URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-re...
Submission: On November 27 via manual from US — Scanned from NZ

Summary

This website contacted 81 IPs in 12 countries across 97 domains to perform 492 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 69712.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
16 74.125.200.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.200 4637 (ASN-TELST...)
2 69.16.175.10 20446 (STACKPATH...)
18 104.26.2.91 13335 (CLOUDFLAR...)
48 142.251.12.157 15169 (GOOGLE)
3 64.120.88.131 133752 (LEASEWEB-...)
19 56 142.251.10.154 15169 (GOOGLE)
2 142.250.4.97 15169 (GOOGLE)
2 172.217.194.138 15169 (GOOGLE)
7 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
7 142.251.12.154 15169 (GOOGLE)
1 74.125.24.94 15169 (GOOGLE)
5 142.251.10.156 15169 (GOOGLE)
1 20 172.217.194.154 15169 (GOOGLE)
1 13.35.8.85 16509 (AMAZON-02)
3 6 103.229.10.171 16509 (AMAZON-02)
2 182.161.74.19 55569 (CRITEO-AS...)
2 182.161.73.148 55569 (CRITEO-AS...)
31 142.251.10.132 15169 (GOOGLE)
1 104.16.87.20 13335 (CLOUDFLAR...)
7 13 68.67.179.155 29990 (ASN-APPNEX)
1 35.213.117.18 15169 (GOOGLE)
2 52.68.16.50 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
4 54.75.88.22 16509 (AMAZON-02)
1 145.40.89.200 54825 (PACKET)
1 11 35.244.159.8 15169 (GOOGLE)
1 182.161.73.145 55569 (CRITEO-AS...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 13.228.248.223 16509 (AMAZON-02)
1 44.230.16.162 16509 (AMAZON-02)
4 139.99.49.250 16276 (OVH)
3 104.18.33.19 13335 (CLOUDFLAR...)
1 23.50.119.72 16625 (AKAMAI-AS)
1 13.33.33.118 16509 (AMAZON-02)
18 182.161.73.129 55569 (CRITEO-AS...)
2 182.161.73.132 55569 (CRITEO-AS...)
2 34.149.43.113 15169 (GOOGLE)
9 74.125.24.99 15169 (GOOGLE)
3 182.161.73.142 55569 (CRITEO-AS...)
2 52.183.162.69 8075 (MICROSOFT...)
11 142.250.4.148 15169 (GOOGLE)
4 4 103.229.206.240 30419 (MEDIAMATH...)
3 4 34.96.105.8 396982 (GOOGLE-CL...)
8 9 35.213.12.39 15169 (GOOGLE)
4 5 185.84.60.20 198622 (ADFORM)
3 3 34.236.140.33 14618 (AMAZON-AES)
9 21 139.5.84.243 27381 (CASALE-MEDIA)
2 3.104.150.39 16509 (AMAZON-02)
5 8 50.116.239.135 6336 (TURN-US-ASN)
1 3 104.18.24.173 13335 (CLOUDFLAR...)
3 3 35.186.193.173 15169 (GOOGLE)
4 74.125.24.155 15169 (GOOGLE)
6 52.95.128.11 16509 (AMAZON-02)
3 3 35.213.93.179 15169 (GOOGLE)
2 3 77.88.21.90 13238 (YANDEX)
3 182.161.73.136 55569 (CRITEO-AS...)
5 6 15.197.193.217 16509 (AMAZON-02)
1 184.51.240.199 16625 (AKAMAI-AS)
8 23.75.85.227 16625 (AKAMAI-AS)
1 52.84.45.7 16509 (AMAZON-02)
1 172.64.151.162 13335 (CLOUDFLAR...)
3 10 35.71.178.8 16509 (AMAZON-02)
6 23.50.118.44 16625 (AKAMAI-AS)
1 1 124.146.215.44 2514 (INFOSPHER...)
2 2 13.33.88.71 16509 (AMAZON-02)
3 172.64.154.237 13335 (CLOUDFLAR...)
4 4 23.44.27.86 16625 (AKAMAI-AS)
3 184.51.240.213 16625 (AKAMAI-AS)
2 96.17.188.24 ()
2 2 18.136.62.187 ()
1 1 182.161.73.146 55569 (CRITEO-AS...)
