9507FD67AD1178C84/key/cms1/cms_redirect/yes/mh/lW/mip/116.90.74.196/mm/42/mn/sn-ntq7yns7/ms/onc/mt/1668065804/mv/m/mvi/4/pl/24/file/file.mp4
Request Chain 316
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7899739521075907908&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 317
  • https://match.adsrvr.org/track/cmf/openx?oxid=15acd010-d2a3-7442-f02b-4cc1fd9bc7dd&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=15acd010-d2a3-7442-f02b-4cc1fd9bc7dd&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&ttd_puid=15acd010-d2a3-7442-f02b-4cc1fd9bc7dd&gdpr=0&gdpr_consent=
Request Chain 318
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2yrnMCo8YoAACKuChcAAAAA
Request Chain 319
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdhvWWm5zX9Bks8ADv_jFMtnTs8AAAGEYH5cdA
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBRi6L7o757dsMLUFu6rMW0&google_cver=1
Request Chain 323
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 325
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=f21c636c-ab9c-4800-a9ef-096eb7353973&gdpr=1&gdpr_consent=
Request Chain 327
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=82151895700031269
Request Chain 329
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGB-WxGAaixd4FFxO8fbeq4nsL0sEZY2mA
Request Chain 331
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCJzXspsGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 332
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ieedz1eVSTuPwT6-jxzKRcOFRRP-IjUN2NzzqYvR6WE
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMRarS-N5C10YkwELMgSXvY&google_cver=1
Request Chain 336
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&gdpr=0&gdpr_consent=
Request Chain 342
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 343
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Drkt%26refUrl%3D%26vid%3D80662044493110678047443697000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3110678047443697000V10&type=rkt&refUrl=&vid=80662044493110678047443697000V10&ovsid=1917759394693106554
Request Chain 345
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Dapx%26refUrl%3D%26vid%3D80662044493110678047443697000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110678047443697000V10&type=apx&refUrl=&vid=80662044493110678047443697000V10&ovsid=82151895700031269
Request Chain 346
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Dopx%26refUrl%3D%26vid%3D80662044493110678047443697000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3110678047443697000V10&type=opx&refUrl=&vid=80662044493110678047443697000V10&ovsid=dd80b98f-79a3-4ea2-9364-32af4f745501
Request Chain 347
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Dmma%26refUrl%3D%26vid%3D80662044493110678047443697000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110678047443697000V10&type=mma&refUrl=&vid=80662044493110678047443697000V10&ovsid=57d5636c-ab9d-4000-a033-439ce896aa9d
Request Chain 348
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Dr1%26refUrl%3D%26vid%3D80662044493110678047443697000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Dr1%26refUrl%3D%26vid%3D80662044493110678047443697000V10%26ovsid%3D%5BRX_UUID%5D&cb=1668066205357 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5330125437 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/bf6d1ace-8c1a-4767-8ec3-de81b704f2d4 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004
Request Chain 349
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzExMDY3ODA0NzQ0MzY5NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEDYRFSqkmqPoWlMsH2RM80Y&google_cver=1
Request Chain 350
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80662044493110678047443697000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80662044493110678047443697000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110678047443697000V10&type=dxu&refUrl=&vid=80662044493110678047443697000V10&ovsid=ceewYElP1OT2dD5
Request Chain 352
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=555dc689-7fb0-4275-89a6-380ad5b649a9&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171249703&expires=5 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=b0e07e9c-6179-41d6-a78b-e576e8089484&name=BIDSWITCH HTTP 307
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=BIDSWITCH&uid=2a62ca3297af454b8f19eb7922ed945f&visitor=b0e07e9c-6179-41d6-a78b-e576e8089484
Request Chain 353
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Dzem%26refUrl%3D%26vid%3D80662044493110678047443697000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZkMS-fkF_lmlYbdgwO1V&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPK2NNGVGLLGNNDF63DNNRMWEZDHO5HTCVRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4DANRWGIYDINBUHEZTCMJQGY3TQMBUG42DIMZWHE3TAMBQKYYTAJTWONUWIPJTGEYTANRXHAYDINZUGQZTMOJXGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPK2NNGVGLLGNNDF63DNNRMWEZDHO5HTCVRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4DANRWGIYDINBUHEZTCMJQGY3TQMBUG42DIMZWHE3TAMBQKYYTAJTWONUWIPJTGEYTANRXHAYDINZUGQZTMOJXGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=ZkMS-fkF_lmlYbdgwO1V&refUrl=&type=zem&vid=80662044493110678047443697000V10&vsid=3110678047443697000V10
Request Chain 354
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3110678047443697000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3110678047443697000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=4e8432a4-d7cd-4488-a9e7-725aa7756d87&cs=1
Request Chain 356
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4
Request Chain 357
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&dongle=0cfd
Request Chain 358
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTkxMTA0NTE4MjkwOTUzNjIyMjY%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 359
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBUKi4ZBZd9EKkAl8oQutnY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 360
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTkxMTA0NTE4MjkwOTUzNjIyMjY%3D
Request Chain 361
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=19110451829095362226&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=19110451829095362226&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5541c7f8-5965-4114-b955-2cfc98cbcdee&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5541c7f8-5965-4114-b955-2cfc98cbcdee&_noobservation=1&_expected_cookie=5ad02cf8ace0a3cd796118e7b9f96d64
Request Chain 362
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=19110451829095362226&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=19110451829095362226&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7824899847300015785&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=b0e07e9c-6179-41d6-a78b-e576e8089484&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 363
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/19110451829095362226?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-EkCT3AhE2oSf3l_Pdi672WIEqNw89THMgfoefFRQ_A--~A&dongle=0883
Request Chain 364
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=19110451829095362226 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=19110451829095362226&dcc=t
Request Chain 366
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=82151895700031269&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 373
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 375
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=82151895700031269
Request Chain 376
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FoHPCLZHh5fIimBXQ06ubDv6
Request Chain 377
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FoHPCLZHh5fIimBXQ06ubDv6
Request Chain 378
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1668066205357 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4109011252 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/bf6d1ace-8c1a-4767-8ec3-de81b704f2d4 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004
Request Chain 379
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1917759394693106573
Request Chain 381
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F20007%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253Dbec707ae-4252-404c-bea1-7aa0cafadbd7%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Request Chain 382
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-tRGCP2tE2uERfQJpbnPJalcFmnL_Tp_v4tsI8JE-~A
Request Chain 383
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtM2I0MTRhMmUtMmExNS0zNmMxLWI5OWQtMDg4ZDQ5YzIyMjFlMgIGDDgB%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F29654%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3Dbec707ae-4252-404c-bea1-7aa0cafadbd7%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB6WWpReE5HRXlaUzB5WVRFMUxUTTJZekV0WWprNVpDMHdPRGhrTkRsak1qSXlNV1VxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE0ySTBNVFJoTW1VdE1tRXhOUzB6Tm1NeExXSTVPV1F0TURnNFpEUTVZekl5TWpGbE1nSUdERGdCJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-3b414a2e-2a15-36c1-b99d-088d49c2221e&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUq3wNodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMC8yOTY1ND9nZHByPTAmZ2Rwcl9jb25zZW50PSZ1c19wcml2YWN5PSZBPWJlYzcwN2FlLTQyNTItNDA0Yy1iZWExLTdhYTBjYWZhZGJkNyZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTl6YzNBdVpHbHpjWFZ6TG1OdmJTOXRZWFJqYUQ5aWFXUmtaWEk5TmlaeVBVTnBaREZaVXpCNldXcFJlRTVIUlhsYVV6QjVXVlJGTVV4VVRUSlpla1YwV1dwck5WcERNSGRQUkdoclRrUnNhazFxU1hsTlYxVnhWVEpvTUdSSVFucFBhVGgyV1ZkU2VreHVUbXhqYmxwc1ltMDVhV0ZYVVhWWk1qbDBURE5PTldKdFRWOWpSMnhyVUZSTk1FNXBXakZoVjFFNVpGZEZkRTB5U1RCTlZGSm9UVzFWZEUxdFJYaE9VekI2VG0xTmVFeFhTVFZQVjFGMFRVUm5ORnBFVVRWWmVrbDVUV3BHYkUxblNVZEVSR2RDSm1KMWVXVnlkV2xrUFElM0QlM0QmdWlkPXVhLTNiNDE0YTJlLTJhMTUtMzZjMS1iOTlkLTA4OGQ0OWMyMjIxZTICDBI4AQ== HTTP 302
  • https://ssp.disqus.com/match?bidder=12&buyeruid=FoHPCLZHh5fIimBXQ06ubDv6&r=Cid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUq3wNodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMC8yOTY1ND9nZHByPTAmZ2Rwcl9jb25zZW50PSZ1c19wcml2YWN5PSZBPWJlYzcwN2FlLTQyNTItNDA0Yy1iZWExLTdhYTBjYWZhZGJkNyZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTl6YzNBdVpHbHpjWFZ6TG1OdmJTOXRZWFJqYUQ5aWFXUmtaWEk5TmlaeVBVTnBaREZaVXpCNldXcFJlRTVIUlhsYVV6QjVXVlJGTVV4VVRUSlpla1YwV1dwck5WcERNSGRQUkdoclRrUnNhazFxU1hsTlYxVnhWVEpvTUdSSVFucFBhVGgyV1ZkU2VreHVUbXhqYmxwc1ltMDVhV0ZYVVhWWk1qbDBURE5PTldKdFRWOWpSMnhyVUZSTk1FNXBXakZoVjFFNVpGZEZkRTB5U1RCTlZGSm9UVzFWZEUxdFJYaE9VekI2VG0xTmVFeFhTVFZQVjFGMFRVUm5ORnBFVVRWWmVrbDVUV3BHYkUxblNVZEVSR2RDSm1KMWVXVnlkV2xrUFElM0QlM0QmdWlkPXVhLTNiNDE0YTJlLTJhMTUtMzZjMS1iOTlkLTA4OGQ0OWMyMjIxZTICDBI4AQ== HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUq3wNodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMC8yOTY1ND9nZHByPTAmZ2Rwcl9jb25zZW50PSZ1c19wcml2YWN5PSZBPWJlYzcwN2FlLTQyNTItNDA0Yy1iZWExLTdhYTBjYWZhZGJkNyZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTl6YzNBdVpHbHpjWFZ6TG1OdmJTOXRZWFJqYUQ5aWFXUmtaWEk5TmlaeVBVTnBaREZaVXpCNldXcFJlRTVIUlhsYVV6QjVXVlJGTVV4VVRUSlpla1YwV1dwck5WcERNSGRQUkdoclRrUnNhazFxU1hsTlYxVnhWVEpvTUdSSVFucFBhVGgyV1ZkU2VreHVUbXhqYmxwc1ltMDVhV0ZYVVhWWk1qbDBURE5PTldKdFRWOWpSMnhyVUZSTk1FNXBXakZoVjFFNVpGZEZkRTB5U1RCTlZGSm9UVzFWZEUxdFJYaE9VekI2VG0xTmVFeFhTVFZQVjFGMFRVUm5ORnBFVVRWWmVrbDVUV3BHYkUxblNVZEVSR2RDSm1KMWVXVnlkV2xrUFElM0QlM0QmdWlkPXVhLTNiNDE0YTJlLTJhMTUtMzZjMS1iOTlkLTA4OGQ0OWMyMjIxZTICDBI4Ag==
Request Chain 384
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-tRGCP2tE2uERfQJpbnPJalcFmnL_Tp_v4tsI8JE-~A
Request Chain 385
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8AXhYxbOR6GA2tbngC_VjQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8AXhYxbOR6GA2tbngC_VjQ
Request Chain 386
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&gdpr=0&gdpr_consent=&expires=30
Request Chain 387
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENGPcqcuDf6SHx0-RJ0sEIo&google_cver=1
Request Chain 388
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xVGdepTbS4-uN5hHM1Kl0w&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xVGdepTbS4-uN5hHM1Kl0w
Request Chain 389
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFBUkpQMlQtMUctRVFCUA==
Request Chain 390
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZCOqoM_FPtaFeK_HAChH-cn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3275496574277721448
Request Chain 391
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAARJP2T-1G-EQBP
Request Chain 392
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDNiNzljYjE2OWQ4N2FhNzM5YmFhMjZiMTVkZTkxOGQ2NmZhZjAwMQ
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0ucNu14KHo5bCZc57SvE8&google_cver=1
Request Chain 395
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&expiration=1670658205&gdpr=0&gdpr_consent=
Request Chain 396
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y2yrnBf675.BQGUmFgNIngAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOOYwGgtF0r3l1fBHxsnCRg&google_cver=1&google_hm=2
Request Chain 397
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB&dcc=t
Request Chain 399
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB
Request Chain 400
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y2yrnBf675.BQGUmFgNIngAA%265313?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2yrnBf675.BQGUmFgNIngAA%265313
Request Chain 404
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=82151895700031269
Request Chain 405
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f21c636c-ab9c-4800-a9ef-096eb7353973
Request Chain 406
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7899739521075907908
Request Chain 407
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=6MjTOHNtSvtww2vhhmwXNnRaSsQ
Request Chain 408
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y2yrnQAAACEclwAW HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y2yrnQAAACEclwAW&_test=Y2yrnQAAACEclwAW
Request Chain 410
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1683704605&external_user_id=b73cf5c5-9ac5-4c8f-aaaf-a30420736b94
Request Chain 412
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGB-XuQsrDHW_L-nVZFV_4zDlrS_fIWPYg
Request Chain 414
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=f21c636c-ab9c-4800-a9ef-096eb7353973&gdpr=0&gdpr_consent=
Request Chain 415
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LAARJP2T-1G-EQBP&gdpr=0
Request Chain 416
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=82151895700031269
Request Chain 418
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=7727628708377415441
Request Chain 419
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=4t_61HeVIRJ89wiFNHbBRdtnwUZe8yrmqz3gqDv9yQU
Request Chain 420
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0IzQUZEQUItNzQxRC00ODg0LTkzMjctNjBBRUJCNTc2RjA3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
Request Chain 421
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMRarS-N5C10YkwELMgSXvY&google_cver=1
Request Chain 422
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-tRGCP2tE2uERfQJpbnPJalcFmnL_Tp_v4tsI8JE-~A
Request Chain 423
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&gdpr=0&gdpr_consent=
Request Chain 424
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8651013d-a20b-4489-b92f-ed7279ff94fa&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=b0e07e9c-6179-41d6-a78b-e576e8089484&gdpr=&gdpr_consent=&us_privacy=
Request Chain 432
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICEODbv-4CGL3YwdQBIAEwAQ&v=APEucNV-IRZKXiqEos-wySE6mztfL83Sg4ynPd9eAgc8hpRs6jAm30RxTjh5Lbhgq2L9QZ4M_NH5sXhfmIjPtVWDxKFtPVXoWA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOOYwGgtF0r3l1fBHxsnCRg&google_cver=1
Request Chain 439
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=dXrBHUDEzRGl&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 441
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZkMS-fkF_lmlYbdgwO1V&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5LJVU2UZNMZVUMX3MNVWFSYTEM53U6MKW&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5LJVU2UZNMZVUMX3MNVWFSYTEM53U6MKW HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=ZkMS-fkF_lmlYbdgwO1V
Request Chain 442
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACwfE7G2VcAACBJvozevQ&gdpr=0
Request Chain 443
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=82151895700031269
Request Chain 444
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_6ffa76bd-180e-4a8a-96b7-317a5874ceaf&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=0&user_id=&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=b0e07e9c-6179-41d6-a78b-e576e8089484
Request Chain 445
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bed634f2-284a-4f77-4245-cd14483ce843$ip$116.90.74.196
Request Chain 446
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_6ffa76bd-180e-4a8a-96b7-317a5874ceaf&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZkMS-fkF_lmlYbdgwO1V&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WTLJVJS2ZTLIZPWY3LMLFRGIZ3XJ4YVMJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WTLJVJS2ZTLIZPWY3LMLFRGIZ3XJ4YVMJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=ZkMS-fkF_lmlYbdgwO1V&us_privacy=1---
Request Chain 447
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1668066205667 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6214185625 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/bf6d1ace-8c1a-4767-8ec3-de81b704f2d4 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1ca1f581-9d5a-4b13-8c2d-99ebc54be868-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-1ca1f581-9d5a-4b13-8c2d-99ebc54be868-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-1ca1f581-9d5a-4b13-8c2d-99ebc54be868-004
Request Chain 448
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=YDjDtWq3i20p&ev=1&pid=558355
Request Chain 449
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28RojUjOjSWoUbzFD-paWSyKSXpWbqfs1XPA81KfItpSlkFgHWdX47K3PqsM5P9JN9%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28RojUjOjSWoUbzFD-paWSyKSXpWbqfs1XPA81KfItpSlkFgHWdX47K3PqsM5P9JN9%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_6ffa76bd-180e-4a8a-96b7-317a5874ceaf&obuid=ENC(RojUjOjSWoUbzFD-paWSyKSXpWbqfs1XPA81KfItpSlkFgHWdX47K3PqsM5P9JN9) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26obUid%3DRojUjOjSWoUbzFD-paWSyKSXpWbqfs1XPA81KfItpSlkFgHWdX47K3PqsM5P9JN9%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&obUid=RojUjOjSWoUbzFD-paWSyKSXpWbqfs1XPA81KfItpSlkFgHWdX47K3PqsM5P9JN9&uid=a5bdf917-ad4d-49be-9344-1e6c452000f6
Request Chain 450
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=e2917460-fab6-4c14-9750-5c2c35cbc69b
Request Chain 451
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Va.xTGFE2pdap43oFoH6lD1E5KCjLYqGH9R0~A
Request Chain 452
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=2e220cec-2ef6-4d71-b74c-e1e55e216d81
Request Chain 455
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=af3a6d1a-3e69-4e18-9898-e662ab8a81af
Request Chain 456
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=9019358801462185955
Request Chain 459
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4
Request Chain 460
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=57d5636c-ab9d-4000-a033-439ce896aa9d&gdpr=0&gdpr_consent=
Request Chain 461
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y2yrnQAG9LQb5AAT HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y2yrnQAG9LQb5AAT&gdpr=0&gdpr_consent=&_test=Y2yrnQAG9LQb5AAT
Request Chain 464
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y2yrnMCo8XUAADMqLl4AAAAA
Request Chain 465
  • https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA] HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=74822500-8e9b-47da-a9ae-7b967e3c06cf
Request Chain 466
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y2yrnBf675.BQGUmFgNIngAA%265313
Request Chain 467
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=uCtac6SHgVIIOB0xP2Hf&pi=gumgum&tc=1
Request Chain 468
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 473
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LAARJP2T-1G-EQBP HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LAARJP2T-1G-EQBP
Request Chain 474
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LAARJP2T-1G-EQBP HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAARJP2T-1G-EQBP
Request Chain 476
  • https://c1.adform.net/serving/cookie/match?party=14&cid=22DD144A-36EC-49C8-AF8E-9750A0E73917&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=22DD144A-36EC-49C8-AF8E-9750A0E73917&gdpr=0&gdpr_consent=
Request Chain 477
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:57d5636c-ab9d-4000-a033-439ce896aa9d&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2485451603664769230 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 478
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2yrnQAG9LQb5AAT&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2485451603664769230 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 479
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xrdsxfl8te7 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2485451603664769230 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 480
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WvJOxg2jQZ1B9kidXaNVxg-kSJBBo06VWvZAtWUT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
Request Chain 481
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=82151895700031269&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
Request Chain 483
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=It0USjbsScivjpdQoOc5Fw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 484
  • https://idsync.rlcdn.com/420486.gif?partner_uid=22DD144A-36EC-49C8-AF8E-9750A0E73917 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=957e8e218f4394450b24f831b03abc74e979e3cdf017a3b81d2d81addac8c5c3791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5NTdlOGUyMThmNDM5NDQ1MGIyNGY4MzFiMDNhYmM3NGU5NzllM2NkZjAxN2EzYjgxZDJkODFhZGRhYzhjNWMzNzkxNDI2YjU0MTdkY2UyMRAAGgwIn9eymwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5NTdlOGUyMThmNDM5NDQ1MGIyNGY4MzFiMDNhYmM3NGU5NzllM2NkZjAxN2EzYjgxZDJkODFhZGRhYzhjNWMzNzkxNDI2YjU0MTdkY2UyMRAAGgwIn9eymwYSBAgCEABCAEoA&google_gid=CAESEHXHCi-wjs33vAZ9nzkn6G8&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
Request Chain 485
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=57d5636c-ab9d-4000-a033-439ce896aa9d
Request Chain 486
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjJERDE0NEEtMzZFQy00OUM4LUFGOEUtOTc1MEEwRTczOTE3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
Request Chain 487
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIT4br2TfoirTQXQ6sRLAdA&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
Request Chain 488
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0718DF2FD56F4D5BB321A9C98196E6D8
Request Chain 490
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2485451603664769230 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 492
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LAARJP2T-1G-EQBP HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LAARJP2T-1G-EQBP

495 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
www.bg3.co/a/ 		48 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
dfcbba70a0e40168406571fbb3e6d405fb815666225f12ed64fd4a17568587b8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 10 Nov 2022 07:43:11 GMT
ETag
"c01e-WwphhfzPUecwJfadRULyA2JM/Cs"
Expires
Thu, 10 Nov 2022 08:43:11 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
188e573bf1e6355ef4c477989d3871b5bad7e45ac71628ad3a3139284b1e0229
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 07:43:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72561
x-xss-protection
0
server
sffe
etag
"8c5dc74afc4fee5e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 07:43:12 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
2a6b050dfbee40d9b3dec339c654771ddd057faa8cec3cb3ae9b5b03be10f50f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 07:43:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9659
x-xss-protection
0
server
sffe
etag
"4254571f41355952"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 07:43:12 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
ec587886fb7850e267d7d17b2c4611caa8b798b95fbacf7a3a6b77f42c848c65
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 07:43:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7581
x-xss-protection
0
server
sffe
etag
"39279299a806cd29"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 07:43:12 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
c3e473d479b570c98cb31c0e98bb2d7ae6284dbfd0e2631bfa4718b9157fdf8d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 07:43:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31984
x-xss-protection
0
server
sffe
etag
"1fa26b097e24ff6d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 07:43:12 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5331
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44539
last-modified
Thu, 27 Oct 2022 03:15:18 GMT
server
cloudflare
etag
"6359f7c6-adfb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXeCizd8CAr00isrmtb74R0g6NSL8fVcv4WU8s4UfoOV8gpI%2FsGVTLdzh6Ysmv3H9ncht3AFZubDnwyIdxbyogrnc2YqbGnGOAufZl1ZArTT%2BXivF6ERFpKr6rGggEuitw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
767d27eb587aaad5-SYD

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 07:43:14 GMT
content-encoding
br
last-modified
Thu, 10 Nov 2022 07:00:33 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=104, origin; dur=815
x-cf-geodata
NZ
content-length
9035
expires
Thu, 10 Nov 2022 08:43:14 GMT
adpushup.js
cdn.adpushup.com/42753/ 		867 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
0e74fbb4c49a44d222a938012bf4284b6f9484ceb05c828d39b7c84828f1629e

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 07:43:13 GMT
content-encoding
br
last-modified
Thu, 03 Nov 2022 17:05:29 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
x-cf-geodata
NZ
content-length
194623
expires
Thu, 10 Nov 2022 08:43:13 GMT
c6f9e94bb1d3907d447208a4e6bcb6c9.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/c6f9e94bb1d3907d447208a4e6bcb6c9.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8d28d00e2e152c97bb5ff683aaf6365a.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8d28d00e2e152c97bb5ff683aaf6365a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
7960e3769bdaa95034b2affc4d553300.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/7960e3769bdaa95034b2affc4d553300.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
fceb2b073dedb0cbce94fb88f0ad6b5b.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/fceb2b073dedb0cbce94fb88f0ad6b5b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
5db7b14d16a4d025485174c8eeb18a42.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5db7b14d16a4d025485174c8eeb18a42.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ae1ee980ebcecf16a40b5005e61b0d16.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ae1ee980ebcecf16a40b5005e61b0d16.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f3876b88f18219e3580ee348e4b5d718.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f3876b88f18219e3580ee348e4b5d718.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a686dd60106b1dbaa0238078c55ce8b1.jpg
static.bg3.co/imgs/202111/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/a686dd60106b1dbaa0238078c55ce8b1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
314c45a308aa264d772dd7e07de9d5a0.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/314c45a308aa264d772dd7e07de9d5a0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
c6f9e94bb1d3907d447208a4e6bcb6c9.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/c6f9e94bb1d3907d447208a4e6bcb6c9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6f0e15131d4fc1432882f34b7bd29963.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/6f0e15131d4fc1432882f34b7bd29963.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
54fa49b5b46c743eeaebd51d9dbca438.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/54fa49b5b46c743eeaebd51d9dbca438.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ce4dfca3600a918ab7575ebbdb59a1fe.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ce4dfca3600a918ab7575ebbdb59a1fe.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6ab76ee5a4f87f5666ffba690916300c.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/6ab76ee5a4f87f5666ffba690916300c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
b606ab6ebb015ebf0c250dc9f3750f16.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/b606ab6ebb015ebf0c250dc9f3750f16.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cfdca3f60864826bf6c42a5be015e8d9.jpg
static.bg3.co/imgs/202204/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202204/cfdca3f60864826bf6c42a5be015e8d9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
df789a160206d6f99dfd5891308791ab.jpg
static.bg3.co/imgs/202107/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/df789a160206d6f99dfd5891308791ab.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8fdf26b239ae23a2fec33aa520351afb.jpg
static.bg3.co/imgs/202204/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202204/8fdf26b239ae23a2fec33aa520351afb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6ca72e69e0fcca5a2d432628e463aea4.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/6ca72e69e0fcca5a2d432628e463aea4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
194fb0f5673d586aedba7dd4148318bd.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/194fb0f5673d586aedba7dd4148318bd.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ef1cfd84e085d1247fe07807fce37214.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ef1cfd84e085d1247fe07807fce37214.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ae584d6605ee31a7176fa84a6aad0dc9.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ae584d6605ee31a7176fa84a6aad0dc9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
fda78dd6d350cd0f3175f0b9f88accd05c1a821199d84b63d9680553d501bc1f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:52:52 GMT
age
60623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2997
x-xss-protection
0
server
sffe
etag
"b5d6bb1d52a8f322"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:52:52 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
3c1886ac9867da46d6c05ca1a0df4d0634b055826d142b12387e0b4fb483ae39
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 15:15:56 GMT
age
59239
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23047
x-xss-protection
0
server
sffe
etag
"ba2717cd44fdea30"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 15:15:56 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		2 KB
894 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
89a3cd86231932c1f0588ac9327257c7e7102f9a4252fcaa4ad2269c486a53b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
9d10843b73211d37c1e21416b91114de626394eec8fdfd3ee51ad4de8de89107
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:52:53 GMT
age
60622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3863
x-xss-protection
0
server
sffe
etag
"409244e9f59114f0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:52:53 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5645
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqFGrq3T5jHo1HQ8wupvZQStfF2q7G8xakdajbW%2FpPWG4rbFVkKn%2BADfACF%2BAlIT1wzRNMotB1H1nhZg4crjzJckqN82P59SzDW0IscDJ558%2F9P9Atbfv4sSKEzrlMqEsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
767d27ed3b12aad5-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 07:43:14 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 07:43:14 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5160654149239947&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:14 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.6084560128003125&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:14 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
508
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
92ed147fc15d3c39f07e271e6f81abbc19e102bddfd92deea299d5b84bef38a1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 15:02:19 GMT
age
60056
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10265
x-xss-protection
0
server
sffe
etag
"23bc4ca8e6d97223"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 15:02:19 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:16 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKTzspsGEogBCiQ3NWVhNDkzOS00YzhhLTQzZmItOTIyMS1lZjAyNDQ5NWJiOTQQ6JCNkN3O+gIaBgiU17KbBiINMTE2LjkwLjc0LjE5NiiQmQMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDJhZTE3NDhmLWVlOTYtNDljZC1iNzY2LTBkNzUyMjhiYjU0NRib8QE=.58qR2BxdbGSD0PdZI+J1/re8aTn5ZLcOluBd7ARxIEs=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1668066196.dop024.la3.t,1668066196.cds263.la3.hn,1668066196.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame D071 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
36bda3b04bf4ab6284353ade779bcd8b3eb4e245add4ca5df0ff31c25421ff02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40000
x-xss-protection
0
server
cafe
etag
10448708395955732672
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 07:43:15 GMT
gtag.json
cdn.ampproject.org/rtv/012210272257000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:58:26 GMT
age
60288
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"0617c6e185be6e0c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:58:26 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:16 GMT
content-encoding
gzip
x-sp-metadata
HS256.CKTzspsGEogBCiRjZTdlMGNhYi0yOGZkLTRiZTMtYjU3MC0zNGQxMDEyZGVjM2YQ6JCNkN3O+gIaBgiU17KbBiINMTE2LjkwLjc0LjE5NiiQmQMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDdmZTMwZTQ0LTM3YWUtNDVhZS05NGQyLTk2NTU0YWM5ZDQ0Nhi46QE=.s19Gs/WxwbvRK7kw2DjzDwKJJHeb4q0noXAI9mopvLk=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1668066196.dop024.la3.t,1668066196.cds263.la3.hn,1668066196.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 8541 		714 B
795 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
5271
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
767d27f40c6fa8c2-SYD
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 07:43:14 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzH6H%2FRgj09N7Gw4pAfis1WFuAqswtCB8ghpNoIgiK68oTMiCmu2SSX%2BLulkiHoUoPZ7WnD6cSQ8Sfk1JS9vJr8FfS61CVjyfs8H5%2Fa0greZBXzBFnXa2lyfYOiHRVxYPg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 07:43:15 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame DEFF 		714 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
5271
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
767d27f40c70a8c2-SYD
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 07:43:14 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xc1P7UNYjFelvbjHszqVJP5en9bjeN78gLXMaFWpdc1nxHHifZ%2BFMhbDlVAWSy2l%2F0DeuV0%2FdYW3%2F2VYJx1axPumdbdo%2ByqgX6h0wUoSiPXct2HJ4nsQd9wrFNyU5d%2FvgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 00F7 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
2585f557cb67aa56318cd83cb18a6e2acfcf13f45f5d1e63e8667e2487a9fcdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39972
x-xss-protection
0
server
cafe
etag
9293987750614486184
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 07:43:14 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8541 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
5851679578af61edf69e61b02377e26031374cb2fa3a5a56c04ee6148671ec5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27321
x-xss-protection
0
server
sffe
etag
"1389 / 152 of 1000 / last-modified: 1668035351"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Nov 2022 07:43:15 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame DEFF 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
9ee8311c6df5503772b2b015688457defeae78a6ef45a76772218cb90cfa328c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27343
x-xss-protection
0
server
sffe
etag
"1389 / 756 of 1000 / last-modified: 1668035251"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Nov 2022 07:43:15 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Thu, 10 Nov 2022 07:43:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/ Frame 00F7 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_fy2021.js?bust=31070785
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
28773eab0ad434dac91e3b108b591af1babb2127e67dd671b63a39158322c102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119468
x-xss-protection
0
server
cafe
etag
6584584759241621144
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 07:43:15 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/ Frame D071 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
9d0e17cb55844e78f9d507afd6a371debc8f0cd4a103d39abf7d7ca411ac7730
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119046
x-xss-protection
0
server
cafe
etag
13105612691194900328
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 07:43:15 GMT
pubads_impl_2022110701.js
securepubads.g.doubleclick.net/gpt/ Frame 8541 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070811
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
480c6d422ac35b202cb5c0ff3e440a24c46c4d598282004216321f24544ae625
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 12:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157289
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131675
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 09:35:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Nov 2023 12:01:47 GMT
pubads_impl_2022110301.js
securepubads.g.doubleclick.net/gpt/ Frame DEFF 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592586
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131019
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 08:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Nov 2023 11:06:50 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E5%85%84%E5%BC%9F%E6%B4%8B%E6%8A%95%E9%AD%94%E5%8A%9B%E4%B8%8B%E9%80%B1%E4%B8%80%E8%BB%8D%E5%85%88%E7%99%BC%E3%80%80%E5%B8%8C%E5%85%8B%E4%BE%86%E8%87%BA%E5%BE%8C%E8%A6%8110%E5%A4%A9%E8%AA%BF%E6%95%B4%E6%9C%9F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.7407415857285495&gjid=0.05146602364020714&_r=1&a=5774&z=0.2983468505158624&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
7b1748e516872d3ec44b5f5dd98131d5cf81f6e1821a7a6d0f886bc28720aa23
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:56:32 GMT
age
60404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57848
x-xss-protection
0
server
sffe
etag
"223b6842b827a21f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:56:32 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 00F7 		379 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_fy2021.js?bust=31070785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
d62f6c51db1ae7cb872a1818cb872a86f36a575ecd08a955120781e8f15f663f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 00F7 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_fy2021.js?bust=31070785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 00F7 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_fy2021.js?bust=31070785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C0C9 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195318&bpp=12&bdt=1894&idt=1035&shv=r20221108&mjsv=m202211030101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=2&ga_vid=119349499.1668066196&ga_sid=1668066196&ga_hid=1196881040&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1513&biw=1600&bih=1200&isw=336&ish=280&ifk=641927352&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44776361%2C31070785%2C44770881%2C44775017&oid=2&pvsid=522746669676293&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qlveoaqs175x&btvi=1&fsb=1&dtd=1054
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_fy2021.js?bust=31070785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
e02a47384455078f7cf6531f23ed0be4ed97da8e56064de52fd8a2d366538bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9993
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:17 GMT
expires
Thu, 10 Nov 2022 07:43:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.json
adservice.google.com/adsid/ 		86 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-1131636251703099984.ampproject.net/2210272257000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-1131636251703099984.ampproject.net/2210272257000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie.js
partner.googleadservices.com/gampad/ Frame D071 		379 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
691c40e37d5de1bed72e94d3a1566e9dc4241a8d222651cda9b2ce6525c17217
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame D071 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D071 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7FEB 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195418&bpp=11&bdt=2008&idt=1120&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=1&ga_vid=2015769107.1668066197&ga_sid=1668066197&ga_hid=472905987&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1771058701&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070722%2C31070762%2C44775016&oid=2&pvsid=1547193011255633&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u8ngh8mg8ci8&fsb=1&dtd=1137
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
0084ca7a88aec0c511b9bcf65f9cc773673b91d6dc45ddc6b6310c6e778f224a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9917
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:17 GMT
expires
Thu, 10 Nov 2022 07:43:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 8541 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8541 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8541 		491 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2829461315137435&correlator=2615677785431935&eid=31070811%2C44761478&output=ldjh&gdfp_req=1&vrg=2022110701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-39&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1668066196595&lmt=1644386353&dlt=1668066194648&idt=1927&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=jmg8j1n3oag&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=629010468.1668066197&ga_sid=1668066197&ga_hid=1600751138&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
4c4dbcceb84ddb46965d8b423c34822ccb638584ac692e021b383cf43d9a51e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b0b34d9644a03a76c35f13e857675187.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 2BFA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b0b34d9644a03a76c35f13e857675187.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:17 GMT
expires
Fri, 10 Nov 2023 07:43:17 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame DEFF 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DEFF 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame DEFF 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3873221376510284&correlator=2960613273590441&eid=44761477&output=ldjh&gdfp_req=1&vrg=2022110301&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-39&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1668066196767&lmt=1644386353&dlt=1668066194656&idt=2091&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=27srjfow0mcl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=835545017.1668066197&ga_sid=1668066197&ga_hid=768429398&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
d6e54daf3fc1d4874fc8ae407337f1f751818bc85cac0958d3513ff984496adf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
42b468c16f0772d753874c29b744d369.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame FD62 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42b468c16f0772d753874c29b744d369.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:17 GMT
expires
Fri, 10 Nov 2023 07:43:17 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 07:43:18 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
94168
expires
Fri, 10 Nov 2023 07:43:18 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 07:43:18 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
317
expires
Fri, 10 Nov 2023 07:43:18 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 07:43:18 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-length
17440
expires
Thu, 10 Nov 2022 08:43:18 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
9ee8311c6df5503772b2b015688457defeae78a6ef45a76772218cb90cfa328c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27343
x-xss-protection
0
server
sffe
etag
"1389 / 77 of 1000 / last-modified: 1668035251"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Nov 2022 07:43:17 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:17 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjgwNjYxOTcwNzQsInBhY2tldElkIjoiMDAwMEE3MDEtMjg2OTJiMWEtZDgzYy00MWYzLWJkYzUtNzJhMTU1YjA5MmE2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpb25nLWRpLXlhbmctdG91LW1vLWxpLXhpYS16aG91LXlpLWp1bi14aWFuLWZhLXhpLWtlLWxhaS10YWktaG91LXlhby0xMHRpYW4tZGlhby16aGVuZy1xaS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=6489.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:17 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjgwNjYxOTcwNzUsInBhY2tldElkIjoiMDAwMEE3MDEtMjg2OTJiMWEtZDgzYy00MWYzLWJkYzUtNzJhMTU1YjA5MmE2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpb25nLWRpLXlhbmctdG91LW1vLWxpLXhpYS16aG91LXlpLWp1bi14aWFuLWZhLXhpLWtlLWxhaS10YWktaG91LXlhby0xMHRpYW4tZGlhby16aGVuZy1xaS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=6490.199999809265
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:17 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjgwNjYxOTcwNzUsInBhY2tldElkIjoiMDAwMEE3MDEtMjg2OTJiMWEtZDgzYy00MWYzLWJkYzUtNzJhMTU1YjA5MmE2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpb25nLWRpLXlhbmctdG91LW1vLWxpLXhpYS16aG91LXlpLWp1bi14aWFuLWZhLXhpLWtlLWxhaS10YWktaG91LXlhby0xMHRpYW4tZGlhby16aGVuZy1xaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=6490.699999809265
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:17 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
14169
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Thu, 10 Nov 2022 11:43:18 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjgwNjYxOTcwODEsInBhY2tldElkIjoiMDAwMEE3MDEtMjg2OTJiMWEtZDgzYy00MWYzLWJkYzUtNzJhMTU1YjA5MmE2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpb25nLWRpLXlhbmctdG91LW1vLWxpLXhpYS16aG91LXlpLWp1bi14aWFuLWZhLXhpLWtlLWxhaS10YWktaG91LXlhby0xMHRpYW4tZGlhby16aGVuZy1xaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=6496
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:17 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjgwNjYxOTcwODQsInBhY2tldElkIjoiMDAwMEE3MDEtMjg2OTJiMWEtZDgzYy00MWYzLWJkYzUtNzJhMTU1YjA5MmE2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpb25nLWRpLXlhbmctdG91LW1vLWxpLXhpYS16aG91LXlpLWp1bi14aWFuLWZhLXhpLWtlLWxhaS10YWktaG91LXlhby0xMHRpYW4tZGlhby16aGVuZy1xaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=6499.099999427795
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:18 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1668066197089
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 07:43:18 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
631
expires
Thu, 10 Nov 2022 08:43:18 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 52DA 		603 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1882676441639603292&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3279&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=26139005774&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&ga_hid=5774&dt=1668066196607&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&bdt=4534&dtd=521&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210272257000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:17 GMT
expires
Thu, 10 Nov 2022 07:43:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame C0C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CXyEhlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEnQJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4Or5zfNqzC7BsGPLyH_q4_thwOiaOu9TVw_N_xkcou5PFEDIerYPeABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=ZOssleJHh7Q&uach_m=[UACH]&cid=CAQSGwDq26N9lVZpMpVWc41YXJ_9025o4eUKt3eNbRgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195318&bpp=12&bdt=1894&idt=1035&shv=r20221108&mjsv=m202211030101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=2&ga_vid=119349499.1668066196&ga_sid=1668066196&ga_hid=1196881040&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1513&biw=1600&bih=1200&isw=336&ish=280&ifk=641927352&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44776361%2C31070785%2C44770881%2C44775017&oid=2&pvsid=522746669676293&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qlveoaqs175x&btvi=1&fsb=1&dtd=1054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195318&bpp=12&bdt=1894&idt=1035&shv=r20221108&mjsv=m202211030101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=2&ga_vid=119349499.1668066196&ga_sid=1668066196&ga_hid=1196881040&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1513&biw=1600&bih=1200&isw=336&ish=280&ifk=641927352&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44776361%2C31070785%2C44770881%2C44775017&oid=2&pvsid=522746669676293&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qlveoaqs175x&btvi=1&fsb=1&dtd=1054
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 10 Nov 2022 07:43:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 10 Nov 2022 07:43:17 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame C0C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k8jmDZ_IC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQlKtsYxuUpjA1xTUiLta_ABIAAA&wp=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195318&bpp=12&bdt=1894&idt=1035&shv=r20221108&mjsv=m202211030101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=2&ga_vid=119349499.1668066196&ga_sid=1668066196&ga_hid=1196881040&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1513&biw=1600&bih=1200&isw=336&ish=280&ifk=641927352&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44776361%2C31070785%2C44770881%2C44775017&oid=2&pvsid=522746669676293&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qlveoaqs175x&btvi=1&fsb=1&dtd=1054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
184224
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame BC00 		196 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195318&bpp=12&bdt=1894&idt=1035&shv=r20221108&mjsv=m202211030101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=2&ga_vid=119349499.1668066196&ga_sid=1668066196&ga_hid=1196881040&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1513&biw=1600&bih=1200&isw=336&ish=280&ifk=641927352&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44776361%2C31070785%2C44770881%2C44775017&oid=2&pvsid=522746669676293&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qlveoaqs175x&btvi=1&fsb=1&dtd=1054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
187ec0bfc9e6695a241fabe8aa7509d189b1e33692f2d3b06d9ff6c1a2997a6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:17 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=I8RQA8IsEAEBWuZuoLAQZxUO2e04LMPbqmJSNvsqa58aUEIDlWFzj-vRtm3uJzG90-OQo5BnssQTwj3uenP9cFp48jEHC_YdflrpjtuxNsiRxrUI76365mAoF4e8s12EI0woTD7l6wcXyOWDPChW3wZTr5XVp65sY90DtWMwEnHtPooZ6g_mEcbXTtbw6u-I0yPx-ruJsJFZ8STFdJiOaW9MU0-IG4WkbMJthBQDybUIcFOHSUBEzoNkvUbdX_GPDFlqaOBF24adLgtK"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
97972994
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame C0C9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195318&bpp=12&bdt=1894&idt=1035&shv=r20221108&mjsv=m202211030101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=2&ga_vid=119349499.1668066196&ga_sid=1668066196&ga_hid=1196881040&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1513&biw=1600&bih=1200&isw=336&ish=280&ifk=641927352&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44776361%2C31070785%2C44770881%2C44775017&oid=2&pvsid=522746669676293&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qlveoaqs175x&btvi=1&fsb=1&dtd=1054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 06:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
5139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 06:17:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame C0C9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195318&bpp=12&bdt=1894&idt=1035&shv=r20221108&mjsv=m202211030101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=2&ga_vid=119349499.1668066196&ga_sid=1668066196&ga_hid=1196881040&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1513&biw=1600&bih=1200&isw=336&ish=280&ifk=641927352&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44776361%2C31070785%2C44770881%2C44775017&oid=2&pvsid=522746669676293&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qlveoaqs175x&btvi=1&fsb=1&dtd=1054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:05:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
27462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:05:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C0C9 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195318&bpp=12&bdt=1894&idt=1035&shv=r20221108&mjsv=m202211030101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=2&ga_vid=119349499.1668066196&ga_sid=1668066196&ga_hid=1196881040&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1513&biw=1600&bih=1200&isw=336&ish=280&ifk=641927352&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44776361%2C31070785%2C44770881%2C44775017&oid=2&pvsid=522746669676293&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qlveoaqs175x&btvi=1&fsb=1&dtd=1054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 07:43:19 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8541 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
9969c5f8f3057588fba1c56e3cbaafbcd6cc3326eb01a34b4ff955232abaf0c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12351
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 7FEB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ct5CylKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEgwJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdtIHe8r3xOi4JDSos15SQaprCTM06hb1rk0P9tps2uPqDmz6NIp5gAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=5KV2w7jF5_M&uach_m=[UACH]&cid=CAQSGwDq26N9gPO7UvkapdLwitDRIR4slRJTwW_3ORgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195418&bpp=11&bdt=2008&idt=1120&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=1&ga_vid=2015769107.1668066197&ga_sid=1668066197&ga_hid=472905987&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1771058701&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070722%2C31070762%2C44775016&oid=2&pvsid=1547193011255633&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u8ngh8mg8ci8&fsb=1&dtd=1137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195418&bpp=11&bdt=2008&idt=1120&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=1&ga_vid=2015769107.1668066197&ga_sid=1668066197&ga_hid=472905987&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1771058701&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070722%2C31070762%2C44775016&oid=2&pvsid=1547193011255633&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u8ngh8mg8ci8&fsb=1&dtd=1137
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 10 Nov 2022 07:43:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 10 Nov 2022 07:43:17 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 7FEB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k8jmDZ_IC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQlatsY2tXVNr4-vGqb6OCABIAAA&wp=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195418&bpp=11&bdt=2008&idt=1120&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=1&ga_vid=2015769107.1668066197&ga_sid=1668066197&ga_hid=472905987&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1771058701&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070722%2C31070762%2C44775016&oid=2&pvsid=1547193011255633&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u8ngh8mg8ci8&fsb=1&dtd=1137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
144853
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 6707 		161 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195418&bpp=11&bdt=2008&idt=1120&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=1&ga_vid=2015769107.1668066197&ga_sid=1668066197&ga_hid=472905987&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1771058701&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070722%2C31070762%2C44775016&oid=2&pvsid=1547193011255633&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u8ngh8mg8ci8&fsb=1&dtd=1137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b04e246b3400d83014103bb90d550aa4aaaac9b2b9149a7776aad481b4a0bc0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:17 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=HGzcJMIsEAEBWuZuxF3YZo77f2udaiQoX6swYx725CcOOwdf6hn1-Pk6yU85Eeb6l25vXLZOJxcvBbHWzJt5KekQkEpfOp0Timp9pPR8PwyTWO8zupzAbajza7r2hLXQ2rIOVMhEac-KH1fUJeAeGQOEdSLGBm0fG6Iv3nzIJVlADrpw5Cvk088r_eTj9MjD944ARL3O151uFisQHtzU1VGZQotoojtQFu6hD94jbhfrL4VEt3b4Edh5OyYjnlHL-MKQeQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
100066241
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 7FEB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195418&bpp=11&bdt=2008&idt=1120&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=1&ga_vid=2015769107.1668066197&ga_sid=1668066197&ga_hid=472905987&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1771058701&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070722%2C31070762%2C44775016&oid=2&pvsid=1547193011255633&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u8ngh8mg8ci8&fsb=1&dtd=1137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 06:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
5139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 06:17:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 7FEB 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195418&bpp=11&bdt=2008&idt=1120&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=1&ga_vid=2015769107.1668066197&ga_sid=1668066197&ga_hid=472905987&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1771058701&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070722%2C31070762%2C44775016&oid=2&pvsid=1547193011255633&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u8ngh8mg8ci8&fsb=1&dtd=1137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:05:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
27462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:05:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7FEB 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195418&bpp=11&bdt=2008&idt=1120&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=1&ga_vid=2015769107.1668066197&ga_sid=1668066197&ga_hid=472905987&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1771058701&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070722%2C31070762%2C44775016&oid=2&pvsid=1547193011255633&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u8ngh8mg8ci8&fsb=1&dtd=1137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 07:43:19 GMT
pubads_impl_2022110301.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 11:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592588
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131019
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 08:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Nov 2023 11:06:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Thu, 10 Nov 2022 07:43:18 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DEFF 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
d4023fca92120582334895b2da126f64e5412bbc8c7a8a224c2b101cd162003c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12492
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8541 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 07:43:18 GMT
truncated
/ Frame 7FEB 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bd037f9f631f586d93e29d66841729b13582d28fe3617bb3187ca5ea9d60023

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C0C9 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09043f5795da6b165c6bfccb8012a3a56cf57e557dcf29216c1e796d4c0b9c41

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DEFF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 07:43:18 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame BC00 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:18 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame BC00 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:18 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame BC00 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 05 Nov 2023 07:43:18 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame BC00 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 05 Nov 2023 07:43:18 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame BC00 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=Y0aJ1NcoigJOBeypeqOkoG4CeIydqH4YxGhE8hfd54XoANExZabagJHD3UfmYMly73IZJ9sdJZI7yDSCZxFuKRWZ_SPri31h0qLhIQOZtJM_H0ulQs2r2HqXjx3yoevWET3k_6osf5vsqYOlY6xpBGEMYIKBXOiohbRBaa2DX-akrtzbotDhNPv_oTHnlpLEG6Qz9yNlE8hB7gDTWxrr4CkRQn1t5G94ISPw2k_Dp63xdjTP9LNzFXumf3xg5zwD-drJ8KSx-8wdtcs6b9hFP87WthtGYQPr1Xp00xcpolfLNjL8ruojdbDUh_7DT8aH1L3m_GsfIqGdznDX--mxaITgmPQnu-TFibmYwCSVM36o1MLXK6un_pbu5Z2witBdi4tzpDedf69KJdbx4iuyZeBlBNPKTCWqNne112YFGHBQORIC
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5616030
expires
Mon, 26 Jul 1997 05:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A029 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
27482
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 00:05:16 GMT
expires
Fri, 10 Nov 2023 00:05:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ADAB 		783 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
GSE /
Resource Hash
1b8c517b05f13da306384f451026638c1adab7e7b54c65cd797e899faf0591c2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OgbEevWe2CRqzStsqgjiEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-OgbEevWe2CRqzStsqgjiEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:19 GMT
expires
Thu, 10 Nov 2022 07:43:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
animejs.js
static.criteo.net/animejs/ Frame BC00 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:18 GMT
img
pix.as.criteo.net/img/ Frame BC00 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=71731&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F71731%2F221003%2F3d52170ee26f4fbc97ac099429c758e9_logo_n_horizontal.png&v=3&w=668&s=-CvngIn91ILI5XJ83ubSyRCq
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
bb9338391e8fd82b612d7b68d8b3957b335090b5d94ef80df781105f1a706e1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27810302
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23369
expires
Thu, 28 Sep 2023 04:48:21 GMT
img
pix.as.criteo.net/img/ Frame BC00 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=1200&m=0&partner=71731&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F71731%2F221107%2Fd6d2c730df9d47c9a51d56e167c690d8_criteo_1080x1080_%2827ce2c70-3572-4ff8-8c40-a29277ea0c5e%29.jpg&v=3&w=1200&s=OQZaYZBHGgpVofubm19iG1G0
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
d06330e9a6badbe4a68a04f6a8d0828f49220ece27c8a79f387d7f30bbf93e87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30863806
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
66466
expires
Thu, 02 Nov 2023 13:00:06 GMT
img
pix.as.criteo.net/img/ Frame BC00 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwd97ad610%2Fimages%2F117732-Master%2F117732-BLKAL-front.jpg&v=3&w=400&s=TE4fTIasOeFvgXoCKLxJc50t&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
77aa0b967ed24d9c9b7ce4e0e872caaaba3f64e44f3f5a4820398f387a04f151
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1541463
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9380
expires
Mon, 28 Nov 2022 03:54:22 GMT
img
pix.as.criteo.net/img/ Frame BC00 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwe0fba729%2Fimages%2F118872-Master%2F118872-NAMON-front.jpg&v=3&w=400&s=pajYUYnHG9xMnSKmImITkvZ6&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
84e6a4b318b3ce55f371111a84a635016e62f5ab2d8e338197e004033a030387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2573445
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5528
expires
Sat, 10 Dec 2022 02:34:04 GMT
img
pix.as.criteo.net/img/ Frame BC00 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdw87fa5c2e%2Fimages%2F120324-Master%2F120324-BLK00-front.jpg&v=3&w=400&s=dc9rzt_hlNfFjG-Cfg5RGSH3&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
173fc712efd8c6e8ec03828d39855f3a309549503f9977dd5d104b044e05e462
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2238678
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7100
expires
Tue, 06 Dec 2022 05:34:37 GMT
img
pix.as.criteo.net/img/ Frame BC00 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdw4130056c%2Fimages%2F118477-Master%2F118477-BLK00-front.jpg&v=3&w=400&s=pBX5iubrpUbVkin-1vtBHlVl&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
65de9f2d2f7527720eea2f9c305ce97c87ee701551fa0041263f81a64fc2bee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2573445
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5044
expires
Sat, 10 Dec 2022 02:34:04 GMT
img
pix.as.criteo.net/img/ Frame BC00 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwe301a91b%2Fimages%2F120026-Master%2F120026-BLPRN-front.jpg&v=3&w=400&s=rftZUybGRGIVmLJMSOSvcekS&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
961b271fa410e0827ce332295d5703b4abf32163af968d8cdd0bb00120f3e1d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1181134
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6272
expires
Wed, 23 Nov 2022 23:48:53 GMT
img
pix.as.criteo.net/img/ Frame BC00 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwb87bbfe3%2Fimages%2F119842-Master%2F119842-NAVOO-front.jpg&v=3&w=400&s=bDwo-jNEKsFQQQ4gCdYgI1D4&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
45d83d0ce6f8f97c496d1ff4c754c0895288f41b606bbbcef28a5e26e16f7918
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=326089
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9614
expires
Mon, 14 Nov 2022 02:18:09 GMT
img
pix.as.criteo.net/img/ Frame BC00 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdw597e75d4%2Fimages%2F120051-Master%2F120051-BMIST-front.jpg&v=3&w=400&s=e6nVNjbxRLdNluF20EXJ9OGI&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
caed76943fefb41aabb648e584b7e14e081e313b50589f0e0059094333840278
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1276846
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6298
expires
Fri, 25 Nov 2022 02:24:06 GMT
img
pix.as.criteo.net/img/ Frame BC00 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdw3d59abe2%2Fimages%2F120145-Master%2F120145-NVY00-front.jpg&v=3&w=400&s=GrIDBkRzoQBowcSxAZ1Lg_GQ&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
1acb35e895471dfebcab67f051876a612e3225e657d0dd6c425745de07cf68e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1141812
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6182
expires
Wed, 23 Nov 2022 12:53:32 GMT
img
pix.as.criteo.net/img/ Frame BC00 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwc1a8a0fe%2Fimages%2F118852-Master%2F118852-NON00-front.jpg&v=3&w=400&s=azdvf0Kz-lj2JE0mbNJ6wA-q&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
41b44b5dacef2e8a0d3204c2870c2b59cb8313290278a8aba7a609ff0cb93692
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=393459
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6538
expires
Mon, 14 Nov 2022 21:00:59 GMT
all
csm.as.criteo.net/ Frame BC00 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=I8RQA8IsEAEBWuZuoLAQZxUO2e04LMPbqmJSNvsqa58aUEIDlWFzj-vRtm3uJzG90-OQo5BnssQTwj3uenP9cFp48jEHC_YdflrpjtuxNsiRxrUI76365mAoF4e8s12EI0woTD7l6wcXyOWDPChW3wZTr5XVp65sY90DtWMwEnHtPooZ6g_mEcbXTtbw6u-I0yPx-ruJsJFZ8STFdJiOaW9MU0-IG4WkbMJthBQDybUIcFOHSUBEzoNkvUbdX_GPDFlqaOBF24adLgtK&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BC00 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:18 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame BC00 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:19 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6707 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:18 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 6707 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:18 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6707 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 05 Nov 2023 07:43:18 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6707 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 05 Nov 2023 07:43:18 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 6707 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=jklpVdcoigJOBeypeqOkoG4CeIycFtuy__gtJdSlQZnysAI-Lxms0dVOEkQwwKQm8VSZZb0iDn9D32k_YZCOioOeioI_2IhIk3B1JSSj3QiuXRmnB_TKn5RiiOH2F3U5x92ym4S78hi3NOmXW7AKTurRRtp_HzHpNWGh8irv_vXR2b_MKL7XznVCKY8a-9K8O39CdXt7-AGxKGdE9ldMfCcm-ansUJzbusUVD7jn90Cg92YS_CsBF-L9i8_EbTidMMvNErD_FYjrwtj28IF1_k9-gZF_HB6v82yNDipJtiRHzPL_va9CxN5TDk0hilNpqz2zZe_A4UQMliTLUiXYSPUMDntPeE2CqyuKdqWduYlpYio1sAAwogmoDOs0ifyTmBQpDhftVsHpuRCWsfBSovB51ErJtksE-STKmuWAGRNdTKga
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2770616
expires
Mon, 26 Jul 1997 05:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2A3B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
27482
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 00:05:16 GMT
expires
Fri, 10 Nov 2023 00:05:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8ADD 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
GSE /
Resource Hash
fb26f04ab22a4926f1252a6438dec3be93862ff3bfcc28a3e9da88c4665c5355
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hVxHRhkrq-Vp5P5TLoGjVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-hVxHRhkrq-Vp5P5TLoGjVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:19 GMT
expires
Thu, 10 Nov 2022 07:43:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
animejs.js
static.criteo.net/animejs/ Frame 6707 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:18 GMT
img
pix.as.criteo.net/img/ Frame 6707 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=71731&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F71731%2F221003%2F3d52170ee26f4fbc97ac099429c758e9_logo_n_horizontal.png&v=3&w=668&s=-CvngIn91ILI5XJ83ubSyRCq
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
bb9338391e8fd82b612d7b68d8b3957b335090b5d94ef80df781105f1a706e1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27810302
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23369
expires
Thu, 28 Sep 2023 04:48:21 GMT
img
pix.as.criteo.net/img/ Frame 6707 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=1200&m=0&partner=71731&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F71731%2F221107%2Fd6d2c730df9d47c9a51d56e167c690d8_criteo_1080x1080_%2827ce2c70-3572-4ff8-8c40-a29277ea0c5e%29.jpg&v=3&w=1200&s=OQZaYZBHGgpVofubm19iG1G0
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
d06330e9a6badbe4a68a04f6a8d0828f49220ece27c8a79f387d7f30bbf93e87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30863806
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
66466
expires
Thu, 02 Nov 2023 13:00:06 GMT
img
pix.as.criteo.net/img/ Frame 6707 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdw4130056c%2Fimages%2F118477-Master%2F118477-BLK00-front.jpg&v=3&w=400&s=pBX5iubrpUbVkin-1vtBHlVl&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
65de9f2d2f7527720eea2f9c305ce97c87ee701551fa0041263f81a64fc2bee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2573444
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5044
expires
Sat, 10 Dec 2022 02:34:04 GMT
img
pix.as.criteo.net/img/ Frame 6707 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwe0fba729%2Fimages%2F118872-Master%2F118872-NAMON-front.jpg&v=3&w=400&s=pajYUYnHG9xMnSKmImITkvZ6&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
84e6a4b318b3ce55f371111a84a635016e62f5ab2d8e338197e004033a030387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2573444
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5528
expires
Sat, 10 Dec 2022 02:34:04 GMT
img
pix.as.criteo.net/img/ Frame 6707 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdw87fa5c2e%2Fimages%2F120324-Master%2F120324-BLK00-front.jpg&v=3&w=400&s=dc9rzt_hlNfFjG-Cfg5RGSH3&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
173fc712efd8c6e8ec03828d39855f3a309549503f9977dd5d104b044e05e462
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2238677
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7100
expires
Tue, 06 Dec 2022 05:34:37 GMT
img
pix.as.criteo.net/img/ Frame 6707 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdw597e75d4%2Fimages%2F120051-Master%2F120051-BMIST-front.jpg&v=3&w=400&s=e6nVNjbxRLdNluF20EXJ9OGI&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
caed76943fefb41aabb648e584b7e14e081e313b50589f0e0059094333840278
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1276846
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6298
expires
Fri, 25 Nov 2022 02:24:06 GMT
img
pix.as.criteo.net/img/ Frame 6707 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwb87bbfe3%2Fimages%2F119842-Master%2F119842-NAVOO-front.jpg&v=3&w=400&s=bDwo-jNEKsFQQQ4gCdYgI1D4&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
45d83d0ce6f8f97c496d1ff4c754c0895288f41b606bbbcef28a5e26e16f7918
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=326089
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9614
expires
Mon, 14 Nov 2022 02:18:09 GMT
img
pix.as.criteo.net/img/ Frame 6707 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwd97ad610%2Fimages%2F117732-Master%2F117732-BLKAL-front.jpg&v=3&w=400&s=TE4fTIasOeFvgXoCKLxJc50t&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
77aa0b967ed24d9c9b7ce4e0e872caaaba3f64e44f3f5a4820398f387a04f151
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1541463
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9380
expires
Mon, 28 Nov 2022 03:54:22 GMT
img
pix.as.criteo.net/img/ Frame 6707 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwe301a91b%2Fimages%2F120026-Master%2F120026-BLPRN-front.jpg&v=3&w=400&s=rftZUybGRGIVmLJMSOSvcekS&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
961b271fa410e0827ce332295d5703b4abf32163af968d8cdd0bb00120f3e1d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1181134
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6272
expires
Wed, 23 Nov 2022 23:48:53 GMT
img
pix.as.criteo.net/img/ Frame 6707 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwc1a8a0fe%2Fimages%2F118852-Master%2F118852-NON00-front.jpg&v=3&w=400&s=azdvf0Kz-lj2JE0mbNJ6wA-q&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
41b44b5dacef2e8a0d3204c2870c2b59cb8313290278a8aba7a609ff0cb93692
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=393459
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6538
expires
Mon, 14 Nov 2022 21:00:59 GMT
img
pix.as.criteo.net/img/ Frame 6707 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdw3d59abe2%2Fimages%2F120145-Master%2F120145-NVY00-front.jpg&v=3&w=400&s=GrIDBkRzoQBowcSxAZ1Lg_GQ&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
1acb35e895471dfebcab67f051876a612e3225e657d0dd6c425745de07cf68e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1141812
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6182
expires
Wed, 23 Nov 2022 12:53:32 GMT
all
csm.as.criteo.net/ Frame 6707 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=HGzcJMIsEAEBWuZuxF3YZo77f2udaiQoX6swYx725CcOOwdf6hn1-Pk6yU85Eeb6l25vXLZOJxcvBbHWzJt5KekQkEpfOp0Timp9pPR8PwyTWO8zupzAbajza7r2hLXQ2rIOVMhEac-KH1fUJeAeGQOEdSLGBm0fG6Iv3nzIJVlADrpw5Cvk088r_eTj9MjD944ARL3O151uFisQHtzU1VGZQotoojtQFu6hD94jbhfrL4VEt3b4Edh5OyYjnlHL-MKQeQ&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6707 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:18 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6707 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:19 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame A029 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:47:51 GMT
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0d05d748e2bed6c06d43389b5ce1e231a15bbad2d5b0569106cf95249bc1ae92