2 52.204.4.49 ()
2 2 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.99.194 ()
1 1 23.108.103.8 ()
1 4 52.74.252.98 16509 (AMAZON-02)
2 4 52.46.151.131 ()
1 204.79.197.200 ()
1 35.214.223.115 ()
1 1 34.83.125.63 ()
1 18.139.12.96 16509 (AMAZON-02)
1 104.18.36.94 ()
1 18.177.55.15 ()
1 23.106.127.52 ()
1 13.33.88.48 ()
3 3 52.74.13.196 ()
1 103.231.98.196 ()
492 81
Apex Domain
Subdomains
Transfer
85 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
5fb543f625ea1e3be246c7c2fc8e6709.safeframe.googlesyndication.com
305ead8bb9e1fc2af0134cdb4ec9593a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 182
094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
856 KB
72 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 356
596 KB
27 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 689
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562
dsum.casalemedia.com
26 KB
21 criteo.net
static.criteo.net — Cisco Umbrella Rank: 590
csm.as.criteo.net — Cisco Umbrella Rank: 8601
217 KB
19 bg3.co
www.bg3.co — Cisco Umbrella Rank: 69712
static.bg3.co
14 KB
16 google.com
adservice.google.com — Cisco Umbrella Rank: 121
www.google.com — Cisco Umbrella Rank: 16
5 KB
15 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1272
fastlane.rubiconproject.com — Cisco Umbrella Rank: 607
eus.rubiconproject.com — Cisco Umbrella Rank: 735
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1243
token.rubiconproject.com Failed
pixel.rubiconproject.com Failed
pixel-us-east.rubiconproject.com Failed
36 KB
15 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15271
e3.adpushup.com — Cisco Umbrella Rank: 16583
campaign.adpushup.com — Cisco Umbrella Rank: 33276
aplogger.adpushup.com — Cisco Umbrella Rank: 17520
235 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 276
acdn.adnxs.com — Cisco Umbrella Rank: 764
secure.adnxs.com Failed
29 KB
11 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 332
346 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 806
eb2.3lift.com — Cisco Umbrella Rank: 472
5 KB
11 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 15958
u.openx.net — Cisco Umbrella Rank: 978
us-u.openx.net — Cisco Umbrella Rank: 585
jp-u.openx.net — Cisco Umbrella Rank: 5662
3 KB
11 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 10929
ads.as.criteo.com — Cisco Umbrella Rank: 8457
bidder.criteo.com — Cisco Umbrella Rank: 814
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 8881
gum.criteo.com — Cisco Umbrella Rank: 434
dis.criteo.com — Cisco Umbrella Rank: 786
33 KB
10 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1363
x.bidswitch.net — Cisco Umbrella Rank: 381
6 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 370
217 KB
9 media.net
prebid.media.net — Cisco Umbrella Rank: 1747
contextual.media.net — Cisco Umbrella Rank: 638
cs.media.net
16 KB
8 turn.com
ad.turn.com — Cisco Umbrella Rank: 1083
r.turn.com — Cisco Umbrella Rank: 4504
3 KB
7 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 576
ups.analytics.yahoo.com
3 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 454
3 KB
6 amazonaws.com
s3-ap-southeast-2.amazonaws.com
59 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1294
pixel.quantserve.com — Cisco Umbrella Rank: 908
cms.quantserve.com — Cisco Umbrella Rank: 956
12 KB
6 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 103261
2 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 22678
sync.aralego.com — Cisco Umbrella Rank: 3989
4 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 865
3 KB
5 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2669
public.servenobid.com — Cisco Umbrella Rank: 4760
6 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
236 KB
4 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com Failed
2 KB
4 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 635
image6.pubmatic.com
image8.pubmatic.com Failed
simage2.pubmatic.com Failed
image2.pubmatic.com Failed
image4.pubmatic.com Failed
20 KB
4 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2702
205 B
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 602
3 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 983
3 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8087
46 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3936
980 B
3 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3093
1 KB
3 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5290
687 B
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1168
s.tribalfusion.com — Cisco Umbrella Rank: 2651
2 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1021
1 KB
2 adsymptotic.com
p.adsymptotic.com
479 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 563
1 KB
2 emxdgt.com
cs.emxdgt.com
133 B
2 w55c.net
pm.w55c.net
2 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 16356
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 888
cdn.indexww.com
2 KB
2 adtrek.co
www.adtrek.co — Cisco Umbrella Rank: 129083
19 KB
2 doubleverify.com
tps.doubleverify.com — Cisco Umbrella Rank: 569
314 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 961
770 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 84
502 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 106