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
content-encoding
gzip
etag
"Y8QtaFbAe6Y/4gwtHHbZIQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 17 Nov 2022 07:43:19 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221110
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eceb3b77fb85545a7deaf9b0b5a862291c6ec78d2256c5bdcd35419608d2e26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16893
x-jsd-version
1.0.1519
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"667-uUj5gf5dt/YxoDEfGr8LlrRaszc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gG%2F5jVY7Jt8DoTmDWNX0E0KZ4CY6EyJu%2Fq6yHf%2Fu2UgPzwG832cO%2F5l%2FXK67YJ%2BPuX%2FB7WPTg%2Bnd31ygowsbnnI7EWZpHZjRgTTXb%2F4vvOFhRXXeN%2B%2Fs%2BDq3D7HK1E8e3B8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
767d28111f13a8a6-SYD
prebid-request
onetag-sys.com/ 		15 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hbjson
grid.bidswitch.net/ 		23 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
104e5c90694e73639e904311efdf6a48757c67365d084e3a359180dbac5f8a25

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 10 Nov 2022 07:43:19 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.214.217 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-214-217.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
20
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Thu, 10 Nov 2022 07:43:19 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.194.193 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-194-193.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:19 GMT
accept-ch
sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
adpushup-d.openx.net/w/1.0/ 		34 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=82d2d53f-a899-49af-b9aa-9ce707122a15%2C94d558b3-3a26-450c-aad7-75e77a791240%2C2f08dbdb-203b-4062-9aa5-adbb0d6a776b&nocache=1668066198885&pubcid=c600ef49-7b24-4bb5-aafd-842999bcf420&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
35535ca4a830b0ffbc62b8ba9cb1d691bcfd07975c32c9c4461ea595418ebc8e

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:19 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4765
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=34451f31-c839-445e-a855-be5de78444e9&nocache=1668066198886&pubcid=c600ef49-7b24-4bb5-aafd-842999bcf420&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:19 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2fe47a61-b958-470a-97c2-c0cf9892cdee&nocache=1668066198886&pubcid=c600ef49-7b24-4bb5-aafd-842999bcf420&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:19 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b7fc6688-3999-4870-9f8f-850eadc7eaa7&nocache=1668066198886&pubcid=c600ef49-7b24-4bb5-aafd-842999bcf420&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:19 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22388b4b44e6bfb06%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22453de71a24c7a8b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2248927018dfb3cf9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22497e0c920d61c65%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c600ef49-7b24-4bb5-aafd-842999bcf420%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
258c9d2b5e052bce2c58ae0a9fc6c604f8ffbbc309394cff6c1c5e80e8f08433

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcsGRo17VUh43DVHSCD75laJrkWX5Af0RP%2Bm8Q3rXlJzv9BL4i0jf68elpjOLdG%2F8hp8L7jkWE0EZfUaaLLw9zvcb%2F95hwKwM91%2FpnfB0TvXVA67576oV0%2Bgi9qvATZUkdde2qQn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
767d2810f919ee9a-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22388b4b44e6bfb06%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2248927018dfb3cf9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22497e0c920d61c65%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c600ef49-7b24-4bb5-aafd-842999bcf420%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
258c9d2b5e052bce2c58ae0a9fc6c604f8ffbbc309394cff6c1c5e80e8f08433

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htM4Z9lnbS4zHdJIeCbZnqCoSfakr9jdwbhMZDIh%2BUH73cs1fShOC4VWcJojEZ2tpAQlrnr0GBy2dLwFu2qEIS64b3C12gCl6%2Fl1kRS3rV5rx3Ri%2F0qWn29%2FZZ%2FH5fWWF8EL%2BP%2B0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
767d2810f91cee9a-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=28118253218
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.214.6 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-214-6.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c1f38a49aecd4f9150de122e53752ff02a0dcbd3ad77622910d92d2bb7241059

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:19 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.214.6 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-214-6.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
242e2531a78d8e56d5d28128d0f42cd57380fec64882b16be3731a2034be6fdf

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:19 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.214.6 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-214-6.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
fdc1455627a624444798f838f59a0cb142eb804f4511b2882846e6b0e4fcdcca

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:19 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=c600ef49-7b24-4bb5-aafd-842999bcf420%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=49367c01-f5b4-4288-9449-0b9be3cd2a06%3B04c8928a-bb38-4a1c-a402-dcda9ea95399%3B7071b275-8a2c-4d92-a207-d750df032899&l_pb_bid_id=55c3f7caa7ef0c2%3B565226ede944d96%3B57945f740b1c377&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.2852683252694599
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ede8dbe92c7c94948ae1e4ff6ac198f8c47f1b8737f60fbed5ecf436cd844f06

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
926 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
625f1b97cdbb4f4096fcb3139807be23665c33e061525bbb130184db12ed5861

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:19 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
289
alt-svc
clear
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a82c1864ebd3cfc86e785a29c20c4789b97741489708855879c536e4b0eb4ec0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:19 GMT
AN-X-Request-Uuid
cef76c3f-92b3-4e45-aa95-a329e58cac30
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
379
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.137.72 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-137-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:19 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 10 Nov 2022 07:43:19 GMT
adreq
ads.servenobid.com/ 		717 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6491
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 07:43:20 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 2A3B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:47:51 GMT
generate_204
tpc.googlesyndication.com/ Frame A029 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?CVHcBA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 8ADD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110301&jk=3873221376510284&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame ADAB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110701&jk=2829461315137435&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2A3B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?daaI_w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-61.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:23:52 GMT
via
1.1 d349739893df3b59b8ea4953ff21a5e8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
1169
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
jb_u4_Lfcpqk1ZpKN7Q6qpKww9-HCfxfzMaabtPKsUSabLWSYpOYwA==
all
csm.as.criteo.net/ Frame 6707 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=HGzcJMIsEAEBWuZuxF3YZo77f2udaiQoX6swYx725CcOOwdf6hn1-Pk6yU85Eeb6l25vXLZOJxcvBbHWzJt5KekQkEpfOp0Timp9pPR8PwyTWO8zupzAbajza7r2hLXQ2rIOVMhEac-KH1fUJeAeGQOEdSLGBm0fG6Iv3nzIJVlADrpw5Cvk088r_eTj9MjD944ARL3O151uFisQHtzU1VGZQotoojtQFu6hD94jbhfrL4VEt3b4Edh5OyYjnlHL-MKQeQ&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
img
pix.as.criteo.net/img/ Frame BC00 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=71731&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F71731%2F221003%2F3d52170ee26f4fbc97ac099429c758e9_logo_n_horizontal.png&v=3&w=668&s=-CvngIn91ILI5XJ83ubSyRCq
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
bb9338391e8fd82b612d7b68d8b3957b335090b5d94ef80df781105f1a706e1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27810301
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23369
expires
Thu, 28 Sep 2023 04:48:21 GMT
img
pix.as.criteo.net/img/ Frame BC00 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwe0fba729%2Fimages%2F118872-Master%2F118872-NAMON-front.jpg&v=3&w=400&s=pajYUYnHG9xMnSKmImITkvZ6&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
84e6a4b318b3ce55f371111a84a635016e62f5ab2d8e338197e004033a030387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2573444
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5528
expires
Sat, 10 Dec 2022 02:34:04 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiIyMTY1NjhfMTY2ODA2NjE5OTkzMCIsInVzZXJJZCI6IjgwMTc5N18xNjY4MDY2MTk5OTMwIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiODYxMTgwXzE2NjgwNjYxOTk5MzAiLCJwYWdlUGF0aCI6IiUyRmElMkZ4aW9uZy1kaS15YW5nLXRvdS1tby1saS14aWEtemhvdS15aS1qdW4teGlhbi1mYS14aS1rZS1sYWktdGFpLWhvdS15YW8tMTB0aWFuLWRpYW8temhlbmctcWkuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZ4aW9uZy1kaS15YW5nLXRvdS1tby1saS14aWEtemhvdS15aS1qdW4teGlhbi1mYS14aS1rZS1sYWktdGFpLWhvdS15YW8tMTB0aWFuLWRpYW8temhlbmctcWkuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJkZXNjcmlwdGlvblBhZ2UiLCJleHBlcmltZW50UGFnZSI6dHJ1ZSwidGltZXN0YW1wIjoxNjY4MDY2MTk5OTMwfQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:20 GMT
server
nginx/1.14.0 (Ubuntu)
L2EveGlvbmctZGkteWFuZy10b3UtbW8tbGkteGlhLXpob3UteWktanVuLXhpYW4tZmEteGkta2UtbGFpLXRhaS1ob3UteWFvLTEwdGlhbi1kaWFvLXpoZW5nLXFpLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EveGlvbmctZGkteWFuZy10b3UtbW8tbGkteGlhLXpob3UteWktanVuLXhpYW4tZmEteGkta2UtbGFpLXRhaS1ob3UteWFvLTEwdGlhbi1kaWFvLXpoZW5nLXFpLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 07:43:20 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=98, origin; dur=227
content-length
555
expires
Thu, 10 Nov 2022 08:43:20 GMT
img
pix.as.criteo.net/img/ Frame BC00 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdw4130056c%2Fimages%2F118477-Master%2F118477-BLK00-front.jpg&v=3&w=400&s=pBX5iubrpUbVkin-1vtBHlVl&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
65de9f2d2f7527720eea2f9c305ce97c87ee701551fa0041263f81a64fc2bee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2573444
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5044
expires
Sat, 10 Dec 2022 02:34:04 GMT
pixel;r=2118694721;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html;uh=e51ed67dfb8d91dc24b15...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2118694721;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-88790483-1668066199613;pbc=c600ef49-7b24-4bb5-aafd-842999bcf420;ns=0;ce=1;qjs=1;qv=ff7a2451-20221108120308;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1668066200333;tzo=0;ogl=;ses=26212793-3d3d-44c4-b3ad-4c46b0d37185
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
img
pix.as.criteo.net/img/ Frame 6707 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=71731&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F71731%2F221003%2F3d52170ee26f4fbc97ac099429c758e9_logo_n_horizontal.png&v=3&w=668&s=-CvngIn91ILI5XJ83ubSyRCq
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
bb9338391e8fd82b612d7b68d8b3957b335090b5d94ef80df781105f1a706e1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27810301
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23369
expires
Thu, 28 Sep 2023 04:48:21 GMT
img
pix.as.criteo.net/img/ Frame BC00 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=1200&m=0&partner=71731&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F71731%2F221107%2Fd6d2c730df9d47c9a51d56e167c690d8_criteo_1080x1080_%2827ce2c70-3572-4ff8-8c40-a29277ea0c5e%29.jpg&v=3&w=1200&s=OQZaYZBHGgpVofubm19iG1G0
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
d06330e9a6badbe4a68a04f6a8d0828f49220ece27c8a79f387d7f30bbf93e87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30863805
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
66466
expires
Thu, 02 Nov 2023 13:00:06 GMT
img
pix.as.criteo.net/img/ Frame BC00 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwd97ad610%2Fimages%2F117732-Master%2F117732-BLKAL-front.jpg&v=3&w=400&s=TE4fTIasOeFvgXoCKLxJc50t&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
77aa0b967ed24d9c9b7ce4e0e872caaaba3f64e44f3f5a4820398f387a04f151
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1541462
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9380
expires
Mon, 28 Nov 2022 03:54:22 GMT
img
pix.as.criteo.net/img/ Frame BC00 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdw87fa5c2e%2Fimages%2F120324-Master%2F120324-BLK00-front.jpg&v=3&w=400&s=dc9rzt_hlNfFjG-Cfg5RGSH3&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
173fc712efd8c6e8ec03828d39855f3a309549503f9977dd5d104b044e05e462
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2238677
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7100
expires
Tue, 06 Dec 2022 05:34:37 GMT
img
pix.as.criteo.net/img/ Frame 6707 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwe0fba729%2Fimages%2F118872-Master%2F118872-NAMON-front.jpg&v=3&w=400&s=pajYUYnHG9xMnSKmImITkvZ6&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
84e6a4b318b3ce55f371111a84a635016e62f5ab2d8e338197e004033a030387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2573443
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5528
expires
Sat, 10 Dec 2022 02:34:04 GMT
img
pix.as.criteo.net/img/ Frame 6707 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdw4130056c%2Fimages%2F118477-Master%2F118477-BLK00-front.jpg&v=3&w=400&s=pBX5iubrpUbVkin-1vtBHlVl&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
65de9f2d2f7527720eea2f9c305ce97c87ee701551fa0041263f81a64fc2bee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2573443
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5044
expires
Sat, 10 Dec 2022 02:34:04 GMT
img
pix.as.criteo.net/img/ Frame 6707 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdw87fa5c2e%2Fimages%2F120324-Master%2F120324-BLK00-front.jpg&v=3&w=400&s=dc9rzt_hlNfFjG-Cfg5RGSH3&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
173fc712efd8c6e8ec03828d39855f3a309549503f9977dd5d104b044e05e462
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2238676
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7100
expires
Tue, 06 Dec 2022 05:34:37 GMT
img
pix.as.criteo.net/img/ Frame 6707 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwd97ad610%2Fimages%2F117732-Master%2F117732-BLKAL-front.jpg&v=3&w=400&s=TE4fTIasOeFvgXoCKLxJc50t&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
77aa0b967ed24d9c9b7ce4e0e872caaaba3f64e44f3f5a4820398f387a04f151
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1541462
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9380
expires
Mon, 28 Nov 2022 03:54:22 GMT
img
pix.as.criteo.net/img/ Frame BC00 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwe301a91b%2Fimages%2F120026-Master%2F120026-BLPRN-front.jpg&v=3&w=400&s=rftZUybGRGIVmLJMSOSvcekS&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
961b271fa410e0827ce332295d5703b4abf32163af968d8cdd0bb00120f3e1d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1181132
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6272
expires
Wed, 23 Nov 2022 23:48:53 GMT
img
pix.as.criteo.net/img/ Frame 6707 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwe301a91b%2Fimages%2F120026-Master%2F120026-BLPRN-front.jpg&v=3&w=400&s=rftZUybGRGIVmLJMSOSvcekS&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
961b271fa410e0827ce332295d5703b4abf32163af968d8cdd0bb00120f3e1d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1181133
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6272
expires
Wed, 23 Nov 2022 23:48:53 GMT
integrator.js
adservice.google.co.nz/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		148 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1407211410541874&correlator=2153192130625693&eid=31070747%2C44778642&output=ldjh&gdfp_req=1&vrg=2022110301&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-39&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D74fc476844a31c2%26hb_ap_bidder%3Dopenx%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D75f1b40d35c503a%26hb_ap_bidder%3Dopenx%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D79d0915ffa0994a6-2267032d34d8004d%3AT%3D1668066197%3ART%3D1668066197%3AS%3DALNI_MZnUgP0vxx0UmPFIiI3pmHFqFDsdw&gpic=UID%3D00000b7913fed48f%3AT%3D1668066197%3ART%3D1668066197%3AS%3DALNI_MYvP5WUL8k1VQkyHJ4YyVbXhS7Iew&arp=1&abxe=1&dt=1668066200590&lmt=1668066200&dlt=1668066192073&idt=6719&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=222705379.1668066201&ga_sid=1668066201&ga_hid=5774&ga_fc=false&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
50c847237a89d2cf8f100aa6356075ba7005c58259946082fe20693ebf9e6b63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38599
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 2768 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:20 GMT
expires
Fri, 10 Nov 2023 07:43:20 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
img
pix.as.criteo.net/img/ Frame 6707 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=1200&m=0&partner=71731&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F71731%2F221107%2Fd6d2c730df9d47c9a51d56e167c690d8_criteo_1080x1080_%2827ce2c70-3572-4ff8-8c40-a29277ea0c5e%29.jpg&v=3&w=1200&s=OQZaYZBHGgpVofubm19iG1G0
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
d06330e9a6badbe4a68a04f6a8d0828f49220ece27c8a79f387d7f30bbf93e87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30863805
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
66466
expires
Thu, 02 Nov 2023 13:00:06 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6341e53db2e8074394cd434cd60c5a22e05098711d4b3eaf7ae688a6ac6f8fcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78303
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 10 Nov 2022 07:43:21 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS94aW9uZy1kaS15YW5nLXRvdS1tby1saS14aWEtemhvdS15aS1qdW4teGlhbi1mYS14aS1rZS1sYWktdGFpLWhvdS15YW8tMTB0aWFuLWRpYW8temhlbmctcWkuaHRtbCIsInRpbWUiOjE2NjgwNjYyMDA2MDJ9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:21 GMT
server
nginx/1.14.0 (Ubuntu)
img
pix.as.criteo.net/img/ Frame BC00 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwb87bbfe3%2Fimages%2F119842-Master%2F119842-NAVOO-front.jpg&v=3&w=400&s=bDwo-jNEKsFQQQ4gCdYgI1D4&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO01cBc-kgAAtKc0Ob0j8Jfx0WNuJ6Yg&u=%7CRWrqyHlyQusCIF%2BNXFl8HaIyPSUMuEEX4W4GMtRlZdE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56CAnGr8ZAB1FBwLMPkTNS-1Fjdw-s_HpDX5GGyAKGXAmfAO0iVmXB96wj0WF0zmzqkQfPn2r2x_5u865pSfsnneYJdCJNMq4f3FqlGSupEy4hJKALPPT9QrkC9eknTZiVnFoXOoGmczkl-61LZj7ZvnwJqAkr0Cn4qSEmYb-XZKWM63wiFqcWff4zmZ3NHnonspjeDBA09DE91QzN-WFR3SelhcNl-nemwSyenzHu1icHT0sNNZ8dONaJ_i1gyzx1QizwVcndTFuoCnGB27AgyjxkIMiv8FJ7v6Cb3dlYAzYW0LXzGtFM-X0drTzo6ptNQMMha85P79b7tlMv7OLpNnnSDXw9OzZL_CIbYB7B8wfGoy6qQ_C6zsJLLZ3e6viCaTO4_hEPRJS4AvKNzaBOPbHqkhoIQfW2Aw_3WziN_EA-M62JK_7p9_IjHtkgWIg9yq_BTZ3jWitor2mKogFyDN3qmTwxxTFiXqVnPiwEGtWhP_OosX755VK2UEwLXSyiMeFHq4RPOSYUIcMoG_A-1ZCHRPDhX5LP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCprCxlKtsY9emO6DSz7sP85StqAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLNtITdEpSlPqgDAaoEoAJP0MartjI-c-ElMmECMTiX5zZFd9FttPbASUaSqv4PVAxUCGOjWUIj_OVVK2GFUb-xH618yQlQBmtNfP_O3A6gh3u6u7NPrBJOC1tjwYiCGGBmyR-txk6N7v5fHm7Sv2foWTXn8YxJpfXfC1zgiI-diS1AHnBIRx0gzLqBpBZ8bof4lBzrfN8iTmkpb5MxWykrHaZQx-j_nNYyApkjziBr9LHjEZYISwzLgNriYZ0Yp4yW19jQuJ9wnOha23O2ESa-BjsB8ljAOFZ_jDxvkVzIyGyKuUma3UknMi_jcvz_YiprtM4yS4VHF1sya3JoUm9RXQZhyj4O7Z7-pEkMZWX5tc0ZFfildTUagzSk2y2YdCynCwOQ-t1c62w6HgijPHyABoa-5eC5laDtXKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RV9VeCbN1IXsuTMTQpDcHLLY33g%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
45d83d0ce6f8f97c496d1ff4c754c0895288f41b606bbbcef28a5e26e16f7918
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=326088
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9614
expires
Mon, 14 Nov 2022 02:18:09 GMT
img
pix.as.criteo.net/img/ Frame 6707 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71731&q=80&r=0&u=https%3A%2F%2Fwww.macpac.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-macpac-master-catalog%2Fdefault%2Fdwb87bbfe3%2Fimages%2F119842-Master%2F119842-NAVOO-front.jpg&v=3&w=400&s=bDwo-jNEKsFQQQ4gCdYgI1D4&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
45d83d0ce6f8f97c496d1ff4c754c0895288f41b606bbbcef28a5e26e16f7918
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=326088
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9614
expires
Mon, 14 Nov 2022 02:18:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D071 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
1df3be746c8a2ddb8b1f61e3682bca6ce8c89ff46c329ecaaaa37239432d69e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12471
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 00F7 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_fy2021.js?bust=31070785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
4b1ed19a5f0f8a049e7cdca68bb02de5d372eb60aed652fa865e193c6db3b665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12283
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7FEB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssApeJgTAv9ZUi_A1lSAwcTPPFKT4QYhwzSfWHQ2Tp7LbjtlfOc-NNl9cF3wEg8whZ9hHfSKklnsulLkoH4gpy7EFmv&sig=Cg0ArKJSzKE2UBar67NzEAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668066196558&rpt=3508&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8541 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110701&jk=2829461315137435&bg=!VFelVxPNAAbvMpMzzzI7ACkAdvg8WqsV6aNu2GYIySdAHKKlyHkisOmsaCpRZhAQyo0y72idkOYV7wIAAABzUgAAAANoAQeZAs9JD2JndKC38w-K5xrjWKh2JxmAXXb1eU6BVQp-NPPqsqNAReIQuti-U55i2notglcVouYUT6ijjdcfkmOk81oz4CBBP-v7Rie8JoK_5AbigK3wiS14VjOcC26BkVqQuNGa5fTHIXos6IkrRWOv42WqLBWZBiDnmaS_5lg-ddmXtSOuSoqAU_URSDAafvadceGMXazfeQVKJlTlQt_KrQWiA_7fCt_I2T6CSkWBVOVMFojy8aJo5nNOtVg96Pd7vQGucqDFir2vLWZbNKTe0YV29i-fXA2PBYTDhxPD6RQQm-7hmRniQbfGRdwl7ghqchuwxEaaHlYOvpE9uuyuHQ18Cr6poVOYT8jv1dKfeIUnH3XWY1bDi_v995uixPScDidfEUHJFv0JBS_m4giS4Ychz5JPsFsvmlCx8x0Bafp9Rnukpv2wg6aLRZLTA5sFud7iv0aGAIPfXh-1pp81eh719jmpgo6s7xKcY9HT0YXEud9WznZ_EDsSfAySPUaiooleXFD9Een412Qey8D4Ku6A2aS1rTuCGR-_7ryOdpuNuX5Gw6h2avw2MKnVw7i3B0M25vDx27LRpbhexscUcYVkhqvsQXOztCNpZt5p4b0D1iFhmjHGRZr6tmXDjH_42-iszelahcm8qj-RmCp4IzBRpK26O98qMNMpi4nIg_yTBNMh0iDuLVR4MPe0_I4F9orgJ1718Eu0evMhDQazWfwM5EGeCzevXCpw6lbUeVmJi7l5lZSIXlrE9LuBYeS076D-KfRQObh_xTxYcNtPv0I2o_0MRz8jYvL40anzcb7hx8beKics79nUgxh9_CUsBwVhLVzxSMZOv_1KgJRO9bTqoKpaR9b8Lgz2TbFNyliMVui-z66f6k2bMgkndxxfQVoOqEbIzsBCRSBccThyfNiUP0EcFUXYgAKfj86V-eaVNjD4EyVwb1aX245Ix6JTxw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 00F7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211030101/show_ads_impl_fy2021.js?bust=31070785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 07:43:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D071 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 07:43:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DEFF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110301&jk=3873221376510284&bg=!Dg2lDUnNAAbvMpMzzzI7ACkAdvg8Wmr7iMpvYDiPk0QuJV0riamCCzjJ_jUs0Wip0zJkO7jENBZBZwIAAABtUgAAAAJoAQeZAtNOLZyZKyZLDEC7RKpmps7k-fvhfCpMmoZm1-aSG0tiI1p6_OdLdTey23u587o0fEJ7gBpVzJ87jrKeNotH8YfhBCRLgqcTwMwX4H9ey5Sgh0h9KJeBv5LU8LTx6ag3g9JeZeDEFN9X5PebyVfAY67BAtyjxXjCtNBSUfseusJat-CkdNCTVGJSPiKyPg3BLZUWWq3iDCuiQHcDxdyJ31U9EI7vACtlq3rFC4Sz-MXXbcoTuzpVbqUBOdGnx9BnlhT9B6M-Hi9v8aZXDK8ltwYqN3nMQmwuc3At3b2UjSY1XPQHHK9PIqEp7qV8N2mzCwGCAjuTF9lkCecjnQdgFU8Ceqlxv_YJzwZFnaXuhsMmIIBoC1IW1D6K4laYXF862vH26bcShmaN_CSBUKuaJUolq8BcPVQ7cjM-tp1TJEPDhLBQ21Utzfot17f2yA1p8ggJWHgIDAjgtwZ0BfGeWJ7OnHx6XvqZ5Iq_aN4uegMFEGnY6jZrk9nrV5alxe9F491sKmHZMOMyrZZjnqAZmhDYZpRWXOYVNP4MzpAPNopdwp4xjLN_LbqQxVXq2R5VvUSPPFUk-FS07hU43-RB35eaKi3jOXwG8HC-eXsLgNUmXJbkkHdxj9kGWw7Y7-Dbyx-ktWhwHPttDJMHnD05SN-ptHczxxyCRjo0lUGnMiTOFbUhYWSOP27iXm4qMQDjt8treliPs653JjYG-UU7NyqE8w65a2OHP0eHJ9Lq82zVsJbjDglfAqph6V9Drl9yAedJXom6nnbmnfkJAcOo0pAh6WQAj1fg7tHe-pScx6jlL1D21rbm1ctY_AN-YN8_XkCMPqvvqlwp2V_f-5Kp0yVEi1P99mD4oD9QSSz_PeFET9hY2_xZJCRmeOtXkyURnpqv88v1yinAYY2xkhABVmH-qtLqE_GSwAb5vHDyYLHQfyEaIA3kQgFvSku_Ts1VXRZSgEM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame DD3E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:20 GMT
expires
Fri, 10 Nov 2023 07:43:20 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210191347000/ Frame 50A8 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 15:02:42 GMT
age
60039
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61564
x-xss-protection
0
server
sffe
etag
"84cdcac007f64412"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 15:02:42 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 50A8 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:43:30 GMT
age
61191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5198
x-xss-protection
0
server
sffe
etag
"aeb1502543fb438c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:43:30 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 50A8 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 15:03:49 GMT
age
59973
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28845
x-xss-protection
0
server
sffe
etag
"fdb7364f8f067758"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 15:03:49 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 50A8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 15:02:51 GMT
age
60031
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1912
x-xss-protection
0
server
sffe
etag
"9f4a70ec77acc0d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 15:02:51 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 50A8 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:55:03 GMT
age
60499
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"2923b90bb7365105"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:55:03 GMT
truncated
/ Frame 50A8 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1162b5f7c9ab25e2f87ae6ac1149dde1722fbb19bf5ac0bb9f91bfb9d0abc076

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 229E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:20 GMT
expires
Fri, 10 Nov 2023 07:43:20 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
9128937548118709815
tpc.googlesyndication.com/simgad/ Frame 50A8 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9128937548118709815?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmHzWdVhZBL2MZr-7KE9bLhciJfYg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
604f202c0ae8882483b3c56a3f82bd2b65ce99b3fe2f7b43ad7801e73d7208c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 08:13:24 GMT
x-content-type-options
nosniff
age
84597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41084
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 11:14:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 09 Nov 2023 08:13:24 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 50A8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:09:54 GMT
x-content-type-options
nosniff
server
cafe
age
2007
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Fri, 11 Nov 2022 07:09:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 50A8 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 05:43:57 GMT
x-content-type-options
nosniff
server
cafe
age
7164
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 11 Nov 2022 05:43:57 GMT
l
www.google.com/ads/measurement/ Frame 50A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRiqoAno745fid-HVTBM7LeaQvEVtVYJuImOymkb291XYhBv-fr-3wmG5gQS1eG0fUq3pUnrI91IciPxo4XbYY2tvJvuw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 50A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CccnCmKtsY-uHL7qR4t4PvpWtsAO-nurvbN7OlvvnENvZHhABILqEwDNgq-yxheAYoAHNhZPzAsgBAuACAKgDAcgDCKoExAJP0JTUrebmSMAN5FCPrd58RGSYNURgYtF3bvuRf1TdzpvQdZOGZoLIL03Em6zy7vCceT6BxT5nrggHllYvm0bSNEW731BOMgpHHN_BqoGBX-PH2xlDd_f_jCNpgRRz-KtNMaIYUzVR8xqlKxC_GPuQ5faaDZLN8SY_7Sc-KE1vQGY7yj9SSS74cjyrc-CSJWQ8cWefcD2s9I6BmzYeeeaDQoTmFTnZxCM3a_3or7_h4dL_O5V1DKfJ09iurB6Oe5cQbaiVN6pHfoQQU2Qv6Vaa6CGztgrSZIniyjwPD5mzAlzfZepTmXD-T4A8LGUxlPlglA97Ymr2vhAvh37Uf683yiG_LGGLBuP1UB51IFmqAjsB7bzkeRdVtgXd2vgtVF6t6gLpbHs-Q6Xq4aUDjOngxRIpHCMu8gAU3EbQoOmV5gZoaM3ABM-88uaVBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAfFoqyZA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEMp-0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=A00jbaNhNRU&uach_m=[UACH]&cid=CAQSOwDq26N9SEVe5UMMTi_DmDMJu8OignIxNm7IRZ3tqmRH4T9Se5iFYaTpIc7BkuLsBTez8IGcU4ZKTy8BGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=10842.599999427795&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiJlYzdlODUwMy02ZmQ4LTQ1YjctODkxMC1lMmQ3YTc0YTFjNmQiLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTI4NjkyYjFhLWQ4M2MtNDFmMy1iZGM1LTcyYTE1NWIwOTJhNiIsImNvdW50cnkiOiJOWiIsInNpdGVJZCI6NDI3NTMsInRpbWVTdGFtcCI6MTY2ODA2NjIwMTQyN30%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 10 Nov 2022 07:43:22 GMT
Server
nginx/1.18.0 (Ubuntu)
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=10843.800000190735&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiJlYzdlODUwMy02ZmQ4LTQ1YjctODkxMC1lMmQ3YTc0YTFjNmQiLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTI4NjkyYjFhLWQ4M2MtNDFmMy1iZGM1LTcyYTE1NWIwOTJhNiIsImNvdW50cnkiOiJOWiIsInNpdGVJZCI6NDI3NTMsInRpbWVTdGFtcCI6MTY2ODA2NjIwMTQyOX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 10 Nov 2022 07:43:22 GMT
Server
nginx/1.18.0 (Ubuntu)
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=10844.300000190735&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiJlYzdlODUwMy02ZmQ4LTQ1YjctODkxMC1lMmQ3YTc0YTFjNmQiLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwicGFja2V0SWQiOiIwMDAwQTcwMS0yODY5MmIxYS1kODNjLTQxZjMtYmRjNS03MmExNTViMDkyYTYiLCJjb3VudHJ5IjoiTloiLCJzaXRlSWQiOjQyNzUzLCJ0aW1lU3RhbXAiOjE2NjgwNjYyMDE0Mjl9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 10 Nov 2022 07:43:22 GMT
Server
nginx/1.18.0 (Ubuntu)
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AF6D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
27485
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 00:05:16 GMT
expires
Fri, 10 Nov 2023 00:05:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F8F4 		783 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
GSE /
Resource Hash
c281392bbeb49373e180f1771f8e3602f6533bf3408764ef92c265dea7559fcf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-on31H2yJ8MSRywNfobeHcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-on31H2yJ8MSRywNfobeHcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:21 GMT
expires
Thu, 10 Nov 2022 07:43:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AE9A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
27485
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 00:05:16 GMT
expires
Fri, 10 Nov 2023 00:05:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1429 		783 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
GSE /
Resource Hash
0cfa8294ad03845769516663d1db601b60ed61c80ab85097e7535192133f9c67
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_DNtiOqli1qKj2X8MjBg7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-_DNtiOqli1qKj2X8MjBg7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:21 GMT
expires
Thu, 10 Nov 2022 07:43:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame AF6D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:47:51 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame AE9A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:47:51 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 07:43:22 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/ Frame DD3E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/abg_lite_fy2021.js
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
d25748100cd828212b1c129e0e8cf70249c8b147a458db5cad88d9b19159b633
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 05:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
6713
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9353
x-xss-protection
0
server
cafe
etag
2177555007986509113
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 05:51:29 GMT
css
fonts.googleapis.com/ Frame DD3E 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 07:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 07:07:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Nov 2022 07:43:22 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/ Frame DD3E 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.css
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 14:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236288
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 11:42:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 14:05:14 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/ Frame DD3E 		373 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.js
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
sffe /
Resource Hash
b903a1dd4ba4cffdd671974e77e54f6eefd21ab204e608db6db3f31dff94cc2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 14:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236288
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129623
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 11:42:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 14:05:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame DD3E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:05:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
27467
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:05:35 GMT
l
www.google.com/ads/measurement/ Frame DD3E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyAcpagReQY-4FVK7bNtaQLlbePPmj5hjM9h3_3aFUvBjvrQY0uFHcwXrNFf-iEwzOR5SGAfsZDKIuwAt8vtgep__Gjw
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 229E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cy6yTmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEvwJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLVZNnL-U5k3taQvjhu6NY0wzbL1Yss9WI3ffaRiFtnIVYm6NYm0w4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=4afvw6Mz_-o&uach_m=[UACH]&cid=CAQSOwDq26N9SEVe5UMMTi_DmDMJu8OignIxNm7IRZ3tqmRH4T9Se5iFYaTpIc7BkuLsBTez8IGcU4ZKTy8BGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 229E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kI3fEfn1BnjYBGL4LRICAAAA-ONZtFtuTcMQmKtsY7OG-9ws0vpQ2JEMABIAAA&wp=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
222407
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 9EA0 		138 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5170ddd5d3d676ccb14fdeac7c3b2297949c2bd9dc201432e836578a32e3cdc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:21 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=DWO9NcIsEAEBWuZugU_8e2jg22--XmWaAbgbAN0AB08CS2BK3TqIuJtseAodbLttBxO3iBFUeuUu3jNHU-K3cx8R40xCb89DC_54bSO9nXWdUPF91sVxDtAh2R68PPx3PgZeQXEWkzooCJJvX_WaIqx0Zs97-k9PPRxQINQ3kXAQtsE98hi8ZV32nSs5jdYzaf4fh9EQtu5OuuOxcnfsQA-qY80KZpSKjZj4LzaU4RCcMlEMPjTODbPY4RZrnfWZCJh0By32Yi_z9Ezv"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
129217648
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 229E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 06:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
5144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 06:17:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4D2D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
6134
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 06:01:08 GMT
etag
48472445140208031
expires
Fri, 11 Nov 2022 06:01:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 229E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:05:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
27467
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:05:35 GMT
l
www.google.com/ads/measurement/ Frame 229E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuD3e3fi8uTr0MeHHNyhVYtbLfUlyncBxgeQcOUeTayqxKLOC-n9HuBeURfRvu_75yLvUXBm4zLK3LR7zSi948eG5EYA
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 229E 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 06:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7370
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Nov 2023 06:56:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 229E 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 07:43:24 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 50A8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Thu, 10 Nov 2022 07:43:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F8F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221108&jk=522746669676293&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1429 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221108&jk=1547193011255633&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame AF6D 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?M-fM4Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame AE9A 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?q81wUw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4D2D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGAtsCgWeRu8i_mxWjsYqdo&google_cver=1&google_push=ASkJ3FYDonXyctjVnmA4KV7UL4lyEsAzudhz0jrjV99YjoM5Z2T1dQ_6GEsxO_5gJ1yofn5EmEMG-nrookWaj4v2sH6uBjt...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYDonXyctjVnmA4KV7UL4lyEsAzudhz0jrjV99YjoM5Z2T1dQ_6GEsxO_5gJ1yofn5EmEMG-nrookWaj4v2sH6uBjtj_3ws&google_hm=MzI3NTQ5NjU3NDI3NzcyMT...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYDonXyctjVnmA4KV7UL4lyEsAzudhz0jrjV99YjoM5Z2T1dQ_6GEsxO_5gJ1yofn5EmEMG-nrookWaj4v2sH6uBjtj_3ws&google_hm=MzI3NTQ5NjU3NDI3NzcyMTQ0OA%3D%3D
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Nov 2022 07:43:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYDonXyctjVnmA4KV7UL4lyEsAzudhz0jrjV99YjoM5Z2T1dQ_6GEsxO_5gJ1yofn5EmEMG-nrookWaj4v2sH6uBjtj_3ws&google_hm=MzI3NTQ5NjU3NDI3NzcyMTQ0OA%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4D2D
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEF7PGIgiMHhYk426gEkaFEg&google_cver=1&google_push=ASkJ3FajYHUDHGSyJVPhhwzIrxhR8UXCTseK_mCraqYBjuxjVJmCln9jxsghJcXzJZqT2IpKttsWAEUtvjQhcVaxrenROJ32selP
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FajYHUDHGSyJVPhhwzIrxhR8UXCTseK_mCraqYBjuxjVJmCln9jxsghJcXzJZqT2IpKttsWAEUtvjQhcVaxrenROJ32selP&google_hm=yvpaLHslzWwWXwB2LoL9Zw==
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FajYHUDHGSyJVPhhwzIrxhR8UXCTseK_mCraqYBjuxjVJmCln9jxsghJcXzJZqT2IpKttsWAEUtvjQhcVaxrenROJ32selP&google_hm=yvpaLHslzWwWXwB2LoL9Zw==
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:22 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FajYHUDHGSyJVPhhwzIrxhR8UXCTseK_mCraqYBjuxjVJmCln9jxsghJcXzJZqT2IpKttsWAEUtvjQhcVaxrenROJ32selP&google_hm=yvpaLHslzWwWXwB2LoL9Zw==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
r7o1gnnkcts8vdghnnp8a5olrdgvi4qd
pixel
cm.g.doubleclick.net/ Frame 4D2D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESELx3ylBJ8rhUjAbKFaK89E8&google_cver=1&google_push=ASkJ3FYYkQXQc8hlaF3qiPmpSBM5bK4G7_F2zVH5Z3GRaNeERpg5eWPZp6yY_DCPvKeVCMegvH9_jgiWwCtoR...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESELx3ylBJ8rhUjAbKFaK89E8&google_push=ASkJ3FYYkQXQc8hlaF3qiPmpSBM5bK4G7_F2zVH5Z3GRaNeERpg5eWPZp6yY_DCPvKeVCMegvH9_jgiWwCtoR...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FYYkQXQc8hlaF3qiPmpSBM5bK4G7_F2zVH5Z3GRaNeERpg5eWPZp6yY_DCPvKeVCMegvH9_jgiWwCtoR5e9cpv_tk2LJkg&google_hm=OUlHYUVwX2RUN1Q1dkJ5d...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FYYkQXQc8hlaF3qiPmpSBM5bK4G7_F2zVH5Z3GRaNeERpg5eWPZp6yY_DCPvKeVCMegvH9_jgiWwCtoR5e9cpv_tk2LJkg&google_hm=OUlHYUVwX2RUN1Q1dkJ5dDdmck0=
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:23 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FYYkQXQc8hlaF3qiPmpSBM5bK4G7_F2zVH5Z3GRaNeERpg5eWPZp6yY_DCPvKeVCMegvH9_jgiWwCtoR5e9cpv_tk2LJkg&google_hm=OUlHYUVwX2RUN1Q1dkJ5dDdmck0=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4D2D
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEITDiWikFfzYe6uzzv6_bLU&google_cver=1&google_push=ASkJ3FbpSEmo_Bg9AytgQyQlyIdLd5q3iWgcYAkbQZsGkJV--rX0fsH0jMMP6jO8DzRSRhxwmNTttsT-...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEITDiWikFfzYe6uzzv6_bLU%26google_cver%3D1%26google_push%3DASkJ3FbpSEmo_Bg9AytgQy...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8701406061917351773&exchange=193&google_gid=CAESEITDiWikFfzYe6uzzv6_bLU&google_cver=1&google_push=ASkJ3FbpSEmo_Bg9AytgQyQlyIdLd5q3iWgcYAkbQZsGkJV--rX0...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg3MDE0MDYwNjE5MTczNTE3NzM&google_push=ASkJ3FbpSEmo_Bg9AytgQyQlyIdLd5q3iWgcYAkbQZsGkJV--rX0fsH0jMMP6jO8DzRSRhxwmNTttsT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg3MDE0MDYwNjE5MTczNTE3NzM&google_push=ASkJ3FbpSEmo_Bg9AytgQyQlyIdLd5q3iWgcYAkbQZsGkJV--rX0fsH0jMMP6jO8DzRSRhxwmNTttsT-zR1A2U5uPwH76WYR_NEY
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg3MDE0MDYwNjE5MTczNTE3NzM&google_push=ASkJ3FbpSEmo_Bg9AytgQyQlyIdLd5q3iWgcYAkbQZsGkJV--rX0fsH0jMMP6jO8DzRSRhxwmNTttsT-zR1A2U5uPwH76WYR_NEY
Date
Thu, 10 Nov 2022 07:43:24 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 4D2D
Redirect Chain
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESECbXSQ0F4r4U7UjGcVlI5Xw&google_cver=1&google_push=ASkJ3FaQZcBTV_J_LdxvOECu723UbRoL1Qeo65F9e7dcFFo_GVM0jUlyeDo7JhvGbgvLwQ_3xOYHzpk_Zgq-2BI...
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FaQZcBTV_J_LdxvOECu723UbRoL1Qeo65F9e7dcFFo_GVM0jUlyeDo7JhvGbgvLwQ_3xOYHzpk_Zgq-2BI3S0csCWLiOPoR1w&google_hm=YjI0ZT...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FaQZcBTV_J_LdxvOECu723UbRoL1Qeo65F9e7dcFFo_GVM0jUlyeDo7JhvGbgvLwQ_3xOYHzpk_Zgq-2BI3S0csCWLiOPoR1w&google_hm=YjI0ZTUzYzItOTM3Ni0zNGNjLWIxNzQtNjcyMmZmNTIyYjU2
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FaQZcBTV_J_LdxvOECu723UbRoL1Qeo65F9e7dcFFo_GVM0jUlyeDo7JhvGbgvLwQ_3xOYHzpk_Zgq-2BI3S0csCWLiOPoR1w&google_hm=YjI0ZTUzYzItOTM3Ni0zNGNjLWIxNzQtNjcyMmZmNTIyYjU2
date
Thu, 10 Nov 2022 07:43:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4D2D
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESENpga0djb-o2uu2Zai5E44s&google_cver=1&google_push=ASkJ3Fa9SIPUW3Apyv7_ruh3aMClkAOZlJ7jV9OP93sZabWLpeThGy3tdGiKMK_6ZI49YMZfwyPXFjVLyTr3IDBw7...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZTgyZDI4OTktZTMyNi00MzA1LTk4MzgtN2NhMTY2NTUzYWNm&google_push=ASkJ3Fa9SIPUW3Apyv7_ruh3aMClkAOZlJ7jV9OP93sZabWLpeThGy3tdGiKMK_6...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZTgyZDI4OTktZTMyNi00MzA1LTk4MzgtN2NhMTY2NTUzYWNm&google_push=ASkJ3Fa9SIPUW3Apyv7_ruh3aMClkAOZlJ7jV9OP93sZabWLpeThGy3tdGiKMK_6ZI49YMZfwyPXFjVLyTr3IDBw7l5amz5chwFyUQ
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZTgyZDI4OTktZTMyNi00MzA1LTk4MzgtN2NhMTY2NTUzYWNm&google_push=ASkJ3Fa9SIPUW3Apyv7_ruh3aMClkAOZlJ7jV9OP93sZabWLpeThGy3tdGiKMK_6ZI49YMZfwyPXFjVLyTr3IDBw7l5amz5chwFyUQ
date
Thu, 10 Nov 2022 07:43:22 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4D2D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEE41RIxNdufUX_Fq5qxzvfI&google_cver=1&google_push=ASkJ3FZ08I-m0XDImHb9issyaHZr2Fo8XKwEas5uQERpuQvfwiBgSWB_Rfn4S6zRXDCckP72vPInw...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEE41RIxNdufUX_Fq5qxzvfI&google_push=ASkJ3FZ08I-m0XDImHb9issyaHZr2Fo8XKwEas5uQERpuQvfwiBgSWB_Rfn4S6zRXDCckP72vPInw...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FZ08I-m0XDImHb9issyaHZr2Fo8XKwEas5uQERpuQvfwiBgSWB_Rfn4S6zRXDCckP72vPInwiUmXVSXmGQDYS_vYGU0CvwboA&google_hm=OUlHYUVwX2RUN1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FZ08I-m0XDImHb9issyaHZr2Fo8XKwEas5uQERpuQvfwiBgSWB_Rfn4S6zRXDCckP72vPInwiUmXVSXmGQDYS_vYGU0CvwboA&google_hm=OUlHYUVwX2RUN1Q1dkJ5dDdmck0=
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:23 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FZ08I-m0XDImHb9issyaHZr2Fo8XKwEas5uQERpuQvfwiBgSWB_Rfn4S6zRXDCckP72vPInwiUmXVSXmGQDYS_vYGU0CvwboA&google_hm=OUlHYUVwX2RUN1Q1dkJ5dDdmck0=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
242
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4D2D 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3wdW500rg2pB1XkBdq3U7GCprzpra8msr2yOOmlS_t5SAiqme_jelG5o7pKZ5RxbYqb87bE5vCg
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 229E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14914ef59b38aa18d49fd112303cd93af1db3b37fff247c8ae30865d20ad4e89

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/g/ 		0
97 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb70&_p=5774&cid=222705379.1668066201&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668066202&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&dt=%E5%85%84%E5%BC%9F%E6%B4%8B%E6%8A%95%E9%AD%94%E5%8A%9B%E4%B8%8B%E9%80%B1%E4%B8%80%E8%BB%8D%E5%85%88%E7%99%BC%E3%80%80%E5%B8%8C%E5%85%8B%E4%BE%86%E8%87%BA%E5%BE%8C%E8%A6%8110%E5%A4%A9%E8%AA%BF%E6%95%B4%E6%9C%9F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9EA0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:22 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9EA0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:22 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9EA0 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 05 Nov 2023 07:43:22 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9EA0 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 05 Nov 2023 07:43:22 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 9EA0 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=pWBYefqBv9eM7BbR-0a4ZqaM0xaXhn54iQNEIUcogu-IeGjiixkm7gaLa27-Np1c3Rq8LUVAq249TxkN8Schjtp-ACXSvxOpgTK9PDlATVEzwQnfPV7rxvwzFxmRE-B--IB4ltWuBm1jLfRkzm6f0mv5O4_dgRv3xKgxFKr_BcfHYav1VUq_4vqNPxQeBve9j-oEa-myo-iRVIePqQWP8vbfEs9eTNvHOIqBojDa7IqQqmVIlR5CibC0b9fmu3vSypWrb51NFF2dQ5pR3a_PVwmM3f09lDWfHIP7nBH_udmxrRiVQ_GNdCZGjYmc_8sS_E3WuU7bTAKxotKxHza8sUabnlC4OtYHpKrbkspRoVHtT80iAmbKQ3S9lGd1-4Ju-n1xg6Q4v1tG5iTYDNl33dz2QhCxojFHSV-l8AQCDluFkm9I
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1855487
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9EA0 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1872488
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cz%2FgU%2BFONIm1KGx0%2FMQyW0%2BP3ZN5sYy%2FPIt4kPNdd0E6lIdEujrOamIcY16A%2B99IS9bIjDeswq9RmSiaNMYKJe82h2sYNmAdNVVmqqMz3MMILFFpK%2Br0q%2F0GHQJIqD2o9nzqh8V5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
767d28271cd2a80d-SYD
expires
Tue, 31 Oct 2023 07:43:22 GMT
19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
static.criteo.net/design/dt/ Frame 9EA0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Dec 2017 12:57:30 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5a2151ba-3b68"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:22 GMT
b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
static.criteo.net/design/dt/ Frame 9EA0 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 30 Oct 2017 21:00:07 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"59f792d7-7a00"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:22 GMT
animejs.js
static.criteo.net/animejs/ Frame 9EA0 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:22 GMT
097caf205a8140a3879ec4ad82b687a1_cpn_120x600_1.gif
static.criteo.net/design/dt/77429/220428/ Frame 9EA0 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/77429/220428/097caf205a8140a3879ec4ad82b687a1_cpn_120x600_1.gif
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
75048e3d34699db3124e9c31ba437f3574959b8a3fdef9fb378f87bd550d1cca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 14:08:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a9fce-72c4"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
29380
expires
Sun, 05 Nov 2023 07:43:22 GMT
img
pix.as.criteo.net/img/ Frame 9EA0 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=77429&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F3730%2F191118%2F3a490a63c2d94ff298dc73e27e12e075_logo_darkbg_horizontal.png&v=3&w=236&s=CjmDttPGZ8UJhdvCbD7EFyYC
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
63000f1d5ddcd10ff7812cf6f2eee53820014c23995b5c2b62919fb0ce6e0a50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27555460
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7996
expires
Mon, 25 Sep 2023 06:01:02 GMT
img
pix.as.criteo.net/img/ Frame 9EA0 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_116824_al&v=3&w=400&s=VVMmX2L0MjwW7UTJbqRSGVwt&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
6866724fec94a84b7c8b80890688fb7136d03a9408c166ae129d7c9bddccc3d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11664
expires
Thu, 10 Nov 2022 07:43:22 GMT
img
pix.as.criteo.net/img/ Frame 9EA0 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_448619_al&v=3&w=400&s=cOQpCC7vS0br4NAOzwFr8U3p&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
dfac583f9f25785f1b66ad99a4c016f2ddbfc35e564450a3c21720cd4d915c9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8258
expires
Thu, 10 Nov 2022 07:43:22 GMT
img
pix.as.criteo.net/img/ Frame 9EA0 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_162196_al&v=3&w=400&s=0QXM-o0FiyJS74LUGX45wYX6&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
0ebf2f2dde381ca38c07cf6af048157a6cdf7a09ca5e63ce50d7284149f61147
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12204
expires
Thu, 10 Nov 2022 07:43:22 GMT
all
csm.as.criteo.net/ Frame 9EA0 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=DWO9NcIsEAEBWuZugU_8e2jg22--XmWaAbgbAN0AB08CS2BK3TqIuJtseAodbLttBxO3iBFUeuUu3jNHU-K3cx8R40xCb89DC_54bSO9nXWdUPF91sVxDtAh2R68PPx3PgZeQXEWkzooCJJvX_WaIqx0Zs97-k9PPRxQINQ3kXAQtsE98hi8ZV32nSs5jdYzaf4fh9EQtu5OuuOxcnfsQA-qY80KZpSKjZj4LzaU4RCcMlEMPjTODbPY4RZrnfWZCJh0By32Yi_z9Ezv&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 07:43:22 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9EA0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:22 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9EA0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 07:43:22 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 07:43:22 GMT
csi
csi.gstatic.com/ Frame DD3E 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~laarjrug&c=1394850335265&slotId=697425167632.5&qqid=COqz7-qOo_sCFbqI2AUdvkoLNg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.204.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ti-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DD3E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 11:07:40 GMT
x-content-type-options
nosniff
age
506143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Nov 2023 11:07:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DD3E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 01:45:16 GMT
x-content-type-options
nosniff
age
194287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 01:45:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DD3E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CCCUvmKtsY-qHL7qR4t4PvpWtsAPdoPaZbdT68JHjELfLor3AARABILqEwDNgq-yxheAYoAGD3taSAcgBBakCYDFZDRzCoz6oAwHIA5sEqgTsAU_Qu2auuo_ntvApepYH15UemxvHtW-V1H82pQu26pNp_IoyMkZv6mFVN4k6sS8Gn7BKSYuz6Q2LeCU4ovjpbHTYqGXnrI0nPpwg3ud-6rFV1D-ylGVTizOAk3GdwlK-ZUcUeFaUfPZoltL7Ox-u5Q9HJn6ehS6WkcAk7BbBZCEenNsn6MivlZIGSAoV0BS5Fe-SWiUeeCT-6rAcElv3jrC490swO015d_btC-VtuTtpOD9cUkfZsnnnd2_QmaSOoiTrJs6eHdgHm9BDN9U7NTwCj20jQ4HNtCm-TKQzn2MWAoiQ7Hx6T_FwE7sfwAS_-rvEogTgBAOQBgGgBnaAB-Whqe0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAeALAYAMAbAT6e6JEcgTgK-s4QPQEwDYEwqIFA7YFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1668066203328&ai=CCCUvmKtsY-qHL7qR4t4PvpWtsAPdoPaZbdT68JHjELfLor3AARABILqEwDNgq-yxheAYoAGD3taSAcgBBakCYDFZDRzCoz6oAwHIA5sEqgTsAU_Qu2auuo_ntvApepYH15UemxvHtW-V1H82pQu26pNp_IoyMkZv6mFVN4k6sS8Gn7BKSYuz6Q2LeCU4ovjpbHTYqGXnrI0nPpwg3ud-6rFV1D-ylGVTizOAk3GdwlK-ZUcUeFaUfPZoltL7Ox-u5Q9HJn6ehS6WkcAk7BbBZCEenNsn6MivlZIGSAoV0BS5Fe-SWiUeeCT-6rAcElv3jrC490swO015d_btC-VtuTtpOD9cUkfZsnnnd2_QmaSOoiTrJs6eHdgHm9BDN9U7NTwCj20jQ4HNtCm-TKQzn2MWAoiQ7Hx6T_FwE7sfwAS_-rvEogTgBAOQBgGgBnaAB-Whqe0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAeALAYAMAbAT6e6JEcgTgK-s4QPQEwDYEwqIFA7YFAHQFQH4FgGAFwE
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame DD3E 		30 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AcfIUQP_qDEom_hqcwDvzRVUThrn2FV9J6tEoK_a_3Em699UUfPHwEPG0aisOzAyNSEvS4vTLDiflrpPKeGiImFLaWBw&cry=1&dbm_d=AKAmf-DcfIZ1Fr811uOwEOFw7fDeeJcAtrr9ERfCANvytKYqZwr8GdyprJh9TEf71S5bfRg6Rx667OdLzMc4T-_NTRV1VQqG9IPfWejWg0_iiwA2nkSI-GsscJfQVJi8yWp50TMAtiKENhFm3Sn03TFlxFUrqitlRokM-djSVHHUblvViBUNhY4g2T08SVsEla2PNl5Nv-f_0NLpXQEZoLXqftQIdrrVKwi7JRkhPLUXIN-VAr5MMtKz-6z94zguYn8HCyxhh2XgRN-TXD8yItwM1yVu8kpVanZxJA-cG4az_cQpqAhoLJxR8wCNG6iMWQkVSBeOFvCO9uKzEZrJ9FHY00ssSrEfwVZ3SKkBfMIZeUAYglbXeEa457o4JzvNlCAXBzMyfjz97dyXSo4WBZCn3oyhMrakJZeVu9KJx4M3xG1sr2b4N0q_Ixx8UoVQ59JjlQ1jw_CJ7J-FRDDMx3iUJdw0dKVvmmKXdCBI73Jkwtq_5uiiTd6DP56wiKN-40sI6PmDb57qVV-IBg2cVw2KonZBaYK4uhkD_gWy40RRLwlK62XjNBC28J6_QkI1T10OljxcsyCwb4jiS36sk-j4ZAJKlLXhrBWHrSZoNqJ5pMDJEDP6WyWCIN8pJJFe0jR2N1EUljzIN8iHvMaiEnbYz3E6O4wamaPOOBCphw3ckC1F2CojltRpHbiLwCLh05R3mrLozCjDVoM76i7M4kO_hhySKbrdKgarsMvxpe82idAFTSqweZdw69MqBcp3TaxLGI0Tzy_DwXJMhADzZfMmd17PYjMGl47D48YWxR2beRX2fdA3o-XTPG1hGdf2XPSGF2k7IDn1gtvnEWYhtM2XSLf_ey7lmA-el67jXmZicI8qEEBKwodEgoyNa48tfhG3ALzGgAzO2kW1KnLvcFIPihHhkvmhjJrk2l4vO2AwJzSlbifSY5r7dk_kHLuscZR7zyXDzne306exE4J9m4eXMcBbag_E7Gk2NGnW6BKxw9-wzRnoNvFbR1XUv5dhCf3KmL7_CgZ4TcyLG8EoCVXScLCqrA7IyXXHAO3sB77_JNmN_B0gmFh5al-hGGHHw-555EcW4GlxukGI1ZJ9259IIl3GFkUyFr1T8fkNpOBcngW30i9fl4onOMV3DuDNpMjcj2FcnqnQ0aDLHezYxv6EBHfsh7krkhQ7SJYWPMqaLQRZok6hpiQjgx1nGI2xUcPw5kAQw5sgTQtv40VqcRhOy8lmcvm7-gy90q3Ta7cJmKtrg9m7Olt7k8sFEcZtdHDyUmzJDLAv2NRjvwrajQd2AcZcfNaq8ZYon-_Q4q9B39m1sz-cXZ-BKzfMBQz2Hzdtp6At2XG-6djzQ_NcJtLYJta6wODFC-UqiblyD4k6U79uuCNUXZXy2I9cAooutJvxst7sG42SWxFQtWwkICGx6MBC3Wyizoe5YScaY8LJuWY9echbGKu65xqE6Ziqx2UIrMm5FOTj176lUsuP7-7-XguXradDGBSoV-cdHwT-j7upks3as3ww9iuw8MdoXQPjxfG7IIQ0cHqqwJiR7tgNaNWbzndFj3Bz4tPu9uon6MA6Qfg1osXI5A8UT61z1v1ayxXBRH_ltYZcBjBPmk3g6x0s6EFnRJD7Bwa3Xi_Qo4qQQdIidsu2PM9UT9Sa5dDn8AesLLVVeNgDdRrAefwn9YH1spt7ZFC_mH_dHuWSBMUbSnKbPMFe7ArM0NLgtw_qcJjsvKoYIHdyXjof3VPdOegrx1Gc835yvWezLpujn7DwGdjiWS04YGLoqEkK0nkY-IKDnK6azW_LFcNsPU-JOs522T_51M3L1a2P3141j5WprSRFCUAtVlfqhU4LL_I-K9lS8m1VDboHhMDOy1xJXFQCKLXxrxfGx4gZNDZJmsSt9yQDxmSV-2NVT1V8JgzJEgkpjmVGwgwaJ8dY7yTb1MS9OcVFtmUV04f0nZS7UTTnFBD6-2f1pklyyf7PEVMQ9u3NCxQJARJE3Hj2bH7yDwSdTJe9yAUnzWWxNEiWVynIjL-lWYK_f3_e--Rtja_E-W6X6OF8Iu_IzzGdMkuEqSRFW93GzL35BUe-xLGPqDtWSlmJxJ-adpOZOR4IkF4_xZsrSeL6wmQkSBXlyPPWdCITeKChlwb0eUVltzNeKRyPOMpbSzKU7goN3Z-uUkJ-dYwt6N2dJaP6CDGf1MB9jE5miEp3a4K_bGq6B_YlJK_-vMoWHA-goV0rYTCGsT-f9qFpTT8rUzfGd-dMWEMFCwTAHSBfqhCFcIxVXUlixLrfzX3KzNy8u908F2-HkQvgtgoczJE6uKEYn4GqSbsu0uMLrW3kcYWwgpIGyxkoNuVP1MdRf6MqCAq8lk9yNv-dmS9mKmS3BrvYCVZaaYKgvDtmwxVMc9blcgiEZhBUhTkzbG9yHmDsvvmTOnb5jNpWy-5NWw4NjPhqYK8Rykq6PTyxDE2Hk9tIYrNewXE_lt6AEXhb6uuAOy1QtC1Ydcdfj_jePovNNg98bcp8DDGBKOJ6V1Su8N3jR13A3dE5IHKHSkmsLX2MgnO74rvumAuTxPyN4wtWcEYSte1VHZK-Y3CRCg5i8rGSRWfJq-XE7khGkzthcyOaTp7TG7qy__BZSrf0zSfK3yLxDx5_KulNBUaMnYz8DMcCBn0CP3wmjUQY8s1AA8JC8G90JOWr9JxSlykcs9ahXuqigvhpxAxngdfXw_4PlnLpJj4wT_tuHGVx4Wsky_l2G0GO1gMHt9jjNYVu6Y1Xi9DF0S0qPl0bsXRqHLFy45tEYB7XTRGcQZsT4aYlKsjZYV5XtlPG3u9a1uwKMa_dxToKV8RCP3Uwv_67e8OI91iLTXttyQRiPIuncVb1iouv_GFxsUPYXq0_hT2qHorE7zbvvGg1VHu4Q0YhaYaNgucC8MruyIJx6nOc4xkeE-1yzXzUcjBcSSXDMdhfN9V6wtxsnp5Eot554bQXwxI5Op0paxNrgRqWUWIM09U-W3vkfWO8ewH6XaxRKmzhzVg2NECh01px4mK96Ji0tTSiogYyQHAnHDVs2o846CFxkw2VlpPhGktke0iUxPgBh39QZOSm_v_h-kaNRhAPsSdgdELeWNuEGt69Q82Xx8m4kWQppm1qMD6cAYDtwBcZmEjTazPyai8AWeTrRQKqzAGGgmaHpNmqAdJPPofN7_NMGcLkEc12ivRYLbmpBU2RwdyBg6pQdgFtv7P2QpNRBxXCBQbYEGtNykgljSR3MY98jzRDfS99PbI0EbmEt4NHwZbXWPBKkuHW_cVH-wLPBEFwINignQmG-Zh7Q8rRlShd_lUj5CxcD2VaKXHYdgb4b8kMlCtk3jyCcRCs4dE6jOSd7MAJDP31yzkbpoqv9LNBJ12wVjQrVmr_hMUtFJ5g3qBA8GhWbR7oX8oHtTM3QTtPX3qZyLxK2tgsRHlS3LL5O899HLtE-ntwaqSpER-KtKovXPW9kcxIhSIZmYpov0wbYB0eho2u60feegjXXEVc2zOG1QpyTyHUpAQzfBI_1XaMbdKFmzNmbf0kwj81gLDc6G9LwrC4U25JWkEquJLk5CTNgmPispzS8uLyJs__Liop_AofPZILfpw3baNGszognJEIOu0vgnd8x0LBrR15r8Z5_uaxN12yoXnh-m3QeUzO1M7bFXf-LinCmdNXIU2hX9h7QeckuojqI4w0UQBEejnROgZhNgUpKES7P0w-iWwB2nhIsikq-FpZWkgtzTfx-9qfoArZxWNydwDS0caY9s0&cid=CAQSOwDq26N9SEVe5UMMTi_DmDMJu8OignIxNm7IRZ3tqmRH4T9Se5iFYaTpIc7BkuLsBTez8IGcU4ZKTy8BGAEgEw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
df6e23d546a72a6bbeb1524b4575313b23b2579406be74b3ac8475e21c8e9dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16333
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame DD3E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDvWjmKtsY-qHL7qR4t4PvpWtsAPdoPaZbdT68JHjELfLor3AARABILqEwDNgq-yxheAYoAGD3taSAcgBBakCYDFZDRzCoz6oAwGqBOkBT9C7Zq66j-e28Cl6lgfXlR6bG8e1b5XUfzalC7bqk2n8ijIyRm_qYVU3iTqxLwafsEpJi7PpDYt4JTii-OlsdNioZeesjSc-nCDe537qsVXUP7KUZVOLM4CTcZ3CUr5lRxR4VpR89miW0vs7H67lD0cmfp6FLpaRwCTsFsFkIR6c2yfoyK-VkgZIChXQFLkV75JaJR54JP7qsBwSW_eOsLj3SzA7TXl39u0L5W25OzE5panB1Z8gwjaDESlt9iVeTnva5Xjj8-FNx2E9PTEcJJc8iUnTXzKcB6aYZtW0hcr9oLz0xZ6jj4nABL_6u8SiBOAEA4gFssGo_EWSBQsIIhABGAFInoTXAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH5aGp7QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDT-wwYvdjB1AHSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwGwE-nuiRHIE4CvrOED0BMA2BMKiBQO2BQB0BUBgBcBshceChwIABIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=ea4_uWB0HKM&uach_m=[UACH]&cid=CAQSOwDq26N9SEVe5UMMTi_DmDMJu8OignIxNm7IRZ3tqmRH4T9Se5iFYaTpIc7BkuLsBTez8IGcU4ZKTy8BGAEgEw&vt=10
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A5F1 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
6135
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 06:01:08 GMT
etag
48472445140208031
expires
Fri, 11 Nov 2022 06:01:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DD3E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec0e03bad7bd027a5722f33d4d0166a6708b91b5a6cd082c823f66aa159f0ed8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
all
csm.as.criteo.net/ Frame 9EA0 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=DWO9NcIsEAEBWuZugU_8e2jg22--XmWaAbgbAN0AB08CS2BK3TqIuJtseAodbLttBxO3iBFUeuUu3jNHU-K3cx8R40xCb89DC_54bSO9nXWdUPF91sVxDtAh2R68PPx3PgZeQXEWkzooCJJvX_WaIqx0Zs97-k9PPRxQINQ3kXAQtsE98hi8ZV32nSs5jdYzaf4fh9EQtu5OuuOxcnfsQA-qY80KZpSKjZj4LzaU4RCcMlEMPjTODbPY4RZrnfWZCJh0By32Yi_z9Ezv&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrmAALw-wF2Ii6AAtKvqRr1dX_7OGPKSnqGw&u=%7CEj2rf2W1ioYOBtnOCVfp1Ejaz8BxfxSv31hYpkJEwL4%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqcyzkjJURFcWTWQMoaHPHUQRj3OndWtmugvoyzfR__71cNF421UA8y2AbP0iB51MPBKnrBAtCRNq_JQynKjVaQDU_ubSZ3D18bbDMx5LT0IPNJuujUkRyHo6CTG5LzAdGLTxAeJoEFhUbGR1OfuLVAfM85FUD_vd-j3katiIDNQqQTKXsqbyj67eH-2s2VHjC_LTQl8jvhL9qPJIVdfvh77FD_wtRNyUhB11j1RMyvZGXTxBdnbq6SzT-9EYFOgUrUUUeUkLnS_heAM_5tWQRdDQGiLTunWIhH07aU5tziQXSed-l-dGzgFPGvbd4lmjTYxM-KvNiQ4JJCEjXrgZHXrCjN2jcpTq3Ptj0QXuUa26qrphw2qfPCvc5l__065yLAqJhEfWNxRSR8myPCOmTxGG-Ok_6pA-lNnlwy6O1gWpM5MU4f2XRsnmrbSDTiOGvLnHCPeBRghLcVjiKnFmoarpTB5_BjUXDUrXUQmwMp57DZpL_f0gEY4gMRT6T462ZmgFl_xmf6mXY7RN94m2X9mO4z0fKjoeVnC6Vg36FyHjPc-Uiv3hcXec7ncpiElKrECU7kaED91HC8wfjznDYn6WM4aLSZpHYVimPZL8k3yAZ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXjSOmKtsY-yHL7qR4t4PvpWtsAOY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLNtITdEpSlPuACAKgDAaoEwgJP0CB3jCJeW8Bad-QrEkuEzl-SXnlQRlhoC05cpJW-KdKi-btD5XhvrtQBNP7AkBCj2WPY52glhBqm8Sla-9kfZ9J8r4Ijcp2Nl6pD59TreiHbGVPmGrLLFFYMd40OfO-IxJUZtthbd-GWyPfUd9Wph-U5WKAtvqA7_s-C5-KxBDCTrGw0YatmY_i1vl9Qq8Fo8OzR_4kyvgZqBOrmHiBTKc24KR-NBYKPPca-DOoV6dqjT7EhjrrNPhwGGafiHKD5wDuMG9gJtStvfGhHqLFhIadXTk9Bh0qKp9SUxnYqPXi1SCqaSua8Yopqbu3t0hb0_DcGmc3tZd2HBfyxc_7Kxgdta0_th4L5Y5akwu4TUf2AvXC7IXUuLRRPvS1xKMSTloKSGAXb-Y8aeLfPuOFOy_8sP4JMCGw5eolm8xPPj5dd4AQBgAaYopzT7aee3SOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1U57ix8RKTu6uKmWhvcFbxtNyvyA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 07:43:22 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 50A8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstL3c6myRhof-1zfASQUiUi6StfbA74OEDoMuO-NHlyVp909ohFUG6TjJt6Cl3pSRg_HG9PxaXJJqYzHt5G9WNbAwMvjWbAvRHaakreu5FQPLTsHYpU6bYAWlu0Oc4rFl64Zw8&sai=AMfl-YTchFdaLm38RUYWmtp-Sp_ZWIYnwV5GfZJfxUmQsT5Z2vNW-AH3MTu3OC8G6bDveEnlxc_83QhItQ_NGJv6pvbJidvKbnsz-E1COAHh2Bp3P4VC_r_yZleIFDstkA&sig=Cg0ArKJSzHnkHa-husm2EAE&cid=CAQSOwDq26N9SEVe5UMMTi_DmDMJu8OignIxNm7IRZ3tqmRH4T9Se5iFYaTpIc7BkuLsBTez8IGcU4ZKTy8BGAEgEw&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1041&tls=2041&g=100&h=100&tt=2041&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 10 Nov 2022 07:43:23 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
384243
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		335 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
27bbf9ad6df06090fd39e63d2e35b3b3ade1a2c9dd1a951847b87b488b39493c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
746108
expires
0
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
cce1dc4c1ad4781f13ea8bb2f581ef93efc570a3873187c8f7b0c35747086334

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 07:43:23 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 10 Dec 2022 07:43:23 GMT
/
onetag-sys.com/usync/ Frame 151B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1668066199911
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
920e8c3df69377992f1bb75d01a759eb085188c39e6b20689b9ff39904afe340
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1372
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 10CB
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
1ee809ff73a64ebe6bef729e371e30fd0d12d19bf5f9a9bff665879db16b9e40

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1138
content-type
text/html; charset=utf-8
date
Thu, 10 Nov 2022 07:43:24 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 10 Nov 2022 07:43:24 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
checksync.php
contextual.media.net/ Frame C583 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
63af0192ee2fd131b1b79cf8097cb830e3dc9b29580fb378fa089bf0340adfc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11837
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 07:43:24 GMT
expires
Sat, 12 Nov 2022 07:43:24 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync.html
public.servenobid.com/ Frame 9567 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-9.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
330f76ee720927481e92c4f344a43bdf66af209bb74aad6be1ceaf75092928df

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
23020
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 01:19:45 GMT
etag
W/"3f9fe5e8418a849fb87380af5ee37be6"
last-modified
Tue, 08 Nov 2022 01:16:39 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 8fa6a359afa3b10c460a2c884c6400e8.cloudfront.net (CloudFront)
x-amz-cf-id
liwOMPmgXT7yaCU48-jT10SAoNvd-iVZlbvVTws2jD-K_aFCuIrH_w==
x-amz-cf-pop
CDG52-P2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b53fbd2f-551a-488c-a424-2e86d2c8da6f
x-amz-meta-codebuild-content-md5
1392d0a0af229d92a17f00e1ea0d9335
x-amz-meta-codebuild-content-sha256
ebfa1f961263d3afe7dd71dd9b123dfd9a7fb454041f01580b85f67111a14543
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 8E30 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
1050
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
767d282eb912a93b-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 07:43:23 GMT
expires
Thu, 10 Nov 2022 11:43:23 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 20FB 		533 B
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0b3312a7bddc7e21cf8f08f2b6ba5dad959d4a5820712dd134638dab9f2d322e

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Thu, 10 Nov 2022 07:43:23 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 9549 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Nov 2022 07:43:24 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3BBF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.199 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 10 Nov 2022 07:43:24 GMT
ETag
"623de86a-cf34"
Expires
Fri, 11 Nov 2022 07:43:26 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame A5F1
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPnirxurNhFKOwzzNbj2h70&google_cver=1&google_push=ASkJ3Fa53EY6OMnQJjxhCTbAVKilYiB7VZYxwAXDRMOoVt7g_p8MIscmMRwOcszdlj0qhPVieESC2...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3Fa53EY6OMnQJjxhCTbAVKilYiB7VZYxwAXDRMOoVt7g_p8MIscmMRwOcszdlj0qhPVieESC2FC0fzi28rrBiSp6wFW7xHfFtS-3j5CMxogxjVOzebKZmntEooi1W4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3Fa53EY6OMnQJjxhCTbAVKilYiB7VZYxwAXDRMOoVt7g_p8MIscmMRwOcszdlj0qhPVieESC2FC0fzi28rrBiSp6wFW7xHfFtS-3j5CMxogxjVOzebKZmntEooi1W4Nd55UOiep3eQRZfwV6nkvV5O8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Nov 2022 07:43:23 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 8C88B8F06D184B04859C519E91C1860A Ref B: SYD03EDGE1619 Ref C: 2022-11-10T07:43:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3Fa53EY6OMnQJjxhCTbAVKilYiB7VZYxwAXDRMOoVt7g_p8MIscmMRwOcszdlj0qhPVieESC2FC0fzi28rrBiSp6wFW7xHfFtS-3j5CMxogxjVOzebKZmntEooi1W4Nd55UOiep3eQRZfwV6nkvV5O8
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtGO2OKYipj5eBr1MIzA==
sync
gdn.socdm.com/rtb/ Frame A5F1
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEH1Baf-Q8YIVb_3LEUl0q3Q&google_cver=1&google_push=ASkJ3FaPa1cqCOCWZNUTz8y1YSNinf7ZBDhmG5LDW0yoCyMra_qZqW9pf8deIY0tg5did...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTJ5cm5NQ284WFVBQURNcUxsNEFBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEH1Baf-Q8YIVb_3LEUl0q3Q&google_cver=1
43 B
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEH1Baf-Q8YIVb_3LEUl0q3Q&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
HTTP/1.1
Server
124.146.215.3 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 07:43:25 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEH1Baf-Q8YIVb_3LEUl0q3Q&google_cver=1","cluster_id":48,"gdpr":false,"ipv4":"116.90.74.196","key":"Y2yrnMCo8XUAADMqLl4AAAAA","privacy_sensitive":false,"uid":"Y2yrnMCo8XUAADMqLl4AAAAA","upstream_id":"m-ad304"}
X-SO-Key
Y2yrnMCo8XUAADMqLl4AAAAA
X-SO-Upstream-ID
m-ad304
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad304.dc4p.scaleout.jp
X-SO-UID
Y2yrnMCo8XUAADMqLl4AAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
116.90.74.196
X-SO-Cluster-ID
48
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
5
X-SO-LB-Hostname
m-ng15.dc4p.scaleout.jp

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEH1Baf-Q8YIVb_3LEUl0q3Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A5F1
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEF7PGIgiMHhYk426gEkaFEg&google_cver=1&google_push=ASkJ3FZACjRgBH9dWeccH7LEImYZ16hHX30Z9hqhDnbGzNEbfRoa2Gu_EthuxP8ZaUtfx3VdjizAfLMXb9zxDx9XP6bgBm3oo1lAU...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FZACjRgBH9dWeccH7LEImYZ16hHX30Z9hqhDnbGzNEbfRoa2Gu_EthuxP8ZaUtfx3VdjizAfLMXb9zxDx9XP6bgBm3oo1lAUOmNBs9tQhjQ7Yiwijx50rGF7j6NUpRPmu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FZACjRgBH9dWeccH7LEImYZ16hHX30Z9hqhDnbGzNEbfRoa2Gu_EthuxP8ZaUtfx3VdjizAfLMXb9zxDx9XP6bgBm3oo1lAUOmNBs9tQhjQ7Yiwijx50rGF7j6NUpRPmudrg8Dt3asyOUaC-lw-J5c&google_hm=yvpaLHslzWwWXwB2LoL9Zw==
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:22 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FZACjRgBH9dWeccH7LEImYZ16hHX30Z9hqhDnbGzNEbfRoa2Gu_EthuxP8ZaUtfx3VdjizAfLMXb9zxDx9XP6bgBm3oo1lAUOmNBs9tQhjQ7Yiwijx50rGF7j6NUpRPmudrg8Dt3asyOUaC-lw-J5c&google_hm=yvpaLHslzWwWXwB2LoL9Zw==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
nn5fgq8991olckft99fuvt3fjhe036eu
pixel
cm.g.doubleclick.net/ Frame A5F1
Redirect Chain
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEHjIP_RGXK819H26k730x_U&google_cver=1&google_push=ASkJ3FYY2aPf1r4-fN-Cpda2l_DoUbGWGOiayVlLgCQybFsE3oHWCPCFOeiROdrC4GsBh-_7-L0rQBAMlbMV4H_Elvh_...
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ASkJ3FYY2aPf1r4-fN-Cpda2l_DoUbGWGOiayVlLgCQybFsE3oHWCPCFOeiROdrC4GsBh-_7-L0rQBAMlbMV4H_Elvh_JoY6IgxKEOKjngq81Vvawmf8wiqeRK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ASkJ3FYY2aPf1r4-fN-Cpda2l_DoUbGWGOiayVlLgCQybFsE3oHWCPCFOeiROdrC4GsBh-_7-L0rQBAMlbMV4H_Elvh_JoY6IgxKEOKjngq81Vvawmf8wiqeRKyzBYrj6fc8waqpFJLaXwRzZ7qcYcqOwg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ASkJ3FYY2aPf1r4-fN-Cpda2l_DoUbGWGOiayVlLgCQybFsE3oHWCPCFOeiROdrC4GsBh-_7-L0rQBAMlbMV4H_Elvh_JoY6IgxKEOKjngq81Vvawmf8wiqeRKyzBYrj6fc8waqpFJLaXwRzZ7qcYcqOwg
date
Thu, 10 Nov 2022 07:43:24 GMT
server
nginx
pixel
cm.g.doubleclick.net/ Frame A5F1
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEGdxK1w9rZ2sH-OXZoh3qfM&google_cver=1&google_push=ASkJ3FbOUc-_8a0tjREbP0JoTrx3bfhRBFH7kSjx4JeEVDHIyhJbXuT4cvdMMjZx6JCSO7_BJnJ9UsUus9EDCWem3ZbrGgy4szK...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbOUc-_8a0tjREbP0JoTrx3bfhRBFH7kSjx4JeEVDHIyhJbXuT4cvdMMjZx6JCSO7_BJnJ9UsUus9EDCWem3ZbrGgy4szK3bB2nEX2TRrSaQGfzD4U-zMOXTddEqH3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbOUc-_8a0tjREbP0JoTrx3bfhRBFH7kSjx4JeEVDHIyhJbXuT4cvdMMjZx6JCSO7_BJnJ9UsUus9EDCWem3ZbrGgy4szK3bB2nEX2TRrSaQGfzD4U-zMOXTddEqH3mES4Ld80Knd30hogWcG_kqqk&google_hm=ZzQxMDgwNjdhMTk3Y2YyZDgzMWY=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbOUc-_8a0tjREbP0JoTrx3bfhRBFH7kSjx4JeEVDHIyhJbXuT4cvdMMjZx6JCSO7_BJnJ9UsUus9EDCWem3ZbrGgy4szK3bB2nEX2TRrSaQGfzD4U-zMOXTddEqH3mES4Ld80Knd30hogWcG_kqqk&google_hm=ZzQxMDgwNjdhMTk3Y2YyZDgzMWY=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame A5F1
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEJaGKqhSHcw1RTmNSMUvx4Q&google_cver=1&google_push=ASkJ3FYCrWqmF6lgtBTlw0Pcn5Uw-HzpoWEiMv50vfyLidTGC2TqlCyXxbvuFxaTnRCAaih-6zhBlz3LSTlsmfttH4EIdifDxO_iUnEq...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DASkJ3FYCrWqmF6lgtBTlw0Pcn5Uw-HzpoWEiMv50vfyLidTG...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOpKO80yO7jfZI2QyGbFO19nk0PZETU1se_YpoWA&google_push=ASkJ3FYCrWqmF6lgtBTlw0Pcn5Uw-HzpoWEiMv50vfyLidTGC2TqlCyXxbvuFxaTnRCAaih-6zhBlz3LSTlsmfttH4EI...
  • https://cm.g.doubleclick.net/pixel?google_hm=9aCHoMJbErMJyBFxIS18&google_push=ASkJ3FYCrWqmF6lgtBTlw0Pcn5Uw-HzpoWEiMv50vfyLidTGC2TqlCyXxbvuFxaTnRCAaih-6zhBlz3LSTlsmfttH4EIdifDxO_iUnEq6JSFPSZ6T314sKu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=9aCHoMJbErMJyBFxIS18&google_push=ASkJ3FYCrWqmF6lgtBTlw0Pcn5Uw-HzpoWEiMv50vfyLidTGC2TqlCyXxbvuFxaTnRCAaih-6zhBlz3LSTlsmfttH4EIdifDxO_iUnEq6JSFPSZ6T314sKubPP9lHu3sR6dLjGlzKxM_9LRyID1WSiP8X50&google_nid=inmobi_new_eb
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Nov 2022 07:43:26 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=9aCHoMJbErMJyBFxIS18&google_push=ASkJ3FYCrWqmF6lgtBTlw0Pcn5Uw-HzpoWEiMv50vfyLidTGC2TqlCyXxbvuFxaTnRCAaih-6zhBlz3LSTlsmfttH4EIdifDxO_iUnEq6JSFPSZ6T314sKubPP9lHu3sR6dLjGlzKxM_9LRyID1WSiP8X50&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
280
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame A5F1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEE41RIxNdufUX_Fq5qxzvfI&google_cver=1&google_push=ASkJ3FZ79ZQVJfo49nuQwqZVMxWO-IlOIR1Kwus1RcvmTPaIVQuc5GjXTecgqoXq8x5JWJHP2YI5o...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEE41RIxNdufUX_Fq5qxzvfI&google_push=ASkJ3FZ79ZQVJfo49nuQwqZVMxWO-IlOIR1Kwus1RcvmTPaIVQuc5GjXTecgqoXq8x5JWJHP2YI5o...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FZ79ZQVJfo49nuQwqZVMxWO-IlOIR1Kwus1RcvmTPaIVQuc5GjXTecgqoXq8x5JWJHP2YI5ozbxcKe5SCFJnuj8scu0-53ZY0ZIknhGlCifgLacB6aFzeM9Cov...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FZ79ZQVJfo49nuQwqZVMxWO-IlOIR1Kwus1RcvmTPaIVQuc5GjXTecgqoXq8x5JWJHP2YI5ozbxcKe5SCFJnuj8scu0-53ZY0ZIknhGlCifgLacB6aFzeM9Cov67YRZHGK003Yu0FaJigJrXOhvUA9K&google_hm=WmtNUy1ma0ZfbG1sWWJkZ3dPMVY=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:24 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FZ79ZQVJfo49nuQwqZVMxWO-IlOIR1Kwus1RcvmTPaIVQuc5GjXTecgqoXq8x5JWJHP2YI5ozbxcKe5SCFJnuj8scu0-53ZY0ZIknhGlCifgLacB6aFzeM9Cov67YRZHGK003Yu0FaJigJrXOhvUA9K&google_hm=WmtNUy1ma0ZfbG1sWWJkZ3dPMVY=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
296
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A5F1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IT-xnuZXHdeBwx9OsfWdkp1mHkF-SFQ_AYGzN-Xwhb4nT07MO_kVg9oNZ7rqphMA29yZbahjg
Requested by
Host: 6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
URL: https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame DD3E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 06:41:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90102
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 06:41:41 GMT
file.mp4
r4---sn-ntq7yns7.c.2mdn.net/videoplayback/id/8f877c055b2c8c49/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699602203/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame DD3E
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/8f877c055b2c8c49/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699602203/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r4---sn-ntq7yns7.c.2mdn.net/videoplayback/id/8f877c055b2c8c49/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699602203/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-ntq7yns7.c.2mdn.net/videoplayback/id/8f877c055b2c8c49/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699602203/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/83D1B464349D1379757CA7D9715C42433CDE058C.62782B29063FEB45A41073E9507FD67AD1178C84/key/cms1/cms_redirect/yes/mh/lW/mip/116.90.74.196/mm/42/mn/sn-ntq7yns7/ms/onc/mt/1668065804/mv/m/mvi/4/pl/24/file/file.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
HTTP/1.1
Server
74.125.152.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s30-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 07:43:24 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1637836
Last-Modified
Wed, 23 Mar 2022 20:50:13 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 10 Nov 2022 07:43:24 GMT

Redirect headers

date
Thu, 10 Nov 2022 07:43:24 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
642
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
location
https://r4---sn-ntq7yns7.c.2mdn.net/videoplayback/id/8f877c055b2c8c49/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699602203/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/83D1B464349D1379757CA7D9715C42433CDE058C.62782B29063FEB45A41073E9507FD67AD1178C84/key/cms1/cms_redirect/yes/mh/lW/mip/116.90.74.196/mm/42/mn/sn-ntq7yns7/ms/onc/mt/1668065804/mv/m/mvi/4/pl/24/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame DD3E 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~laarjrup&c=1394850335265&slotId=697425167632.5&qqid=COqz7-qOo_sCFbqI2AUdvkoLNg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=676&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.2ee
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.204.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ti-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 20FB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7899739521075907908&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7899739521075907908&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7899739521075907908&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 10 Nov 2022 07:43:23 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 20FB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=15acd010-d2a3-7442-f02b-4cc1fd9bc7dd&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=15acd010-d2a3-7442-f02b-4cc1fd9bc7dd&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&ttd_puid=15acd010-d2a3-7442-f02b-4cc1fd9bc7dd&gdpr=0&gdpr_consent=
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&ttd_puid=15acd010-d2a3-7442-f02b-4cc1fd9bc7dd&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&ttd_puid=15acd010-d2a3-7442-f02b-4cc1fd9bc7dd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 20FB
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2yrnMCo8YoAACKuChcAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2yrnMCo8YoAACKuChcAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
62
Date
Thu, 10 Nov 2022 07:43:24 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":62,"gdpr":false,"ipv4":"116.90.74.196","key":"Y2yrnMCo8YoAACKuChcAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad382"}
X-SO-Key
Y2yrnMCo8YoAACKuChcAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad382
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y2yrnMCo8YoAACKuChcAAAAA
Cache-Control
private
X-SO-HostName
m-ad382.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
m-tgng38.dc4p.scaleout.jp
X-SO-IP
116.90.74.196
sd
jp-u.openx.net/w/1.0/ Frame 20FB
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdhvWWm5zX9Bks8ADv_jFMtnTs8AAAGEYH5cdA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdhvWWm5zX9Bks8ADv_jFMtnTs8AAAGEYH5cdA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
via
1.1 57441ee201b6bfb8ff8be48f8e002574.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdhvWWm5zX9Bks8ADv_jFMtnTs8AAAGEYH5cdA
cache-control
no-cache
content-length
0
x-amz-cf-id
WpHmX5NDztZVbwG9IaHxc5Su4pyYq92G3tIQWJUZJhDrPdo06VJQ6w==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 20FB 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzljMzAzZGEtMWJkNC0yYWU2LWU1Y2ItMTY3ODM3NzkwOWJk
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 20FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBRi6L7o757dsMLUFu6rMW0&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBRi6L7o757dsMLUFu6rMW0&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBRi6L7o757dsMLUFu6rMW0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 9180 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
89495
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 06:51:49 GMT
expires
Thu, 09 Nov 2023 06:51:49 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usermatch
ssum-sec.casalemedia.com/ Frame AD67
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a7c85b52c1d0cc548e1b85f34484a75b899a5bb75a07ccbe1944f81c34210d6

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
767d28343a77a882-SYD
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 07:43:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZ%2BRSEdIuchA96ls3l0T4V4FtdZZSh98ntP0JVtlxCH06b9KvC8064rUB%2BeOpyAIunsOyouwM7Q9myhAcDRbNSUaQh5nDSsycmeFiaMN3QXKVVLjjMmnQsldCjjycoyoMysXs3M00m2uEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
767d2831ad69a894-SYD
content-length
0
date
Thu, 10 Nov 2022 07:43:24 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbX3zTab%2FEkcSuj9LWuIcYEuPTdjOHal8XuywNhCwTOOZJbLgS9vQ9EJn4jAsfWtVS5fUU28YMSA7QfvMgAebYt%2BLFXa8S9QYNKom20Oh%2FihuE0djkEtzTWQTXCIfJSe5yrsJtYPZYWhjg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 9180 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:47:51 GMT
/
onetag-sys.com/match/ Frame 151B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=f21c636c-ab9c-4800-a9ef-096eb7353973&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=f21c636c-ab9c-4800-a9ef-096eb7353973&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668066199911
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 07:43:24 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=f21c636c-ab9c-4800-a9ef-096eb7353973&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 07:43:23 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 151B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668066199911
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 151B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=82151895700031269
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=82151895700031269
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668066199911
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 07:43:24 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
43c1d189-2ad4-4933-bca5-e95e6a9c8922
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=82151895700031269
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 151B 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=OF7YKaDuU_OvINIathxme8A-d57QwlUL0oyw1Vi7l5Y
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668066199911
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 151B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGB-WxGAaixd4FFxO8fbeq4nsL0sEZY2mA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGB-WxGAaixd4FFxO8fbeq4nsL0sEZY2mA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668066199911
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGB-WxGAaixd4FFxO8fbeq4nsL0sEZY2mA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 151B 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668066199911
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:24 GMT
content-length
0
/
onetag-sys.com/match/ Frame 151B
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCJzXspsGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668066199911
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Thu, 10 Nov 2022 07:43:25 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 151B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ieedz1eVSTuPwT6-jxzKRcOFRRP-IjUN2NzzqYvR6WE
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ieedz1eVSTuPwT6-jxzKRcOFRRP-IjUN2NzzqYvR6WE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668066199911
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q8VZRJRH4S3P4KYVA179
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ieedz1eVSTuPwT6-jxzKRcOFRRP-IjUN2NzzqYvR6WE
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 151B 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668066199911
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:24 GMT
content-length
0
/
onetag-sys.com/match/ Frame 151B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMRarS-N5C10YkwELMgSXvY&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMRarS-N5C10YkwELMgSXvY&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668066199911
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMRarS-N5C10YkwELMgSXvY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 151B 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668066199911
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 151B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668066199911
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame 151B 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668066199911
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 07:43:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame 00F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221108&jk=522746669676293&bg=!sLOls_fNAAbvMpMzzzI7ACkAdvg8WjyaWRaEMeCiS5w0rh_nTiwvUxD_M_ToRUlYvyNr1tdWWzjAvwIAAADDUgAAAAJoAQcKAMd-OXxQpWCxoXIc9coA06XUn9BLzn9-h-BJyFAFtFKEoXhXrPpxcczvR17m94Vmx-C24rKYUacPYLaDNixO1RslFXZh2nx6QuGCYGa4-JDwgEtdk3EKLTftvFh5rXnuCtp6AvzGH9Vv2SIPOPkM_W_Ye2ZH3VCyRINiO-ejYiiWbCF_ckwZPC5FNMt00RRPQoCy1HRN0DXgewCU41bpz5MELNkOEg65QqT6rss1O2MlM4ctfmEUhWQsex8TN9pqIZ8t1CP2tchgmQKs1H2qBozJ5zHeL1ij-zZiADHd4Wl5QAhrR9Nso7jV1_V85tvXl5XG-UTPPLnLFE6ltKU9q_TabkL-beaPXzoM_aNQAXhw7BIYb7TQ7lfR9m_jSMJpZVOMjSs-d6mUkwgGwQk-5tf608wLOVlOJIosJUqzOZfKmcx_gxNHnvrwL-izoH4yezUw1WhgwbJdS11-yasRIUjS6KuY-XgE4LjsnRVb-Xop9h7i_tN6zP-7twF8HJTT1mIC4n37Bdb6Uf7rzprn3D-p9bgKibK-wRV9s_fPHuwx8TUJIkHMeEIqHP_WlEkpOAeRcmFbE2MrmrYh0kDn1uJMqp29RlyjV9r0VzA1WLa5wfR4w7lKS3NLFx6sJ0_MgnoLk_-U3vrz9ENj5M9fuUp_j0LpTRdn_X7Ze_J4hW6XAw9s4P5pVKJT2F8LJIqKZ54cm_a1PVetZwFfUZubfeR56Zbqv1AsBB5_6KTyFHIupr1R6SOwjwTs0gzckwZRB6tB4A103D-UxtvQcFDvphHDT7BX0FHLCfUVP68lcgVljZWZWibGdh0QvU5cYpOyXaYjPqwZCrWsx_NBbaqOclpUAlA7vAhD4ym4SBur1HtPVONiJgXxqs1-aegx4P_01Y_WbWoERv29YkuGoMadjAi4moHmxdO0KJAPSTC1KOy4v5xId4AAcVAoeCGB7bVFpro-s4teo1kn3HUoPHTtjfA_pmczia0__QWoi7GjBuli6echaj9JuqStW25pdRxmUee7kf3a0Ubd27HkMB_dTgG2HQesMNE853gh_VufmAqZk9BV2boqFhfeEc7onlata58jwddaowxzEO_JPwFVBuFgK66q51Tnp_j8fffRswzesqUmQyETipoltzru8t71hwDtQopZ5uVMCnuNSjx0dJtSiy7FZdve
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D071 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221108&jk=1547193011255633&bg=!Pj2lPXnNAAbvMpMzzzI7ACkAdvg8WoDbAYRQyti8YQax5sdYKIhD95-dGidu8XdI74HKrD6SYKruIgIAAADEUgAAAAJoAQcKAItE3dwZzr7O5pXuErJhOZeOT_ziFs2soDvvUJEBe-A_mvxt2iRGUqYfqXYz8GjejNb5dSscwSyA-e7OgjBb0ueKshdIFldwH62qDHqD3QoELwBGOal-cKyVxm2H4wtmzRy0idBehgYCRXm4QcQ4YDxdg7DrEuAyiCL3NxwAiA6yhBexIck0VYLYdiexmQK14tESk9A2_8Hb9HyT5zfw2V-0ol-pzD35xxR-ZRMbuXa6HjhwY7ehDermCdFKtOTL_vd1mgZBtfkVresXVUny8eHO2po8oARhEg2LfNv4uIDKPl88jZzSB1BT1idwCI5kpJQ0hLdxzhXVo20WcnGtuXM6yO-R4_4Qzj0whXctqqeOQgG3w7u74e01fe6M8FLsDpKBLDJuGhUA_xe7e6oWHQ6iJ7ZImAO31Jub3pGfw_YTp9N7YA0iSjsWutoZciKHmYHCP5WbCvidZZmolBkfxFuew85KAvdo3CkILVhDwJrs-j6ff9UwdoCyQ0jzeKiJe4q6EDm62mfO6FbEq-KhFpF3J14TV5P173lb-GfmAUg9Jxm2mQOhCqvOb07iePhkUmMq4i4_5S49Rj8X6uT6Hrb4HMFeUqEj1OAVhE9QCzJ_3TQNAoKD0_5y82mor4kn8g1qnZ7z23Gu7Eu4U2aKndFnye3m2FuQ6L7vLE7Hz8wGxi0XMYeU8D7gvPBZIdAXnfFW1vaGONVgHiGFUsC8WUipB9Hhh5IjstooFSf9yqY_anOibvt55Iqry5jtrZH8Sed8N72RpEEc6KA3KFGrTjqWS0bs6ZC2fbSfmOxbfmio4cENeN3UsuMgVd-vjGsvN-EVbE3S1mEzo59y0hOv9tc3JO5WbpGqc8gfqKe2e0Gm6C1svWf16uPsbt9VYo4WCgJ2X28UXwZ-4VhzfXpbzU-wZeOUSKSl0JBT9PYoRYfST4-7dcyf7pGlIqB9DvvG4TfHRrFujg0-aErO5gb6c8Sb9EvbVn-Uz_ozvb32v8uQ4N_PNA62PZ16uVeGQimT-jGyi4-LxZfIyEkGs699wFHfftzM-3sb5uNBprcIuFKAAIBxL_ys8cAH9YRYwcuDDSptpz3q8Ro1aXhwT0wXVuldUeu5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 9549 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
dd95d6a50c1ce65fdb92bc63c64046981f475f5913d423a938b127f0a98e8d60

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 07:43:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 05:17:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77640
Connection
keep-alive
Content-Length
9884
Expires
Fri, 11 Nov 2022 05:17:24 GMT
sync
gum.criteo.com/ Frame C583 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
392976
expires
60
usync.html
eus.rubiconproject.com/ Frame A460
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Nov 2022 07:43:25 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 10 Nov 2022 07:43:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 493D
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Drkt%26refUrl%3D%26vid%3D806620444931106780474436970...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3110678047443697000V10&type=rkt&refUrl=&vid=80662044493110678047443697000V10&ovsid=1917759394693106554
219 B
652 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3110678047443697000V10&type=rkt&refUrl=&vid=80662044493110678047443697000V10&ovsid=1917759394693106554
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Thu, 10 Nov 2022 07:43:25 GMT
expires
Thu, 10 Nov 2022 07:43:25 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 10 Nov 2022 07:43:25 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3110678047443697000V10&type=rkt&refUrl=&vid=80662044493110678047443697000V10&ovsid=1917759394693106554
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2C73 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Dpba%26refUrl%3D%26vid%3D80662044493110678047443697000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=107972
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 07:43:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 11 Nov 2022 13:42:57 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame C583
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Dapx%26refUrl%3D%26vid%3D80662044493110678047443697000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110678047443697000V10&type=apx&refUrl=&vid=80662044493110678047443697000V10&ovsid=82151895700031269
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3110678047443697000V10&type=apx&refUrl=&vid=80662044493110678047443697000V10&ovsid=82151895700031269
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 07:43:24 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 07:43:24 GMT

Redirect headers

Date
Thu, 10 Nov 2022 07:43:24 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fd740a05-628b-4cc2-b57e-09706be4e0e8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3110678047443697000V10&type=apx&refUrl=&vid=80662044493110678047443697000V10&ovsid=82151895700031269
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame C583
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3110678047443697...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3110678047443697000V10&type=opx&refUrl=&vid=80662044493110678047443697000V10&ovsid=dd80b98f-79a3-4ea2-9364-32af4f745501
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3110678047443697000V10&type=opx&refUrl=&vid=80662044493110678047443697000V10&ovsid=dd80b98f-79a3-4ea2-9364-32af4f745501
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 07:43:25 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 07:43:25 GMT

Redirect headers

date
Thu, 10 Nov 2022 07:43:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3110678047443697000V10&type=opx&refUrl=&vid=80662044493110678047443697000V10&ovsid=dd80b98f-79a3-4ea2-9364-32af4f745501
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame C583
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Dmma%26refUrl%3D%26vid%3D806620444931106780474436...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110678047443697000V10&type=mma&refUrl=&vid=80662044493110678047443697000V10&ovsid=57d5636c-ab9d-4000-a033-439ce896aa9d
45 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3110678047443697000V10&type=mma&refUrl=&vid=80662044493110678047443697000V10&ovsid=57d5636c-ab9d-4000-a033-439ce896aa9d
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 07:43:25 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 07:43:25 GMT

Redirect headers

Date
Thu, 10 Nov 2022 07:43:25 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x5 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3110678047443697000V10&type=mma&refUrl=&vid=80662044493110678047443697000V10&ovsid=57d5636c-ab9d-4000-a033-439ce896aa9d
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 07:43:24 GMT
sync
ads.servenobid.com/ Frame C583
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Dr1%26refUrl%3D%26vid%3D80662044493110678047...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Dr1%26refUrl%3D%26vid%3D80662044493110...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5330125437
  • https://sync.1rx.io/usersync/tradedesk/bf6d1ace-8c1a-4767-8ec3-de81b704f2d4
  • https://sync.targeting.unrulymedia.com/csync/RX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004
  • https://ads.servenobid.com/sync?pid=321&uid=RX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004
date
Thu, 10 Nov 2022 07:43:27 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX0fc6eb3f40764ab7852d3af5222d0db4004
content-type
text/html
cksync
cs.media.net/ Frame C583
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzExMDY3ODA0NzQ0MzY5NzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEDYRFSqkmqPoWlMsH2RM80Y&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEDYRFSqkmqPoWlMsH2RM80Y&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:25 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Thu, 10 Nov 2022 07:43:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEDYRFSqkmqPoWlMsH2RM80Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame C583
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80662044493110678047443...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80662044493110678...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110678047443697000V10&type=dxu&refUrl=&vid=80662044493110678047443697000V10&ovsid=ceewYElP1OT2dD5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3110678047443697000V10&type=dxu&refUrl=&vid=80662044493110678047443697000V10&ovsid=ceewYElP1OT2dD5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 07:43:25 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 07:43:25 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:24 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0be4466892d3f37f0@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3110678047443697000V10&type=dxu&refUrl=&vid=80662044493110678047443697000V10&ovsid=ceewYElP1OT2dD5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame C583 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
159620
expires
Thu, 10 Nov 2022 00:00:00 GMT
sync
visitor-fra02.omnitagjs.com/visitor/ Frame C583
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=555dc689-7fb0-4275-89a6-380ad5b649a9&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171249703&expires=5
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=b0e07e9c-6179-41d6-a78b-e576e8089484&name=BIDSWITCH
  • https://visitor-fra02.omnitagjs.com/visitor/sync?name=BIDSWITCH&uid=2a62ca3297af454b8f19eb7922ed945f&visitor=b0e07e9c-6179-41d6-a78b-e576e8089484
0
0
cksync.php
contextual.media.net/ Frame C583
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Dzem%26refUrl%3D%26vid%3D80662044493110678047443697...
  • https://stags.bluekai.com/site/23178?id=ZkMS-fkF_lmlYbdgwO1V&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPK2NNGVGLLGNNDF63DNNRMWEZDHO5HTC...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=ZkMS-fkF_lmlYbdgwO1V&refUrl=&type=zem&vid=80662044493110678047443697000V10&vsid=3110678047443697000V10
45 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=ZkMS-fkF_lmlYbdgwO1V&refUrl=&type=zem&vid=80662044493110678047443697000V10&vsid=3110678047443697000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 07:43:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 07:43:26 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=ZkMS-fkF_lmlYbdgwO1V&refUrl=&type=zem&vid=80662044493110678047443697000V10&vsid=3110678047443697000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame C583
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3110678047443697000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3110678047443697000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=4e8432a4-d7cd-4488-a9e7-725aa7756d87&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=4e8432a4-d7cd-4488-a9e7-725aa7756d87&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 07:43:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 07:43:26 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=4e8432a4-d7cd-4488-a9e7-725aa7756d87&cs=1
Date
Thu, 10 Nov 2022 07:43:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame C583 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110678047443697000V10%26type%3Demx%26refUrl%3D%26vid%3D80662044493110678047443697000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.112.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-112-43.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame C583
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:25 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Thu, 10 Nov 2022 07:43:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
xuid
eb2.3lift.com/ Frame 10CB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&dongle=0cfd
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 07:43:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 10CB
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTkxMTA0NTE4MjkwOTUzNjIyMjY%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 10CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBUKi4ZBZd9EKkAl8oQutnY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBUKi4ZBZd9EKkAl8oQutnY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 07:43:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBUKi4ZBZd9EKkAl8oQutnY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 10CB
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTkxMTA0NTE4MjkwOTUzNjIyMjY%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTkxMTA0NTE4MjkwOTUzNjIyMjY%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTkxMTA0NTE4MjkwOTUzNjIyMjY%3D
date
Thu, 10 Nov 2022 07:43:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 10CB
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=19110451829095362226&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=19110451829095362226&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5541c7f8-5965-4114-b955-2cfc98cbcdee&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5541c7f8-5965-4114-b955-2cfc98cbcdee&_noobservation=1&_expected_cookie=5ad02cf...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5541c7f8-5965-4114-b955-2cfc98cbcdee&_noobservation=1&_expected_cookie=5ad02cf8ace0a3cd796118e7b9f96d64
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.101.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Thu, 10 Nov 2022 07:43:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
767d283a3df3a894-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5541c7f8-5965-4114-b955-2cfc98cbcdee&_noobservation=1&_expected_cookie=5ad02cf8ace0a3cd796118e7b9f96d64
date
Thu, 10 Nov 2022 07:43:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
767d2838bc12a894-SYD
content-length
0
xuid
eb2.3lift.com/ Frame 10CB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=19110451829095362226&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=19110451829095362226&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7824899847300015785&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=b0e07e9c-6179-41d6-a78b-e576e8089484&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=b0e07e9c-6179-41d6-a78b-e576e8089484&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 07:43:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=b0e07e9c-6179-41d6-a78b-e576e8089484&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 10 Nov 2022 07:43:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 10CB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/19110451829095362226?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-EkCT3AhE2oSf3l_Pdi672WIEqNw89THMgfoefFRQ_A--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-EkCT3AhE2oSf3l_Pdi672WIEqNw89THMgfoefFRQ_A--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 07:43:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 10 Nov 2022 07:43:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-EkCT3AhE2oSf3l_Pdi672WIEqNw89THMgfoefFRQ_A--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame 10CB
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=19110451829095362226
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=19110451829095362226&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=19110451829095362226&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BV5R6R89WM61ZMASKTQ2
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=19110451829095362226&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 10CB 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=19110451829095362226&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 28BCF20EFD6F4A36B4987005A882771E Ref B: SYD03EDGE0808 Ref C: 2022-11-10T07:43:24Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 10CB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=82151895700031269&dongle=4d58&gdpr=0&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=82151895700031269&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 07:43:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Thu, 10 Nov 2022 07:43:24 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1940acc8-7b21-4a67-9300-cb3904e6da88
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=82151895700031269&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9180 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B2SB_m6tsY-SwHb3crtoP_NCf0AoAAAAAOAHgBAI&bg=!QEOlQwfNAAbvMpMzzzI7ACkAdvg8WtP0buAuiAAg67fGxYaBlj7V92eIP5g3kC6XvZJVOxDK5u19cQIAAABaUgAAAANoAQeZAumdqyB2GVs7dltUADfjdk_Y_4Zvkbvc4imdnp-9Fbme-VG9033jxeae0xBH3HN0tKfrlxts_N8ukOVfc-CJaj5f-1BgQ596xutXIuNbIkuhvfdvGhjv7ad3WdsaakyAlQsgY8bMLIk9v_VOHVz0-IuijJXfuUatiZhp6y7aiAhwhiYAF3WsQuOBZwtug5WFTDMVrc7t2FrhXcYKC-3N5DYSebssg0cqG4SvZuqdQU47sA1oGr2Nyz5iuanUkBxYVjw4duqMafDkC0I8-nBW9zcDM4FvJv-e0bbO-rpz-ywr89UMMVG5uTqw4rgc20xSZv5EEVP8QFZuJRtoQwtFv9DtLlgavBkPwmmgCH6qWKngKbHn1rQUUdDJIZqIAU0MvAd2AiH6Es_PQqDAaTj94fWA8N43wp7PR8hWxvLbdueo0UjyUffyjsCOBm6max_4nXNz0dnYPeLJIhAxKQX8_ga1xnhNG93ZmIgmwXDpSD6Z-rHuSL8sAi6-IZYGLtPo4y0gM4GFud9SC2LTnytkRdeENxE2heOsoxAhbaTZWMSjGxr80ISNsqk28I1YKCOxk6K0YZAfdL7lgx4eXGuzW1kMpQ9P7oCXZp4ArJRkTzBRoQdpMeeN6dGMzOzk1HeIiJiAurZtbfJiNnb8C_T29an71OcQbtOEE3jgVSU4VntIdBKdUHlUf30sueMFBzIx0eNpJJdcI5SrapqwwQ5J8hvk8SukVeLEykzPNNtepUTGsRFGl1_0lBzLasiTvCIA-k4LKlGwkBgu_U2SffM13UwCfrc1AIIu7_Km7JkkY36UqaEh6XgB0Cfxvw3CWo2ml4bNqD-Fccpir8QlfWyjc-LFlmoGUTYs4axSatKtotvS3MYvdHklvooJnhUUAEeEhk0WXiit0-q9nO_owGPl2XK_J2vhHL7cGaVArW339ncrKvmejpCYlZoItGz4MBKP1np8vUVrIX8GDDHjMf6GAjRaZM-cuQ-J0AF8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3BBF 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:24 GMT
AN-X-Request-Uuid
c13834e8-acbc-41b5-b54f-b51e1ae952e2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame C640 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.159.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-159-169.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a34bc6bcfdeda323b647255424315cb1a7400f965cbb4f6864e5b3df47b1b4f3

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 10 Nov 2022 07:43:25 GMT
etag
W/"0c1b1078ba4bc0661342e0b564734deab"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 0655 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
79c99facdbf21558c8d7ac207237237fe8f414f5a0cea20ba022fb629836045a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1398
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 8105 		784 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
7eddd9a6cb033f7bf88e3f3bddc84ecb343203f2375d35af34b3578ce8e41474

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
784
content-type
text/html
date
Thu, 10 Nov 2022 07:43:25 GMT
usermatch
ssum-sec.casalemedia.com/ Frame CEE7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
474e40059bfb63735f2ef649ffb7900847549faa1415e401da4e6e2b8b2f3764

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
767d28346aa0a882-SYD
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 07:43:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHAv9GXSkyli%2BiZGf0y%2FY1gDazaNhAYPYb7NRd7Qp3WY8zVpRbPWO5KgeYdm2KbtU6KWf9Un0HKdFeavMvGF5G5kBConi3RcAPK9Yc3%2FBUXNLpuEib4QK1jtgocZUcRUjOghggFNzMSQgA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1C19
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Nov 2022 07:43:25 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 10 Nov 2022 07:43:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E96D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=107972
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 07:43:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 11 Nov 2022 13:42:57 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame 9567
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=82151895700031269
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=82151895700031269
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Thu, 10 Nov 2022 07:43:25 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
89df69f5-44f7-49cc-8fba-afcbad4cfef3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=82151895700031269
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 9567
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FoHPCLZHh5fIimBXQ06ubDv6
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FoHPCLZHh5fIimBXQ06ubDv6
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:25 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FoHPCLZHh5fIimBXQ06ubDv6
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 9567
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FoHPCLZHh5fIimBXQ06ubDv6
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FoHPCLZHh5fIimBXQ06ubDv6
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Thu, 10 Nov 2022 07:43:25 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FoHPCLZHh5fIimBXQ06ubDv6
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame 9567
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1668066205357
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4109011252
  • https://sync.1rx.io/usersync/tradedesk/bf6d1ace-8c1a-4767-8ec3-de81b704f2d4
  • https://sync.targeting.unrulymedia.com/csync/RX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004
  • https://ads.servenobid.com/sync?pid=321&uid=RX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-0fc6eb3f-4076-4ab7-852d-3af5222d0db4-004
date
Thu, 10 Nov 2022 07:43:27 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX0fc6eb3f40764ab7852d3af5222d0db4004
content-type
text/html
sync
ads.servenobid.com/ Frame 9567
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1917759394693106573
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1917759394693106573
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1917759394693106573
Date
Thu, 10 Nov 2022 07:43:25 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 9567 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 9567
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F20007%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253Dbec707ae-4252-404c-bea1-7aa0cafadbd7%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F20007%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253Dbec707ae-4252-404c-bea1-7aa0cafadbd7%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
date
Thu, 10 Nov 2022 07:43:24 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 9567
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-tRGCP2tE2uERfQJpbnPJalcFmnL_Tp_v4tsI8JE-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-tRGCP2tE2uERfQJpbnPJalcFmnL_Tp_v4tsI8JE-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-tRGCP2tE2uERfQJpbnPJalcFmnL_Tp_v4tsI8JE-~A
date
Thu, 10 Nov 2022 07:43:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ Frame 9567
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUqU2h0dHBzOi8vYWRz...
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F29654%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3Dbec707ae...
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-3b414a2e-2a15-36c1-b99d-088d49c2221e&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
  • https://ssp.disqus.com/match?bidder=12&buyeruid=FoHPCLZHh5fIimBXQ06ubDv6&r=Cid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUq3wNodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMC8yOTY1ND9nZHByPTAmZ2...
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMj...
0
0
sync
ads.servenobid.com/ Frame 9567
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-tRGCP2tE2uERfQJpbnPJalcFmnL_Tp_v4tsI8JE-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-tRGCP2tE2uERfQJpbnPJalcFmnL_Tp_v4tsI8JE-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-tRGCP2tE2uERfQJpbnPJalcFmnL_Tp_v4tsI8JE-~A
date
Thu, 10 Nov 2022 07:43:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame 9549
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8AXhYxbOR6GA2tbngC_VjQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8AXhYxbOR6GA2tbngC_VjQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8AXhYxbOR6GA2tbngC_VjQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FNFPQHEF4N7KWAHTHEMY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8AXhYxbOR6GA2tbngC_VjQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9549
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&gdpr=0&gdpr_consent=&expires=30
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 9549
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENGPcqcuDf6SHx0-RJ0sEIo&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENGPcqcuDf6SHx0-RJ0sEIo&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENGPcqcuDf6SHx0-RJ0sEIo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9549
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xVGdepTbS4-uN5hHM1Kl0w&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xVGdepTbS4-uN5hHM1Kl0w
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xVGdepTbS4-uN5hHM1Kl0w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EFCFGPNTZ57J1PYR2P9P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xVGdepTbS4-uN5hHM1Kl0w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9549
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFBUkpQMlQtMUctRVFCUA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFBUkpQMlQtMUctRVFCUA==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFBUkpQMlQtMUctRVFCUA==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9549
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZCOqoM_FPtaFeK_HAChH-cn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3275496574277721448
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3275496574277721448
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 10 Nov 2022 07:43:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3275496574277721448
content-length
0
setuid
px.ads.linkedin.com/ Frame 9549
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAARJP2T-1G-EQBP
0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAARJP2T-1G-EQBP
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7304C93A6B6441AB9E1334B38BDD1D65 Ref B: SYD03EDGE1619 Ref C: 2022-11-10T07:43:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtGO2qS0IB2z9SJHSjkA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAARJP2T-1G-EQBP
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9549
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDNiNzljYjE2OWQ4N2FhNzM5YmFhMjZiMTVkZTkxOGQ2NmZhZjAwMQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDNiNzljYjE2OWQ4N2FhNzM5YmFhMjZiMTVkZTkxOGQ2NmZhZjAwMQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDNiNzljYjE2OWQ4N2FhNzM5YmFhMjZiMTVkZTkxOGQ2NmZhZjAwMQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
file.mp4
r4---sn-ntq7yns7.c.2mdn.net/videoplayback/id/8f877c055b2c8c49/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699602203/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame DD3E 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-ntq7yns7.c.2mdn.net/videoplayback/id/8f877c055b2c8c49/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699602203/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/83D1B464349D1379757CA7D9715C42433CDE058C.62782B29063FEB45A41073E9507FD67AD1178C84/key/cms1/cms_redirect/yes/mh/lW/mip/116.90.74.196/mm/42/mn/sn-ntq7yns7/ms/onc/mt/1668065804/mv/m/mvi/4/pl/24/file/file.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.152.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s30-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
740fbc6abb0755022063bf4f6be72dfd2b759185dd277f1f0db909dfc225ae7e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

expires
Thu, 10 Nov 2022 07:43:25 GMT
date
Thu, 10 Nov 2022 07:43:25 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-1637835/1637836
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1637836
last-modified
Wed, 23 Mar 2022 20:50:13 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
client-protocol
quic
usermatchredir
ssum-sec.casalemedia.com/ Frame AD67
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0ucNu14KHo5bCZc57SvE8&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0ucNu14KHo5bCZc57SvE8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhCNY7%2Bw%2F90DFoeZ9QPYzbjFrJcwwyrAmbQZY0Lh0NiNWO%2BFCaQ9oNJVj9A1EG1tJ6826PzxpTfrTW2ZIaDoWifPrhiloVHOk4GSh2mHh1gSxrgp6s9l%2Fr7hujgXH%2BAZUuY26USsxGPsXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
767d28377c91a882-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM0ucNu14KHo5bCZc57SvE8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AD67
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&expiration=1670658205&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&expiration=1670658205&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&expiration=1670658205&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame AD67
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y2yrnBf675.BQGUmFgNIngAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOOYwGgtF0r3l1fBHxsnCRg&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOOYwGgtF0r3l1fBHxsnCRg&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOOYwGgtF0r3l1fBHxsnCRg&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame AD67
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B59VF8SPGM69JCFYWMHE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z8T4V3FY6Y5W69N118VV
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
csync.loopme.me/ Frame AD67 		0
0
Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AD67
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
18.142.1.26 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-1-26.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB
date
Thu, 10 Nov 2022 07:43:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
demconf.jpg
dpm.demdex.net/ Frame AD67
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y2yrnBf675.BQGUmFgNIngAA%265313?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2yrnBf675.BQGUmFgNIngAA%265313
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2yrnBf675.BQGUmFgNIngAA%265313
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
54.186.170.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-170-143.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-07125beb1.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
2yPPHvyGQFU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v041-010ffe579.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
dEDfsWHbTTo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y2yrnBf675.BQGUmFgNIngAA%265313
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
us.php
gu.dyntrk.com/adx/ie/ Frame AD67 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.106.69.73 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
htw-pixel.gif
cdn.indexww.com/ht/ Frame AD67 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y2yrnBf675.BQGUmFgNIngAA%265313
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
33133
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
767d2837ee97a823-SYD
content-length
43
expires
Fri, 11 Nov 2022 07:43:25 GMT
Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CEE7 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.1.26 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-1-26.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame CEE7
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=82151895700031269
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=82151895700031269
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 10 Nov 2022 07:43:25 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
44e680f3-1288-48d7-b0fc-5281b92d632f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=82151895700031269
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CEE7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f21c636c-ab9c-4800-a9ef-096eb7353973
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f21c636c-ab9c-4800-a9ef-096eb7353973
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 10 Nov 2022 07:43:25 GMT
Server
MT3 162 58fc253 master hkg-pixel-x1 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f21c636c-ab9c-4800-a9ef-096eb7353973
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 07:43:24 GMT
rum
dsum-sec.casalemedia.com/ Frame CEE7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7899739521075907908
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7899739521075907908
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7899739521075907908
pragma
no-cache
date
Thu, 10 Nov 2022 07:43:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame CEE7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=6MjTOHNtSvtww2vhhmwXNnRaSsQ
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=6MjTOHNtSvtww2vhhmwXNnRaSsQ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=6MjTOHNtSvtww2vhhmwXNnRaSsQ
Date
Thu, 10 Nov 2022 07:43:26 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame CEE7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y2yrnQAAACEclwAW
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y2yrnQAAACEclwAW&_test=Y2yrnQAAACEclwAW
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y2yrnQAAACEclwAW&_test=Y2yrnQAAACEclwAW
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-mel11266-MEL
pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668066206.864524,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y2yrnQAAACEclwAW&_test=Y2yrnQAAACEclwAW
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
csync.loopme.me/ Frame CEE7 		0
0
crum
dsum-sec.casalemedia.com/ Frame CEE7
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1683704605&external_user_id=b73cf5c5-9ac5-4c8f-aaaf-a30420736b94
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1683704605&external_user_id=b73cf5c5-9ac5-4c8f-aaaf-a30420736b94
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Thu, 10 Nov 2022 07:43:25 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1683704605&external_user_id=b73cf5c5-9ac5-4c8f-aaaf-a30420736b94
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
sync
ads.servenobid.com/ Frame CEE7 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0655
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGB-XuQsrDHW_L-nVZFV_4zDlrS_fIWPYg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGB-XuQsrDHW_L-nVZFV_4zDlrS_fIWPYg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGB-XuQsrDHW_L-nVZFV_4zDlrS_fIWPYg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 0655 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame 0655
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=f21c636c-ab9c-4800-a9ef-096eb7353973&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=f21c636c-ab9c-4800-a9ef-096eb7353973&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 07:43:25 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=f21c636c-ab9c-4800-a9ef-096eb7353973&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 07:43:24 GMT
/
onetag-sys.com/match/ Frame 0655
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LAARJP2T-1G-EQBP&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LAARJP2T-1G-EQBP&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LAARJP2T-1G-EQBP&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
/
onetag-sys.com/match/ Frame 0655
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=82151895700031269
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=82151895700031269
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 07:43:25 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
19b182d2-57f2-422d-bde0-8317ec46dda0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=82151895700031269
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0655 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=ieedz1eVSTuPwT6-jxzKRcOFRRP-IjUN2NzzqYvR6WE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 0655
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=7727628708377415441
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=7727628708377415441
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=7727628708377415441
date
Thu, 10 Nov 2022 07:43:24 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 0655
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=4t_61HeVIRJ89wiFNHbBRdtnwUZe8yrmqz3gqDv9yQU
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=4t_61HeVIRJ89wiFNHbBRdtnwUZe8yrmqz3gqDv9yQU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MH38JWEB7A8HJJ0YGDM5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=4t_61HeVIRJ89wiFNHbBRdtnwUZe8yrmqz3gqDv9yQU
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 0655
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0IzQUZEQUItNzQxRC00ODg0LTkzMjctNjBBRUJCNTc2RjA3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
date
Thu, 10 Nov 2022 07:43:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 0655
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMRarS-N5C10YkwELMgSXvY&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMRarS-N5C10YkwELMgSXvY&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMRarS-N5C10YkwELMgSXvY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 0655
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-tRGCP2tE2uERfQJpbnPJalcFmnL_Tp_v4tsI8JE-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-tRGCP2tE2uERfQJpbnPJalcFmnL_Tp_v4tsI8JE-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-tRGCP2tE2uERfQJpbnPJalcFmnL_Tp_v4tsI8JE-~A
date
Thu, 10 Nov 2022 07:43:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 0655
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
/
onetag-sys.com/match/ Frame 0655
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8651013d-a20b-4489-b92f-ed7279ff94fa&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=b0e07e9c-6179-41d6-a78b-e576e8089484&gdpr=&gdpr_consent=&us_privacy=
0
0
sync
ads.servenobid.com/ Frame 0655 		0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=ieedz1eVSTuPwT6-jxzKRcOFRRP-IjUN2NzzqYvR6WE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame E96D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1228689&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
01427c02f09a8144495f4db49603a42401be37b060cc0910e2eae66e62015688

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 07:43:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
csi
csi.gstatic.com/ Frame DD3E 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~laarjs51&c=1394850335265&slotId=697425167632.5&qqid=COqz7-qOo_sCFbqI2AUdvkoLNg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=676&mt=video%2Fmp4&vs=854x480&ple=1&umsem=0&event_name=first_play&asset_bytes=193927&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.204.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ti-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIpOqU7I6j-wIVPa5LBR186AeqEAAYACCB_bFVOhoI4Nu_7gIQv_q7xKIEGICvrOEDINT68JHjEEITCOqz7-qOo_sCFbqI2AUdvkoLNg;dc_rmcid=CAQSOwDq26N9SEVe5UMMTi_DmDMJu8OignIxNm7IRZ3tqmRH4T9Se5iFYaTpIc7BkuLsBTez8IG...
ade.googlesyndication.com/ddm/activity/ Frame DD3E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpOqU7I6j-wIVPa5LBR186AeqEAAYACCB_bFVOhoI4Nu_7gIQv_q7xKIEGICvrOEDINT68JHjEEITCOqz7-qOo_sCFbqI2AUdvkoLNg;dc_rmcid=CAQSOwDq26N9SEVe5UMMTi_DmDMJu8OignIxNm7IRZ3tqmRH4T9Se5iFYaTpIc7BkuLsBTez8IGcU4ZKTy8BGAEgEw;eps=CIBhEAEYHTICigI6AoBA;met=1;acvw=sv%3D941%26v%3D20221107%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D49473948%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668066205441;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DD3E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCCUvmKtsY-qHL7qR4t4PvpWtsAPdoPaZbdT68JHjELfLor3AARABILqEwDNgq-yxheAYoAGD3taSAcgBBakCYDFZDRzCoz6oAwHIA5sEqgTsAU_Qu2auuo_ntvApepYH15UemxvHtW-V1H82pQu26pNp_IoyMkZv6mFVN4k6sS8Gn7BKSYuz6Q2LeCU4ovjpbHTYqGXnrI0nPpwg3ud-6rFV1D-ylGVTizOAk3GdwlK-ZUcUeFaUfPZoltL7Ox-u5Q9HJn6ehS6WkcAk7BbBZCEenNsn6MivlZIGSAoV0BS5Fe-SWiUeeCT-6rAcElv3jrC490swO015d_btC-VtuTtpOD9cUkfZsnnnd2_QmaSOoiTrJs6eHdgHm9BDN9U7NTwCj20jQ4HNtCm-TKQzn2MWAoiQ7Hx6T_FwE7sfwAS_-rvEogTgBAOQBgGgBnaAB-Whqe0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAeALAYAMAbAT6e6JEcgTgK-s4QPQEwDYEwqIFA7YFAHQFQH4FgGAFwE&sigh=SC8Fw8UIIfE&label=part2viewed&ad_mt=5&acvw=sv%3D941%26v%3D20221107%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D49473948%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668066205441
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DD3E 		0
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsusE7sCN9_R2ljFQI5Pgh6JuFGwQid6_WErf_bKsxVmwd8ztSuNnjgWUC3KcqP3zdQ2blWUY4qObysiaDqZ_oeK3OwEWivTJpNyE5V31aiGDZ1WUgnhqEl86c2uTTNqwfp7iL-VPomiXBCNqumtxrHQFXHyupORWs-2m4LhbPzyUgBOfb0njOBkyGGMLKW5VTyerfTkGvyQveg4FJwJhRO4792bBs88F5k2DCvN-CiJSkyKWLTL2jmgazt76FFP1XLm5ov4y3uJO2c_430rnkBTQmytTPcM831M3DgIDkYLwo6O_yOTFUdQKkTZZhWgoohn3NvlwHrzA3wXGmTK36E8a4JPAw261to4S8yGxQwO_N2fpXS4WxlNRThVZKg_cbdlqV1wpLZmJRVMLnWb0vrzojQEVh8Wp6QPzpZESuLO3wKISiWWYv2MxTOtuyi4cF0Y6dbx1FpA7j-G_-0J04c8uA_G-LnN9I-8ImdvNLKRJBwO2Y5jtZ5UCXffifojgowQlFmzQPiiQuwxyDMmUbAE3AIF8zfaChzfBaAvUEAMS5B1kqw7_PgjKB6MSbc1WQeq1830HHIdj5MyOaMa90koM1tznDoH_6S72Imi0Cy9apUlUHBwp0B0Oz1nYic-wtah4CFDZkE5tBGwz6A4oqxL50v1-pbgCnU6f_qCRzYgfXiKHsUeVTE9SnHQdasLYbVfbT7Mqf1A0qN2GnKS7q_9TxlckFY7rr2gHWDeyNMTPqcRaNIWbipZWstHSaSKSCQjXFS85q6wdobdAPCoR1dJR_p9LwCaQmqN8sBifQM4RTHQ3PXsX9C47sf0c3Ci8bBuX3LES9RUnnoqMzDw4FRRaEb1aBR895eYlta3YW5jI2rMI2mM4Fe7Hmo9y6O1dlcvGu6eb8-3uTe53thkANuDpxYwxrPbPwS3mMF6iA36y22934vMgLZBz2QssAe8BAvt8rU7suS6p-jZGWrkB6NnrrbWfXnhSrppGcs1Gtbkn17VKEurZUqHxUYmqdIkQ3neAMU8yS8jkEEQ0TzknmM-GQaQdxfiVVpiDt81nHN573ko0Ve-BN1fsFexe4NWE8uHdsbCkexHn_CN7C9LdVh2tM26sDREcoDO-tuwwJhf74dgZ7-cBt2rDrm0GDZu2RbiGob0d-604mkM_x1PcZ6HuMWauBJdnXm6JA_EeHQ2Mgw4XI0xfUDwUBkOqNpTu8D_HS1xWt1soZIo&sai=AMfl-YTKSJJed1FhTjMuyGTf8p8FiFeAJQPJ4TKSXQYcw23TEgtxqwcw7jCyXWsdYYiL_pqqQopXxpu6w8qPvsYyt0jDUR_Gth14ypRIejFwTR0QVzf7yILsBo7Ux8yC1963aTBcWOuwoo4FWeAUYW-ebpkjYSKbh_3DfspwiI5Zz4RcVNq93cOp3-HXrP-N7ZsAgDG58NRyajTPShWApFW7F3Kjnz9SLJ_MkI4ycEoqkfIqGlPiUaRIKsIXRv_IP4Ie20xiek0DgQc&sig=Cg0ArKJSzM5jogoZDStAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 10 Nov 2022 07:43:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
imp
www.adtrek.co/adserver/ Frame DD3E 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adtrek.co/adserver/imp?cc=708e75a4-eb8d-4641-99bb-0ef652097426
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.237.117.95 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-237-117-95.ap-southeast-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 07:43:23 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
rum
dsum-sec.casalemedia.com/ Frame DD3E
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICEODbv-4CGL3YwdQBIAEwAQ&v=APEucNV-IRZKXiqEos-wySE6mztfL83Sg4ynPd9eAgc8hpRs6jAm30RxTjh5Lbhgq2L9QZ4M_NH5sXhfmIjPtVWDxKFtPVXoWA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOOYwGgtF0r3l1fBHxsnCRg&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOOYwGgtF0r3l1fBHxsnCRg&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOOYwGgtF0r3l1fBHxsnCRg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DD3E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIpOqU7I6j-wIVPa5LBR186AeqEAAYACCB_bFVOhoI4Nu_7gIQv_q7xKIEGICvrOEDINT68JHjEEITCOqz7-qOo_sCFbqI2AUdvkoLNg;dc_rmcid=CAQSOwDq26N9SEVe5UMMTi_DmDMJu8OignIxNm7IRZ3tqmRH4T9Se5iFYaTpIc7BkuLsBTez8IG...
ade.googlesyndication.com/ddm/activity/ Frame DD3E 		42 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpOqU7I6j-wIVPa5LBR186AeqEAAYACCB_bFVOhoI4Nu_7gIQv_q7xKIEGICvrOEDINT68JHjEEITCOqz7-qOo_sCFbqI2AUdvkoLNg;dc_rmcid=CAQSOwDq26N9SEVe5UMMTi_DmDMJu8OignIxNm7IRZ3tqmRH4T9Se5iFYaTpIc7BkuLsBTez8IGcU4ZKTy8BGAEgEw;eps=CIBhEAEYHTICigI6AoBA;met=1;acvw=sv%3D941%26v%3D20221107%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D49473948%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668066205441;ecn1=1;etm1=0;eid1=200101;
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DD3E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteYjUpUGkqDPf70v6dVb7Ndw4SbpO4xJg-VObW6J293vMHA5M90-jb8EvZMijbbSrop_au88DuhjQrjbe1zARdPqU_BqKEY7TlWxeRMW5E0G5-K2XhQ2hdaI6g3IoIv9PJOYw&sai=AMfl-YRz_vebjoNyPqjCZ1E67p03SsFU67VzNEzSyHEizt2pCB6yuYoxLXUu55YImIkk0rkNZg2uEg65Y7J-4PatPqHf88vyjYbcVz3z_ZTHbuRhxp6mY0HW2mx5yIMmrA&sig=Cg0ArKJSzJbnYZmHX3pVEAE&cid=CAQSOwDq26N9SEVe5UMMTi_DmDMJu8OignIxNm7IRZ3tqmRH4T9Se5iFYaTpIc7BkuLsBTez8IGcU4ZKTy8BGAEgEw&id=lidarv&acvw=sv%3D941%26v%3D20221107%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D49473948%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668066205441&avm=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DD3E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CCCUvmKtsY-qHL7qR4t4PvpWtsAPdoPaZbdT68JHjELfLor3AARABILqEwDNgq-yxheAYoAGD3taSAcgBBakCYDFZDRzCoz6oAwHIA5sEqgTsAU_Qu2auuo_ntvApepYH15UemxvHtW-V1H82pQu26pNp_IoyMkZv6mFVN4k6sS8Gn7BKSYuz6Q2LeCU4ovjpbHTYqGXnrI0nPpwg3ud-6rFV1D-ylGVTizOAk3GdwlK-ZUcUeFaUfPZoltL7Ox-u5Q9HJn6ehS6WkcAk7BbBZCEenNsn6MivlZIGSAoV0BS5Fe-SWiUeeCT-6rAcElv3jrC490swO015d_btC-VtuTtpOD9cUkfZsnnnd2_QmaSOoiTrJs6eHdgHm9BDN9U7NTwCj20jQ4HNtCm-TKQzn2MWAoiQ7Hx6T_FwE7sfwAS_-rvEogTgBAOQBgGgBnaAB-Whqe0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAeALAYAMAbAT6e6JEcgTgK-s4QPQEwDYEwqIFA7YFAHQFQH4FgGAFwE&sigh=SC8Fw8UIIfE&label=vast_creativeview&ad_mt=5&acvw=sv%3D941%26v%3D20221107%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D49473948%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1668066205441
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame DD3E 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~laarjtgp&c=1394850335265&slotId=697425167632.5&qqid=COqz7-qOo_sCFbqI2AUdvkoLNg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=676&mt=video%2Fmp4&vs=854x480&dm=15000&met.4=ff.3r0~videopreviewstarted.3r2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.204.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ti-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:25 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 8105 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=9019358801462185955&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 8105
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=dXrBHUDEzRGl&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=dXrBHUDEzRGl&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 10 Nov 2022 07:43:26 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=dXrBHUDEzRGl&ev=1&pid=560288&gdpr_consent=&gdpr=0
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-79d45ddf-t9bxk
expires
-1
711890.gif
id.rlcdn.com/ Frame 8105 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
rtb-csync.smartadserver.com/redir/ Frame 8105
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=ZkMS-fkF_lmlYbdgwO1V&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC...
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=ZkMS-fkF_lmlYbdgwO1V
43 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=ZkMS-fkF_lmlYbdgwO1V
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 10 Nov 2022 07:43:26 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Content-Type
text/html; charset=utf-8
Location
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=ZkMS-fkF_lmlYbdgwO1V
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame 8105
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACwfE7G2VcAACBJvozevQ&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACwfE7G2VcAACBJvozevQ&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 10 Nov 2022 07:43:26 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACwfE7G2VcAACBJvozevQ&gdpr=0
Date
Thu, 10 Nov 2022 07:43:26 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame C640
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=82151895700031269
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=82151895700031269
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Thu, 10 Nov 2022 07:43:26 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ee34df52-d052-419a-8ac2-9656be4fcad2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=82151895700031269
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame C640
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_6ffa76bd-180e-4a8a-96b7-317a5874ceaf&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=0&user_id=&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=b0e07e9c-6179-41d6-a78b-e576e8089484
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=b0e07e9c-6179-41d6-a78b-e576e8089484
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=b0e07e9c-6179-41d6-a78b-e576e8089484
Date
Thu, 10 Nov 2022 07:43:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame C640
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bed634f2-284a-4f77-4245-cd14483ce843$ip$116.90.74.196
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-bed634f2-284a-4f77-4245-cd14483ce843$ip$116.90.74.196
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-bed634f2-284a-4f77-4245-cd14483ce843$ip$116.90.74.196
Date
Thu, 10 Nov 2022 07:43:26 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame C640
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_6ffa76bd-180e-4a8a-96b7-317a5874ceaf&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=ZkMS-fkF_lmlYbdgwO1V&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WTLJVJS2ZTLIZPWY3LMLFRGIZ3XJ4YVM...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=ZkMS-fkF_lmlYbdgwO1V&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=ZkMS-fkF_lmlYbdgwO1V&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=ZkMS-fkF_lmlYbdgwO1V&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame C640
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1668066205667
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6214185625
  • https://sync.1rx.io/usersync/tradedesk/bf6d1ace-8c1a-4767-8ec3-de81b704f2d4
  • https://sync.targeting.unrulymedia.com/csync/RX-1ca1f581-9d5a-4b13-8c2d-99ebc54be868-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-1ca1f581-9d5a-4b13-8c2d-99ebc54be868-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-1ca1f581-9d5a-4b13-8c2d-99ebc54be868-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-1ca1f581-9d5a-4b13-8c2d-99ebc54be868-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-1ca1f581-9d5a-4b13-8c2d-99ebc54be868-004
date
Thu, 10 Nov 2022 07:43:27 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1ca1f5819d5a4b138c2d99ebc54be868004
content-type
text/html
usersync
usersync.gumgum.com/ Frame C640
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=YDjDtWq3i20p&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=YDjDtWq3i20p&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=YDjDtWq3i20p&ev=1&pid=558355
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-79d45ddf-vb9d5
expires
-1
cookie-sync
sync.outbrain.com/ Frame C640
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28RojUjOjSWoUbzFD-paWSyKSXpWbqfs1XPA81KfItpSlkFgHWdX47K3PqsM5P9JN9%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_6ffa76bd-180e-4a8a-96b7-317a5874ceaf&obuid=ENC(RojUjOjSWoUbzFD-paWSyKSXpWbqfs1XPA81KfItpSlkFgHWdX47K3PqsM5P9JN9)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_priv...
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&obUid=RojUjOjSWoUbzFD-paWSyKSXpWbqfs1XPA81KfItpSlkFgHWdX47K3PqsM5P9JN9&uid=a5bdf917-ad4...
0
0
usersync
usersync.gumgum.com/ Frame C640
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=e2917460-fab6-4c14-9750-5c2c35cbc69b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=e2917460-fab6-4c14-9750-5c2c35cbc69b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 10 Nov 2022 07:43:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=e2917460-fab6-4c14-9750-5c2c35cbc69b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame C640
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Va.xTGFE2pdap43oFoH6lD1E5KCjLYqGH9R0~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-Va.xTGFE2pdap43oFoH6lD1E5KCjLYqGH9R0~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 10 Nov 2022 07:43:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-Va.xTGFE2pdap43oFoH6lD1E5KCjLYqGH9R0~A
content-length
0
usersync
usersync.gumgum.com/ Frame C640
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=2e220cec-2ef6-4d71-b74c-e1e55e216d81
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=2e220cec-2ef6-4d71-b74c-e1e55e216d81
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=2e220cec-2ef6-4d71-b74c-e1e55e216d81
Date
Thu, 10 Nov 2022 07:43:26 GMT
Connection
keep-alive
X-CI-RTID
53e67d76-abf4-428e-b92f-e241e41dc664
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame C640 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.174.27 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:26 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
822093129
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame C640 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame C640
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=af3a6d1a-3e69-4e18-9898-e662ab8a81af
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=af3a6d1a-3e69-4e18-9898-e662ab8a81af
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=af3a6d1a-3e69-4e18-9898-e662ab8a81af
access-control-allow-origin
*
date
Thu, 10 Nov 2022 07:43:26 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame C640
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=9019358801462185955
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=9019358801462185955
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=9019358801462185955
date
Thu, 10 Nov 2022 07:43:26 GMT
content-length
0
sync
ads.servenobid.com/ Frame C640 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_6ffa76bd-180e-4a8a-96b7-317a5874ceaf
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0850 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=107972
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 07:43:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 11 Nov 2022 13:42:57 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame E9A4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 07:43:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Thu, 10 Nov 2022 07:43:25 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 9C29
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=57d5636c-ab9d-4000-a033-439ce896aa9d&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=57d5636c-ab9d-4000-a033-439ce896aa9d&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 07:43:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 10 Nov 2022 07:43:25 GMT
Expires
Thu, 10 Nov 2022 07:43:24 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4629 97bee97 master hkg-pixel-x8 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=57d5636c-ab9d-4000-a033-439ce896aa9d&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 938F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y2yrnQAG9LQb5AAT
  • https://usersync.gumgum.com/usersync?b=atm&i=Y2yrnQAG9LQb5AAT&gdpr=0&gdpr_consent=&_test=Y2yrnQAG9LQb5AAT
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y2yrnQAG9LQb5AAT&gdpr=0&gdpr_consent=&_test=Y2yrnQAG9LQb5AAT
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 07:43:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 10 Nov 2022 07:43:26 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y2yrnQAG9LQb5AAT&gdpr=0&gdpr_consent=&_test=Y2yrnQAG9LQb5AAT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11266-MEL
x-timer
S1668066206.021338,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 59EC 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV82ZmZhNzZiZC0xODBlLTRhOGEtOTZiNy0zMTdhNTg3NGNlYWY=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 07:43:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame 593E 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.112.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-112-43.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 10 Nov 2022 07:43:25 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 892A
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y2yrnMCo8XUAADMqLl4AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y2yrnMCo8XUAADMqLl4AAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 07:43:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 10 Nov 2022 07:43:25 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y2yrnMCo8XUAADMqLl4AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
48
X-SO-HostName
m-ad304.dc4p.scaleout.jp
X-SO-IP
116.90.74.196
X-SO-Key
Y2yrnMCo8XUAADMqLl4AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":48,"gdpr":false,"ipv4":"116.90.74.196","key":"Y2yrnMCo8XUAADMqLl4AAAAA","privacy_sensitive":false,"uid":"Y2yrnMCo8XUAADMqLl4AAAAA","upstream_id":"m-ad304"}
X-SO-LB-Hostname
m-tgng38.dc4p.scaleout.jp
X-SO-UID
Y2yrnMCo8XUAADMqLl4AAAAA
X-SO-Upstream-ID
m-ad304
usersync
usersync.gumgum.com/ Frame 69F8
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
  • https://usersync.gumgum.com/usersync?b=aad&i=74822500-8e9b-47da-a9ae-7b967e3c06cf
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=74822500-8e9b-47da-a9ae-7b967e3c06cf
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 07:43:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Thu, 10 Nov 2022 07:43:26 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=74822500-8e9b-47da-a9ae-7b967e3c06cf
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usersync
usersync.gumgum.com/ Frame 49FC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y2yrnBf675.BQGUmFgNIngAA%265313
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y2yrnBf675.BQGUmFgNIngAA%265313
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 07:43:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
767d28392e18a882-SYD
content-length
0
date
Thu, 10 Nov 2022 07:43:25 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y2yrnBf675.BQGUmFgNIngAA%265313
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96xIJepOpcK9vbVececqNyV0BXC0ANhVXfOZdCah89vUSC8%2FmP0OgErPt4Q8OFc8gWxyGxRF24N2VmBYD5MlwO8RPtVqg6OgWFCrDCYvelBZjzJdc0qSOsYGrm5ovcrMCn%2Fr1KYMsPXopw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame AB94
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=uCtac6SHgVIIOB0xP2Hf&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=uCtac6SHgVIIOB0xP2Hf&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 07:43:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 10 Nov 2022 07:43:27 GMT Thu, 10 Nov 2022 07:43:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=uCtac6SHgVIIOB0xP2Hf&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 83EB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Nov 2022 07:43:25 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 10 Nov 2022 07:43:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 1C19 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
dd95d6a50c1ce65fdb92bc63c64046981f475f5913d423a938b127f0a98e8d60

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 07:43:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 05:17:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77639
Connection
keep-alive
Content-Length
9884
Expires
Fri, 11 Nov 2022 05:17:24 GMT
usync.js
eus.rubiconproject.com/ Frame A460 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
dd95d6a50c1ce65fdb92bc63c64046981f475f5913d423a938b127f0a98e8d60

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 07:43:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 05:17:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77639
Connection
keep-alive
Content-Length
9884
Expires
Fri, 11 Nov 2022 05:17:24 GMT
async_usersync
ib.adnxs.com/ Frame 3BBF 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:25 GMT
AN-X-Request-Uuid
1eafbbc3-5ca0-4c27-9744-b13eb181a11c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
097caf205a8140a3879ec4ad82b687a1_cpn_120x600_1.gif
static.criteo.net/design/dt/77429/220428/ Frame 9EA0 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/77429/220428/097caf205a8140a3879ec4ad82b687a1_cpn_120x600_1.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
75048e3d34699db3124e9c31ba437f3574959b8a3fdef9fb378f87bd550d1cca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 14:08:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a9fce-72c4"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
29380
expires
Sun, 05 Nov 2023 07:43:25 GMT
sync
ads.servenobid.com/ Frame 1C19
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LAARJP2T-1G-EQBP
  • https://ads.servenobid.com/sync?pid=323&uid=LAARJP2T-1G-EQBP
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LAARJP2T-1G-EQBP
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LAARJP2T-1G-EQBP
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Expires
0
cksync.php
contextual.media.net/ Frame A460
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LAARJP2T-1G-EQBP
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAARJP2T-1G-EQBP
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAARJP2T-1G-EQBP
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 07:43:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 07:43:26 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAARJP2T-1G-EQBP
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 229E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUn5N7hU2WKHzqAdgOKP6fiq_ZhLNTxjOVRxRCjGgROR8rRxzEFxLwqcjGq3gYErWHo-gNg3FbK6b6pIo1dOjABr4Y&sig=Cg0ArKJSzMSZABe8PZrjEAE&cid=CAASFeRoJY5JaEcmz3qvrw-BProhOxuLXA&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668066201425&rpt=3518&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 30EF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=22DD144A-36EC-49C8-AF8E-9750A0E73917&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=22DD144A-36EC-49C8-AF8E-9750A0E73917&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=22DD144A-36EC-49C8-AF8E-9750A0E73917&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 10 Nov 2022 07:43:26 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 10 Nov 2022 07:43:26 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=22DD144A-36EC-49C8-AF8E-9750A0E73917&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
sync
x.bidswitch.net/ Frame 3B56
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:57d5636c-ab9d-4000-a033-439ce896aa9d&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2485451603664769230
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
sync
x.bidswitch.net/ Frame 32E1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y2yrnQAG9LQb5AAT&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2485451603664769230
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
sync
x.bidswitch.net/ Frame 2BD4
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xrdsxfl8te7
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2485451603664769230
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
/
onetag-sys.com/match/ Frame 4EE0
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=WvJOxg2jQZ1B9kidXaNVxg-kSJBBo06VWvZAtWUT
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Thu, 10 Nov 2022 07:43:26 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame B1E0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=82151895700031269&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
108
content-type
text/html; charset=utf-8
date
Thu, 10 Nov 2022 07:43:26 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.servenobid.com/ Frame C645 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Thu, 10 Nov 2022 07:43:26 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E96D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=It0USjbsScivjpdQoOc5Fw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:26 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=107971
accept-ranges
bytes
content-length
5549
expires
Fri, 11 Nov 2022 13:42:57 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rcs
tags.rd.linksynergy.com/ Frame E96D
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
  • https://pippio.com/api/sync?pid=5324&it=1&iv=957e8e218f4394450b24f831b03abc74e979e3cdf017a3b81d2d81addac8c5c3791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5NTdlOGUyMThmNDM5NDQ1MGIyNGY4MzFiMDNhYmM3NGU5NzllM2NkZjAxN2EzYjgxZDJkODFhZGRhYzhjNWMzNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5NTdlOGUyMThmNDM5NDQ1MGIyNGY4MzFiMDNhYmM3NGU5NzllM2NkZjAxN2EzYjgxZDJkODFhZGRhYzhjNWMzNzkxNDI2YjU0MTdkY2UyMRAAGgwIn9eymwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
0
0
SPug
image4.pubmatic.com/AdServer/ Frame E96D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=57d5636c-ab9d-4000-a033-439ce896aa9d
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=57d5636c-ab9d-4000-a033-439ce896aa9d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 10 Nov 2022 07:43:26 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=57d5636c-ab9d-4000-a033-439ce896aa9d
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 07:43:25 GMT
/
onetag-sys.com/match/ Frame E96D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjJERDE0NEEtMzZFQy00OUM4LUFGOEUtOTc1MEEwRTczOTE3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
date
Thu, 10 Nov 2022 07:43:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame E96D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIT4br2TfoirTQXQ6sRLAdA&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=22DD144A-36EC-49C8-AF8E-9750A0E73917
date
Thu, 10 Nov 2022 07:43:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
Pug
image2.pubmatic.com/AdServer/ Frame E96D
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0718DF2FD56F4D5BB321A9C98196E6D8
42 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0718DF2FD56F4D5BB321A9C98196E6D8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 10 Nov 2022 07:43:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 10 Nov 2022 07:43:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0718DF2FD56F4D5BB321A9C98196E6D8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 09 Nov 2022 07:43:26 GMT
22DD144A-36EC-49C8-AF8E-9750A0E73917
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E96D 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/22DD144A-36EC-49C8-AF8E-9750A0E73917?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.1.26 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-1-26.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:43:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame E96D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=bf6d1ace-8c1a-4767-8ec3-de81b704f2d4&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2485451603664769230
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
usync.js
eus.rubiconproject.com/ Frame 83EB 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
dd95d6a50c1ce65fdb92bc63c64046981f475f5913d423a938b127f0a98e8d60

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 07:43:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 05:17:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77638
Connection
keep-alive
Content-Length
9884
Expires
Fri, 11 Nov 2022 05:17:24 GMT
usersync
usersync.gumgum.com/ Frame 83EB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LAARJP2T-1G-EQBP
  • https://usersync.gumgum.com/usersync?b=mag&i=LAARJP2T-1G-EQBP
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LAARJP2T-1G-EQBP
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 07:43:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LAARJP2T-1G-EQBP
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb70&_p=5774&cid=222705379.1668066201&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1668066202&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&dt=%E5%85%84%E5%BC%9F%E6%B4%8B%E6%8A%95%E9%AD%94%E5%8A%9B%E4%B8%8B%E9%80%B1%E4%B8%80%E8%BB%8D%E5%85%88%E7%99%BC%E3%80%80%E5%B8%8C%E5%85%8B%E4%BE%86%E8%87%BA%E5%BE%8C%E8%A6%8110%E5%A4%A9%E8%AA%BF%E6%95%B4%E6%9C%9F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIpOqU7I6j-wIVPa5LBR186AeqEAAYACCB_bFVOhoI4Nu_7gIQv_q7xKIEGICvrOEDINT68JHjEEITCOqz7-qOo_sCFbqI2AUdvkoLNg;dc_rmcid=CAQSOwDq26N9SEVe5UMMTi_DmDMJu8OignIxNm7IRZ3tqmRH4T9Se5iFYaTpIc7BkuLsBTez8IG...
ade.googlesyndication.com/ddm/activity/ Frame DD3E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpOqU7I6j-wIVPa5LBR186AeqEAAYACCB_bFVOhoI4Nu_7gIQv_q7xKIEGICvrOEDINT68JHjEEITCOqz7-qOo_sCFbqI2AUdvkoLNg;dc_rmcid=CAQSOwDq26N9SEVe5UMMTi_DmDMJu8OignIxNm7IRZ3tqmRH4T9Se5iFYaTpIc7BkuLsBTez8IGcU4ZKTy8BGAEgEw;eps=CIBhEAEYHTICigI6AoBA;met=1;acvw=sv%3D941%26v%3D20221107%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D2030,0,0,0,0%26mtos%3D2030,2030,2030,2030,2030%26amtos%3D0,0,0,0,0%26mcvt%3D2030%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2192%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D202%26dur%3D15018%26vmtime%3D2199%26dtos%3D2030%26dtoss%3D1%26dvs%3D2030%26dfvs%3D2030%26dvpt%3D2192%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D49473948%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2030;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1668066205441;ecn1=1;etm1=0;eid1=200000;
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DD3E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteYjUpUGkqDPf70v6dVb7Ndw4SbpO4xJg-VObW6J293vMHA5M90-jb8EvZMijbbSrop_au88DuhjQrjbe1zARdPqU_BqKEY7TlWxeRMW5E0G5-K2XhQ2hdaI6g3IoIv9PJOYw&sai=AMfl-YRz_vebjoNyPqjCZ1E67p03SsFU67VzNEzSyHEizt2pCB6yuYoxLXUu55YImIkk0rkNZg2uEg65Y7J-4PatPqHf88vyjYbcVz3z_ZTHbuRhxp6mY0HW2mx5yIMmrA&sig=Cg0ArKJSzJbnYZmHX3pVEAE&cid=CAQSOwDq26N9SEVe5UMMTi_DmDMJu8OignIxNm7IRZ3tqmRH4T9Se5iFYaTpIc7BkuLsBTez8IGcU4ZKTy8BGAEgEw&id=lidarv&acvw=sv%3D941%26v%3D20221107%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D2030,0,0,0,0%26mtos%3D2030,2030,2030,2030,2030%26amtos%3D0,0,0,0,0%26mcvt%3D2030%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2192%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D202%26dur%3D15018%26vmtime%3D2199%26dtos%3D2030%26dtoss%3D1%26dvs%3D2030%26dfvs%3D2030%26dvpt%3D2192%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D49473948%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2030&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1668066205441
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 07:43:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 6707 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=HGzcJMIsEAEBWuZuxF3YZo77f2udaiQoX6swYx725CcOOwdf6hn1-Pk6yU85Eeb6l25vXLZOJxcvBbHWzJt5KekQkEpfOp0Timp9pPR8PwyTWO8zupzAbajza7r2hLXQ2rIOVMhEac-KH1fUJeAeGQOEdSLGBm0fG6Iv3nzIJVlADrpw5Cvk088r_eTj9MjD944ARL3O151uFisQHtzU1VGZQotoojtQFu6hD94jbhfrL4VEt3b4Edh5OyYjnlHL-MKQeQ&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y2yrlAAO5VcAtxThAAyWBBkuiNrupx5q26E30A&u=%7CRWrqyHlyQut43g%2FwsmoP%2BOdW4E9w4XexwyJsqyIQb58%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4N9zppcsUR56vFs1aZ3NwQtFtctLBWsMZy22BTG3pfG8VwKKlKAvcdNlrvq38EQFH5Va9_slx1f04uKHsXIro9pRDCf-EWYd58hNvde5QWhZ6fLFgS4LkRiM05tojSgvnwzFDQYHZllf7hHUQBBvQ_avjv89wEATb1d_3Y-oJnpKTrbe1pEskfPxqQTZU7x3gbvO7NRIHJgdvzRMnrgi5bGnZGZeF0Ttma8oxogo2WwofHESLiLoH07KviTnKmMZbd2577uT6_zMlSB08BrCPwn-TxJgrl3JnvBj53Mlsx94aXlVgnqTj5HI7q78PXtS1TETQqcqPgHQR5SBqID-G4TWFGc2OxUSYvXOMjTd2UBcBwPfZKoWx1VE9oR02WDF2THnTe0ThjbJAd02_5VcR0h-2DEpogv_sw5aYmcAdTpuw7vMTmPZ_F6g98fxBYuhic0elTys2KbojJOnbfqABE1jYrsBgSVUquhWDt5wVHpbfAPCl-lMBE_PAMKsYA9nKBHqpdJZBmAVvvDtMcXe3QUfYDDlufaeWMptRP5-66R4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3kGWlKtsY9fKO-Gp3LUPhKyy-A6Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLgCfZLTJKlPqgDAaoEhgJP0Lp8AXcpYHoKtyzm969VM0PzE3huwPW_xhR4AS5ryrowg0dHGzsZG46wAExdKVvKQhy7Y4fd0fwqNS7jqV0kaMyItTv1pzSHUkUzK0jjV8LL91K_Q-usT2eYs-zVapM4IvpJ3-zNOCTt1n7tar6ZoA6gfvQX8P7TD8CVIcpkQp_Z8rEe32-wSxg0iiLnsYyMzLBvX31AW4zoX7sg8ybKKocBpTMlaFyropSCGMSUhikABhCuj-EfMNaGMUuD65ohkN-ueNOjK3VbZZ2_RfdkPGhGjOzajxgDGclDdpAFWlgSCmHG273ZLbUE22lCHTmj4DjtRsX8oEClZP3GFosRpfSGiODNgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2OthfiY1EZqkmeofoNHKDCfrQUCA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 07:43:27 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.as.criteo.net/ Frame BC00 		0
0
SPug
simage4.pubmatic.com/AdServer/ Frame E96D 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
visitor-fra02.omnitagjs.com
URL
https://visitor-fra02.omnitagjs.com/visitor/sync?name=BIDSWITCH&uid=2a62ca3297af454b8f19eb7922ed945f&visitor=b0e07e9c-6179-41d6-a78b-e576e8089484
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUq3wNodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMC8yOTY1ND9nZHByPTAmZ2Rwcl9jb25zZW50PSZ1c19wcml2YWN5PSZBPWJlYzcwN2FlLTQyNTItNDA0Yy1iZWExLTdhYTBjYWZhZGJkNyZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTl6YzNBdVpHbHpjWFZ6TG1OdmJTOXRZWFJqYUQ5aWFXUmtaWEk5TmlaeVBVTnBaREZaVXpCNldXcFJlRTVIUlhsYVV6QjVXVlJGTVV4VVRUSlpla1YwV1dwck5WcERNSGRQUkdoclRrUnNhazFxU1hsTlYxVnhWVEpvTUdSSVFucFBhVGgyV1ZkU2VreHVUbXhqYmxwc1ltMDVhV0ZYVVhWWk1qbDBURE5PTldKdFRWOWpSMnhyVUZSTk1FNXBXakZoVjFFNVpGZEZkRTB5U1RCTlZGSm9UVzFWZEUxdFJYaE9VekI2VG0xTmVFeFhTVFZQVjFGMFRVUm5ORnBFVVRWWmVrbDVUV3BHYkUxblNVZEVSR2RDSm1KMWVXVnlkV2xrUFElM0QlM0QmdWlkPXVhLTNiNDE0YTJlLTJhMTUtMzZjMS1iOTlkLTA4OGQ0OWMyMjIxZTICDBI4Ag==
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=30&uid=b0e07e9c-6179-41d6-a78b-e576e8089484&gdpr=&gdpr_consent=&us_privacy=
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&obUid=RojUjOjSWoUbzFD-paWSyKSXpWbqfs1XPA81KfItpSlkFgHWdX47K3PqsM5P9JN9&uid=a5bdf917-ad4d-49be-9344-1e6c452000f6
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
tags.rd.linksynergy.com
URL
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
csm.as.criteo.net
URL
https://csm.as.criteo.net/all?cppv=3&cpp=I8RQA8IsEAEBWuZuoLAQZxUO2e04LMPbqmJSNvsqa58aUEIDlWFzj-vRtm3uJzG90-OQo5BnssQTwj3uenP9cFp48jEHC_YdflrpjtuxNsiRxrUI76365mAoF4e8s12EI0woTD7l6wcXyOWDPChW3wZTr5XVp65sY90DtWMwEnHtPooZ6g_mEcbXTtbw6u-I0yPx-ruJsJFZ8STFdJiOaW9MU0-IG4WkbMJthBQDybUIcFOHSUBEzoNkvUbdX_GPDFlqaOBF24adLgtK&sds=2&rev=83376.1&sendBeacon=true
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString function| setImmediate function| clearImmediate object| adRecover object| google_reactive_ads_global_state number| ampAdSlotIdCounter object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter undefined| $ undefined| jQuery string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags function| jqAlias object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| _qevents object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries function| quantserve function| __qc object| ezt object| _qoptions boolean| descriptionPage object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| dataLayer function| gtag object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

138 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQpLX5g8YwCgoIgQIQpLX5g8YwCgoI4gEQpLX5g8YwCgoI5gEQpLX5g8YwCgoIhwIQpLX5g8YwCgkICRCktfmDxjAKCQg6EKS1-YPGMAoKCIwCEKS1-YPGMAoJCF8QpLX5g8YwCgkIHxCktfmDxjA=
.aralego.com/ Name: sspid
Value: 70e82f2e-4c30-3e86-8bdd-5a51bf474921
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: 418c5095-481d-45fc-9627-c77fd622d318
.bg3.co/ Name: __gpi
Value: UID=00000b7913fed48f:T=1668066197:RT=1668066197:S=ALNI_MYvP5WUL8k1VQkyHJ4YyVbXhS7Iew
.adpushup.com/ Name: ap_uid
Value: 574969d0-60cb-11ed-ad50-000d3aa242c0
.adpushup.com/ Name: ap_usid
Value: 574969d1-60cb-11ed-ad50-000d3aa242c0
.doubleclick.net/ Name: IDE
Value: AHWqTUkHLtJ4RQ8rXdufr59q6AT26CHyQNm6XZStmJ7N1bZYFRnQ8-gggdVYi-5V9t4
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: c600ef49-7b24-4bb5-aafd-842999bcf420
.openx.net/ Name: i
Value: c600ef49-7b24-4bb5-aafd-842999bcf420|1668066199
.omnitagjs.com/ Name: ayl_visitor
Value: b86303708db5b28ea53d43eac5b776aa
.rubiconproject.com/ Name: khaos
Value: LAARJP2T-1G-EQBP
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwl9eymwY4AUABSAEQl9eymwYYAA..
.adnxs.com/ Name: uuid2
Value: 82151895700031269
.teads.tv/ Name: tt_viewer
Value: 349607ed-588f-4550-91f5-ed5137733b69
.quantserve.com/ Name: mc
Value: 636cab98-7081b-cce05-b6067
.bg3.co/ Name: __qca
Value: P0-88790483-1668066199613
.bg3.co/ Name: __gads
Value: ID=79d0915ffa0994a6-2267032d34d8004d:T=1668066197:S=ALNI_MZnUgP0vxx0UmPFIiI3pmHFqFDsdw
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1668066202.1.0.1668066202.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.222705379.1668066201
.doubleclick.net/ Name: DSID
Value: NO_DATA
.yahoo.com/ Name: A3
Value: d=AQABBJqrbGMCECjj7mFa-G-Qidd5e9SSEjcFEgEBAQH9bWN2YwAAAAAA_eMAAA&S=AQAAAibdFFuu2QFKcFrQxStosm4
.sharethrough.com/ Name: stx_user_id
Value: e82d2899-e326-4305-9838-7ca166553acf
.dap.fw-ad.jp/ Name: user
Value: b24e53c2-9376-34cc-b174-6722ff522b56
.dap.fw-ad.jp/ Name: gcm_usec
Value: 1668066202898000
.openx.net/ Name: pd
Value: v2|1668066203|jElYiuvOiahI
.adsrvr.org/ Name: TDID
Value: bf6d1ace-8c1a-4767-8ec3-de81b704f2d4
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22da5cbcc0-baef-4846-9ce5-669277b67090%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-10T07%3A43%3A23%22%7D
.3lift.com/ Name: tluid
Value: 19110451829095362226
.adkernel.com/ Name: ADKUID
Value: A8701406061917351773
.zemanta.com/ Name: zuid
Value: ZkMS-fkF_lmlYbdgwO1V
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&163a2215-1bac-4211-88eb-cba2d98dfda9"
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2414:u=1:x=1:i=1668066204:t=1668152604:v=2:sig=AQFTHDji2stLpiSNVLkYXBnVsuo6J5VP"
.yieldmo.com/ Name: yieldmo_id
Value: g4108067a197cf2d831f%7C1668066204278%7C0%7C
.openx.net/ Name: univ_id
Value: 537072971|bf6d1ace-8c1a-4767-8ec3-de81b704f2d4|1668066204286989
.media.net/ Name: visitor-id
Value: 3110678047443697000V10
.socdm.com/ Name: SOC
Value: Y2yrnMCo8XUAADMqLl4AAAAA
.reemo-ad.jp/ Name: deviceIdentifier
Value: PHOchjkaCruYkLcDzKLbEkYNFiCMNgKV
.reemo-ad.jp/ Name: sync_gadx
Value: 1
.casalemedia.com/ Name: CMID
Value: Y2yrnBf675.BQGUmFgNIngAA
.casalemedia.com/ Name: CMPS
Value: 5313
.casalemedia.com/ Name: CMPRO
Value: 5313
.ladsp.com/ Name: cr
Value: 1
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A8701406061917351773
.turn.com/ Name: uid
Value: 7899739521075907908
.linkedin.com/ Name: li_sugr
Value: 5541c7f8-5965-4114-b955-2cfc98cbcdee
.ladsp.com/ Name: smn_uid
Value: Di0dWPbyiIb9uwW8lqy7Vw7_4xTLZ04
.ladsp.com/ Name: lum
Value: CPS4-YPGMBIFCAMQ0AU
.bg3.co/ Name: cto_bundle
Value: gFuMqF9EWWh0RFRZTFA5d3FwU1NnSmxVTTRxOXNQdVhJenBZTlhoUEIwYTlkbmc5ZDZwa0M0czdEZFh3WmolMkZKQ3RCYXk5a3FjcjB5MVZaa1FjQjh2WDQyQTdXQVd6Wm1VSDRuRTl2YWNTYWc2Q2ZnJTNE
.bg3.co/ Name: cto_bidid
Value: cGfHkF9SMnAxQmpHcTRHJTJGbFJNeEJoSUR5bU9NczlENiUyRk9JOEo1TWt4NCUyQm1ISXR0NGFUM3AlMkZ6bVhRUW4yclhaTnljNG5XY0poVWNtcFRpcWclMkZZUG05YVBDd2clM0QlM0Q
.bing.com/ Name: MUID
Value: 3267802612E165E33215927E1371640B
.c.bing.com/ Name: MR
Value: 0
.media.net/ Name: data-a
Value: 82151895700031269~~8
.media.net/ Name: data-o
Value: dd80b98f-79a3-4ea2-9364-32af4f745501~~8
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.a-mo.net/ Name: amuid2
Value: bec707ae-4252-404c-bea1-7aa0cafadbd7
.prebid.a-mo.net/ Name: sd_amuid2
Value: bec707ae-4252-404c-bea1-7aa0cafadbd7
.mathtag.com/ Name: uuid
Value: 57d5636c-ab9d-4000-a033-439ce896aa9d
.ads.pubmatic.com/ Name: KCCH
Value: YES
.bidswitch.net/ Name: c
Value: 1668066205
.bidswitch.net/ Name: tuuid_lu
Value: 1668066205
.w55c.net/ Name: wfivefivec
Value: ceewYElP1OT2dD5
.servenobid.com/ Name: pid_337
Value: y-tRGCP2tE2uERfQJpbnPJalcFmnL_Tp_v4tsI8JE-~A
.servenobid.com/ Name: pid_339
Value: y-tRGCP2tE2uERfQJpbnPJalcFmnL_Tp_v4tsI8JE-~A
.media.net/ Name: data-ttd
Value: bf6d1ace-8c1a-4767-8ec3-de81b704f2d4~~1
.analytics.yahoo.com/ Name: IDSYNC
Value: "198o~287j:194o~287j"
.smartadserver.com/ Name: pid
Value: 9019358801462185955
.servenobid.com/ Name: pid_333
Value: Y2yrnBf675-BQGUmFgNIngAAFMEAAAAB
.media.net/ Name: data-g
Value: CAESEDYRFSqkmqPoWlMsH2RM80Y~~8
.gumgum.com/ Name: vst
Value: a_6ffa76bd-180e-4a8a-96b7-317a5874ceaf
.media.net/ Name: data-mm
Value: 57d5636c-ab9d-4000-a033-439ce896aa9d~~8
.socdm.com/ Name: SOSYNC
Value: anNvbjp7ImdkbiI6MTY2ODA2NjIwNSwib3BlbngiOjE2NjgwNjYyMDR9
.servenobid.com/ Name: pid_318
Value: ieedz1eVSTuPwT6-jxzKRcOFRRP-IjUN2NzzqYvR6WE
.w55c.net/ Name: matchmedianet
Value: 5
.servenobid.com/ Name: pid_312
Value: 82151895700031269
.lijit.com/ Name: ljt_reader
Value: FoHPCLZHh5fIimBXQ06ubDv6
.pubmatic.com/ Name: ipc
Value: 159706^https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID^1^0
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.adsymptotic.com/ Name: U
Value: 5ad02cf8ace0a3cd796118e7b9f96d64
.company-target.com/ Name: tuuid
Value: b73cf5c5-9ac5-4c8f-aaaf-a30420736b94
.company-target.com/ Name: tuuid_lu
Value: 1668066205
.bluekai.com/ Name: bku
Value: ikG99JtgqsBY34LQ
.onetag-sys.com/ Name: OTP
Value: ieedz1eVSTuPwT6-jxzKRcOFRRP-IjUN2NzzqYvR6WE
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmZhYGZmZGBqbmgCAEXymdcQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NDc3tTS2NDGzNDY0MDM1NxbiM9Q1z0osLfFKyQ5N9wsCAKKMms8lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NDc3tTS2NDGzNDY0MDM1NxbiM9Q1z0osLfFKyQ5N9wsCAKKMms8lAAAA
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.bidswitch.net/ Name: tuuid
Value: b0e07e9c-6179-41d6-a78b-e576e8089484
.media.net/ Name: data-rk
Value: 1917759394693106554~~8
.servenobid.com/ Name: pid_317
Value: 9019358801462185955
.media.net/ Name: data-xu
Value: ceewYElP1OT2dD5~~8
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y2yrnQAG9LQb5AAT
.servenobid.com/ Name: pid_309
Value: a_6ffa76bd-180e-4a8a-96b7-317a5874ceaf
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-3b414a2e-2a15-36c1-b99d-088d49c2221e
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 22DD144A-36EC-49C8-AF8E-9750A0E73917
.pubmatic.com/ Name: pi
Value: 162412:2
.pubmatic.com/ Name: DPSync3
Value: 1668643200%3A164%7C1668124800%3A174%7C1669248000%3A197_201
.pubmatic.com/ Name: SyncRTB3
Value: 1669248000%3A13_247_8_7_54_22_3_220_21_71
.mfadsrvr.com/ Name: tuuid
Value: 4e8432a4-d7cd-4488-a9e7-725aa7756d87
.mfadsrvr.com/ Name: c
Value: 1668066205
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMK7iCRej+DloHXrd8oPN4aCe4QFZsXH9fbnu8I4a0uraytzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.demdex.net/ Name: demdex
Value: 41260577659684325881692930556209956651
.id5-sync.com/ Name: id5
Value: 6344db2f-204d-45a4-963f-74989527d734#1668066205661#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.360yield.com/ Name: tuuid
Value: af3a6d1a-3e69-4e18-9898-e662ab8a81af
.360yield.com/ Name: tuuid_lu
Value: 1668066206
.servenobid.com/ Name: pid_324
Value: 1917759394693106573
.quantserve.com/ Name: d
Value: EKIBCwHFJ_ijAA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1ca1f581-9d5a-4b13-8c2d-99ebc54be868-004%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.prebid.a-mo.net/ Name: _sv3_10
Value: 1
.contextweb.com/ Name: V
Value: YDjDtWq3i20p
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1h5e|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b14009b74f57dd0c
.servenobid.com/ Name: pid_310
Value: FoHPCLZHh5fIimBXQ06ubDv6
.rlcdn.com/ Name: rlas3
Value: Kiy9doqizwftIASkr2/oCy/kuBs+kD2hojTpB/WfK9g=
.rlcdn.com/ Name: pxrc
Value: CJ3XspsGEgUI6AcQABIFCOhHEAESBgjtuSsQAA==
.media.net/ Name: data-r
Value: LAARJP2T-1G-EQBP~~1
.casalemedia.com/ Name: CMTS
Value: 5037
.media.net/ Name: data-ze
Value: ZkMS-fkF_lmlYbdgwO1V~~8
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCKyg0_2ovqE7EAUSFgoHcnViaWNvbhILCLK78oCpvqE7EAUSFQoGY2FzYWxlEgsIzOSjg6m-oTsQBRIXCghwdWJtYXRpYxILCLLs-4-pvqE7EAUYASABKAIyCwiY8KS_v76hOxAFOAFaC2FkY29uZHVjdG9yYAI.
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e8c8d338-736d-4afb-70c3-6be1866c1736.OlBlheCQIEUHcBEqMyDlmEzELOtYwBMIvi7ZLVLTBvI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A6MjTOHNtSvtww2vhhmwXNnRaSsQ.mfPkneWqmCKIxRDc0PNXyrJvu1TQihABFm2WqeUfoLw
.mfadsrvr.com/ Name: tuuid_lu
Value: 1668066206
.mfadsrvr.com/ Name: ssh
Value: !medianet,1668066206
.servenobid.com/ Name: pid_316
Value: 22DD144A-36EC-49C8-AF8E-9750A0E73917
.bidr.io/ Name: checkForPermission
Value: ok
.amazon-adsystem.com/ Name: ad-id
Value: AxOBKpxfTE7Fgckwti6-USo

25 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/ae1ee980ebcecf16a40b5005e61b0d16.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/314c45a308aa264d772dd7e07de9d5a0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/5db7b14d16a4d025485174c8eeb18a42.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/f3876b88f18219e3580ee348e4b5d718.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/7960e3769bdaa95034b2affc4d553300.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/c6f9e94bb1d3907d447208a4e6bcb6c9.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/fceb2b073dedb0cbce94fb88f0ad6b5b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202111/a686dd60106b1dbaa0238078c55ce8b1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/8d28d00e2e152c97bb5ff683aaf6365a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/c6f9e94bb1d3907d447208a4e6bcb6c9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/6f0e15131d4fc1432882f34b7bd29963.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/ce4dfca3600a918ab7575ebbdb59a1fe.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/54fa49b5b46c743eeaebd51d9dbca438.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/b606ab6ebb015ebf0c250dc9f3750f16.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/6ab76ee5a4f87f5666ffba690916300c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202107/df789a160206d6f99dfd5891308791ab.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202204/cfdca3f60864826bf6c42a5be015e8d9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202204/8fdf26b239ae23a2fec33aa520351afb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/6ca72e69e0fcca5a2d432628e463aea4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/194fb0f5673d586aedba7dd4148318bd.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/ef1cfd84e085d1247fe07807fce37214.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/ae584d6605ee31a7176fa84a6aad0dc9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1668066196&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiong-di-yang-tou-mo-li-xia-zhou-yi-jun-xian-fa-xi-ke-lai-tai-hou-yao-10tian-diao-zheng-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668066195318&bpp=12&bdt=1894&idt=1035&shv=r20221108&mjsv=m202211030101&ptt=5&saldr=sa&correlator=42457447915&frm=23&ife=1&pv=2&ga_vid=119349499.1668066196&ga_sid=1668066196&ga_hid=1196881040&ga_fc=0&ga_cid=amp-I2fQb6QPPtlTn1g3Hlcx9g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1513&biw=1600&bih=1200&isw=336&ish=280&ifk=641927352&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44776361%2C31070785%2C44770881%2C44775017&oid=2&pvsid=522746669676293&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qlveoaqs175x&btvi=1&fsb=1&dtd=1054
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EveGlvbmctZGkteWFuZy10b3UtbW8tbGkteGlhLXpob3UteWktanVuLXhpYW4tZmEteGkta2UtbGFpLXRhaS1ob3UteWFvLTEwdGlhbi1kaWFvLXpoZW5nLXFpLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

42b468c16f0772d753874c29b744d369.safeframe.googlesyndication.com
6fb2fcae93c8148c33362560d9ed079e.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ade.googlesyndication.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.co.nz
adservice.google.com
ap.lijit.com
aplogger.adpushup.com
b0b34d9644a03a76c35f13e857675187.safeframe.googlesyndication.com
b1sync.zemanta.com
bh.contextweb.com
bi.adpushup.com
bid.g.doubleclick.net
bidder.criteo.com
c.bing.com
c1.adform.net
campaign.adpushup.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
cs.media.net
csi.gstatic.com
csm.as.criteo.net
csync.loopme.me
d-1131636251703099984.ampproject.net
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gcdn.2mdn.net
gdn.socdm.com
google.dap.fw-ad.jp
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
r4---sn-ntq7yns7.c.2mdn.net
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb.openx.net
rtb2-useast.e-volution.ai
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.dsp.reemo-ad.jp
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor-fra02.omnitagjs.com
www.adtrek.co
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
csm.as.criteo.net
csync.loopme.me
onetag-sys.com
simage4.pubmatic.com
sync.go.sonobi.com
sync.outbrain.com
tags.rd.linksynergy.com
visitor-fra02.omnitagjs.com
x.bidswitch.net
103.229.10.211
103.229.206.241
103.231.98.194
103.231.98.195
103.231.98.196
103.231.98.197
104.16.89.20
104.17.24.14
104.18.101.194
104.18.13.76
104.18.19.126
104.211.156.162
104.26.3.91
104.26.5.103
124.146.215.3
124.146.215.45
13.107.42.14
13.112.54.241
13.237.117.95
13.251.2.7
13.33.88.20
13.33.88.61
13.76.45.37
139.5.84.243
142.250.4.102
142.250.4.154
142.251.12.138
142.251.12.154
142.251.12.157
145.40.89.200
15.197.193.217
150.95.47.241
151.101.194.49
152.199.39.108
162.19.138.82
169.197.150.7
172.217.194.155
172.217.194.157
172.217.194.94
172.217.194.97
172.253.118.156
172.253.118.95
174.137.133.49
175.41.187.173
18.142.1.26
18.176.162.247
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
184.51.136.24
184.51.137.72
184.51.240.199
184.51.240.213
185.184.8.90
185.84.60.23
193.122.174.27
198.8.71.131
20.127.253.7
20.212.157.225
204.79.197.200
209.191.163.208
23.106.127.164
23.106.127.165
23.106.127.39
23.106.69.73
23.108.102.145
23.207.185.68
23.41.65.80
23.75.85.227
3.1.247.163
3.113.214.6
3.124.32.217
34.107.148.139
34.246.45.103
34.83.125.63
34.96.71.22
35.166.214.217
35.186.253.211
35.190.60.146
35.213.117.18
35.213.12.39
35.213.93.179
35.244.159.8
42.99.140.144
42.99.140.161
50.116.239.135
51.79.234.100
52.193.190.16
52.222.158.9
52.223.2.229
52.46.128.147
52.74.140.155
52.74.162.2
52.77.194.193
52.94.220.185
54.156.112.43
54.163.172.97
54.186.170.143
54.225.22.7
54.65.159.169
64.120.88.131
68.67.160.132
68.67.160.184
69.16.175.10
69.173.144.139
69.173.158.64
69.173.158.65
70.42.32.95
74.118.186.45
74.125.152.105
74.125.200.132
74.125.204.120
74.125.24.103
74.125.24.132
74.125.24.156
74.125.68.157
74.214.196.131
8.43.72.97
80.77.87.161
84.17.37.44
96.17.188.24
0084ca7a88aec0c511b9bcf65f9cc773673b91d6dc45ddc6b6310c6e778f224a
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01427c02f09a8144495f4db49603a42401be37b060cc0910e2eae66e62015688
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
09043f5795da6b165c6bfccb8012a3a56cf57e557dcf29216c1e796d4c0b9c41
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b3312a7bddc7e21cf8f08f2b6ba5dad959d4a5820712dd134638dab9f2d322e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cfa8294ad03845769516663d1db601b60ed61c80ab85097e7535192133f9c67
0d05d748e2bed6c06d43389b5ce1e231a15bbad2d5b0569106cf95249bc1ae92
0e74fbb4c49a44d222a938012bf4284b6f9484ceb05c828d39b7c84828f1629e
0ebf2f2dde381ca38c07cf6af048157a6cdf7a09ca5e63ce50d7284149f61147
104e5c90694e73639e904311efdf6a48757c67365d084e3a359180dbac5f8a25
1162b5f7c9ab25e2f87ae6ac1149dde1722fbb19bf5ac0bb9f91bfb9d0abc076
14914ef59b38aa18d49fd112303cd93af1db3b37fff247c8ae30865d20ad4e89
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
173fc712efd8c6e8ec03828d39855f3a309549503f9977dd5d104b044e05e462
187ec0bfc9e6695a241fabe8aa7509d189b1e33692f2d3b06d9ff6c1a2997a6e
188e573bf1e6355ef4c477989d3871b5bad7e45ac71628ad3a3139284b1e0229
1a7c85b52c1d0cc548e1b85f34484a75b899a5bb75a07ccbe1944f81c34210d6
1acb35e895471dfebcab67f051876a612e3225e657d0dd6c425745de07cf68e9
1b8c517b05f13da306384f451026638c1adab7e7b54c65cd797e899faf0591c2
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1df3be746c8a2ddb8b1f61e3682bca6ce8c89ff46c329ecaaaa37239432d69e9
1ee809ff73a64ebe6bef729e371e30fd0d12d19bf5f9a9bff665879db16b9e40
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
242e2531a78d8e56d5d28128d0f42cd57380fec64882b16be3731a2034be6fdf
2585f557cb67aa56318cd83cb18a6e2acfcf13f45f5d1e63e8667e2487a9fcdd
258c9d2b5e052bce2c58ae0a9fc6c604f8ffbbc309394cff6c1c5e80e8f08433
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
27bbf9ad6df06090fd39e63d2e35b3b3ade1a2c9dd1a951847b87b488b39493c
28773eab0ad434dac91e3b108b591af1babb2127e67dd671b63a39158322c102
2a6b050dfbee40d9b3dec339c654771ddd057faa8cec3cb3ae9b5b03be10f50f
2bd037f9f631f586d93e29d66841729b13582d28fe3617bb3187ca5ea9d60023
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
330f76ee720927481e92c4f344a43bdf66af209bb74aad6be1ceaf75092928df
35535ca4a830b0ffbc62b8ba9cb1d691bcfd07975c32c9c4461ea595418ebc8e
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36bda3b04bf4ab6284353ade779bcd8b3eb4e245add4ca5df0ff31c25421ff02
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c
3c1886ac9867da46d6c05ca1a0df4d0634b055826d142b12387e0b4fb483ae39
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b44b5dacef2e8a0d3204c2870c2b59cb8313290278a8aba7a609ff0cb93692
45d83d0ce6f8f97c496d1ff4c754c0895288f41b606bbbcef28a5e26e16f7918
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
474e40059bfb63735f2ef649ffb7900847549faa1415e401da4e6e2b8b2f3764
480c6d422ac35b202cb5c0ff3e440a24c46c4d598282004216321f24544ae625
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b1ed19a5f0f8a049e7cdca68bb02de5d372eb60aed652fa865e193c6db3b665
4c4dbcceb84ddb46965d8b423c34822ccb638584ac692e021b383cf43d9a51e0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50c847237a89d2cf8f100aa6356075ba7005c58259946082fe20693ebf9e6b63
5170ddd5d3d676ccb14fdeac7c3b2297949c2bd9dc201432e836578a32e3cdc4
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
5851679578af61edf69e61b02377e26031374cb2fa3a5a56c04ee6148671ec5b
604f202c0ae8882483b3c56a3f82bd2b65ce99b3fe2f7b43ad7801e73d7208c5
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
625f1b97cdbb4f4096fcb3139807be23665c33e061525bbb130184db12ed5861
63000f1d5ddcd10ff7812cf6f2eee53820014c23995b5c2b62919fb0ce6e0a50
6341e53db2e8074394cd434cd60c5a22e05098711d4b3eaf7ae688a6ac6f8fcf
63af0192ee2fd131b1b79cf8097cb830e3dc9b29580fb378fa089bf0340adfc2
65de9f2d2f7527720eea2f9c305ce97c87ee701551fa0041263f81a64fc2bee0
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6866724fec94a84b7c8b80890688fb7136d03a9408c166ae129d7c9bddccc3d3
691c40e37d5de1bed72e94d3a1566e9dc4241a8d222651cda9b2ce6525c17217
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
740fbc6abb0755022063bf4f6be72dfd2b759185dd277f1f0db909dfc225ae7e
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
75048e3d34699db3124e9c31ba437f3574959b8a3fdef9fb378f87bd550d1cca
77aa0b967ed24d9c9b7ce4e0e872caaaba3f64e44f3f5a4820398f387a04f151
79c99facdbf21558c8d7ac207237237fe8f414f5a0cea20ba022fb629836045a
7b1748e516872d3ec44b5f5dd98131d5cf81f6e1821a7a6d0f886bc28720aa23
7eddd9a6cb033f7bf88e3f3bddc84ecb343203f2375d35af34b3578ce8e41474
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
84e6a4b318b3ce55f371111a84a635016e62f5ab2d8e338197e004033a030387
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
89a3cd86231932c1f0588ac9327257c7e7102f9a4252fcaa4ad2269c486a53b1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eceb3b77fb85545a7deaf9b0b5a862291c6ec78d2256c5bdcd35419608d2e26
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
920e8c3df69377992f1bb75d01a759eb085188c39e6b20689b9ff39904afe340
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92ed147fc15d3c39f07e271e6f81abbc19e102bddfd92deea299d5b84bef38a1
961b271fa410e0827ce332295d5703b4abf32163af968d8cdd0bb00120f3e1d2
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
9969c5f8f3057588fba1c56e3cbaafbcd6cc3326eb01a34b4ff955232abaf0c9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d0e17cb55844e78f9d507afd6a371debc8f0cd4a103d39abf7d7ca411ac7730
9d10843b73211d37c1e21416b91114de626394eec8fdfd3ee51ad4de8de89107
9ee8311c6df5503772b2b015688457defeae78a6ef45a76772218cb90cfa328c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a34bc6bcfdeda323b647255424315cb1a7400f965cbb4f6864e5b3df47b1b4f3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
a82c1864ebd3cfc86e785a29c20c4789b97741489708855879c536e4b0eb4ec0
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04e246b3400d83014103bb90d550aa4aaaac9b2b9149a7776aad481b4a0bc0e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b903a1dd4ba4cffdd671974e77e54f6eefd21ab204e608db6db3f31dff94cc2c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9338391e8fd82b612d7b68d8b3957b335090b5d94ef80df781105f1a706e1f
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
c1f38a49aecd4f9150de122e53752ff02a0dcbd3ad77622910d92d2bb7241059
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c281392bbeb49373e180f1771f8e3602f6533bf3408764ef92c265dea7559fcf
c3e473d479b570c98cb31c0e98bb2d7ae6284dbfd0e2631bfa4718b9157fdf8d
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87
caed76943fefb41aabb648e584b7e14e081e313b50589f0e0059094333840278
cce1dc4c1ad4781f13ea8bb2f581ef93efc570a3873187c8f7b0c35747086334
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06330e9a6badbe4a68a04f6a8d0828f49220ece27c8a79f387d7f30bbf93e87
d25748100cd828212b1c129e0e8cf70249c8b147a458db5cad88d9b19159b633
d4023fca92120582334895b2da126f64e5412bbc8c7a8a224c2b101cd162003c
d62f6c51db1ae7cb872a1818cb872a86f36a575ecd08a955120781e8f15f663f
d6e54daf3fc1d4874fc8ae407337f1f751818bc85cac0958d3513ff984496adf
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
dd95d6a50c1ce65fdb92bc63c64046981f475f5913d423a938b127f0a98e8d60
df6e23d546a72a6bbeb1524b4575313b23b2579406be74b3ac8475e21c8e9dec
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
dfac583f9f25785f1b66ad99a4c016f2ddbfc35e564450a3c21720cd4d915c9e
dfcbba70a0e40168406571fbb3e6d405fb815666225f12ed64fd4a17568587b8
e02a47384455078f7cf6531f23ed0be4ed97da8e56064de52fd8a2d366538bfc
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
ec0e03bad7bd027a5722f33d4d0166a6708b91b5a6cd082c823f66aa159f0ed8
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec587886fb7850e267d7d17b2c4611caa8b798b95fbacf7a3a6b77f42c848c65
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ede8dbe92c7c94948ae1e4ff6ac198f8c47f1b8737f60fbed5ecf436cd844f06
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
fb26f04ab22a4926f1252a6438dec3be93862ff3bfcc28a3e9da88c4665c5355
fda78dd6d350cd0f3175f0b9f88accd05c1a821199d84b63d9680553d501bc1f
fdc1455627a624444798f838f59a0cb142eb804f4511b2882846e6b0e4fcdcca
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76