78 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 839
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 19192
10 KB
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com
cs.minutemedia-prebid.com Failed
5 KB
1 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com Failed
1 KB
1 gumgum.com
g2.gumgum.com
usersync.gumgum.com Failed
2 KB
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1728
181 B
1 simpli.fi
um.simpli.fi
626 B
1 loopme.me
csync.loopme.me
40 B
1 bing.com
c.bing.com
667 B
1 admixer.net
inv-nets.admixer.net
586 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1060
849 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
634 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1468
502 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3986
visitor.omnitagjs.com Failed
518 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1193
167 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 467
2 KB
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 417976
1 KB
1 ampproject.net
d-1838737222392901985.ampproject.net
0 googleapis.com Failed
fonts.googleapis.com Failed
0 rlcdn.com Failed
idsync.rlcdn.com Failed
id.rlcdn.com Failed
0 ambientdsp.com Failed
cm.ambientdsp.com Failed
0 e-planning.net Failed
ads.us.e-planning.net Failed
0 bfmio.com Failed
sync.bfmio.com Failed
0 krushmedia.com Failed
cs.krushmedia.com Failed
0 betweendigital.com Failed
ads.betweendigital.com Failed
0 sharethrough.com Failed
match.sharethrough.com Failed
0 iqzone.com Failed
cs.iqzone.com Failed
0 lijit.com Failed
ap.lijit.com Failed
0 yieldmo.com Failed
ads.yieldmo.com Failed
0 33across.com Failed
ssc-cms.33across.com Failed
0 creativecdn.com Failed
creativecdn.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 inmobi.com Failed
sync.inmobi.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 clientgear.com Failed
event.clientgear.com Failed
0 demdex.net Failed
dpm.demdex.net Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 disqus.com Failed
ssp.disqus.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
492 97
Domain Requested by
48 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
adx.holmesmind.com
tpc.googlesyndication.com
www.bg3.co
www.googletagservices.com
googleads.g.doubleclick.net
094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
46 cm.g.doubleclick.net 19 redirects googleads.g.doubleclick.net
www.bg3.co
094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
u.openx.net
eb2.3lift.com
g2.gumgum.com
31 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
21 dsum-sec.casalemedia.com 9 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
18 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
18 static.bg3.co www.bg3.co
13 ib.adnxs.com 7 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
ads.pubmatic.com
12 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
cdn.ampproject.org
www.bg3.co
094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
11 s0.2mdn.net static.criteo.net
094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
www.bg3.co
www.adtrek.co
s0.2mdn.net
10 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
cs-rtb.minutemedia-prebid.com
10 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 x.bidswitch.net 8 redirects www.bg3.co
cs-rtb.minutemedia-prebid.com
9 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
8 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
7 adservice.google.com cdn.ampproject.org
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
7 e3.adpushup.com www.bg3.co
6 contextual.media.net cdn.adpushup.com
contextual.media.net
6 match.adsrvr.org 5 redirects cdn.adpushup.com
6 s3-ap-southeast-2.amazonaws.com www.adtrek.co
s3-ap-southeast-2.amazonaws.com
www.bg3.co
6 adservice.google.co.nz securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 ad.turn.com 5 redirects
5 c1.adform.net 4 redirects ads.pubmatic.com
5 www.googletagservices.com googleads.g.doubleclick.net
094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
ssum-sec.casalemedia.com
www.bg3.co
4 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
4 secure-assets.rubiconproject.com 4 redirects
4 us-u.openx.net 1 redirects u.openx.net
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.bg3.co
4 cms.quantserve.com 3 redirects 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
4 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 tr.blismedia.com 3 redirects googleads.g.doubleclick.net
4 sync.mathtag.com 4 redirects
4 onetag-sys.com cdn.adpushup.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
4 adpushup-d.openx.net cdn.adpushup.com
4 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
ssbsync.smartadserver.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 ups.analytics.yahoo.com 3 redirects public.servenobid.com
cs-rtb.minutemedia-prebid.com
3 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 an.yandex.ru 2 redirects www.bg3.co
3 a.sportradarserving.com 3 redirects
3 ipac.ctnsnet.com 3 redirects
3 r.turn.com 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
3 sync.srv.stackadapt.com 3 redirects
3 csm.as.criteo.net ads.as.criteo.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.ads.linkedin.com 2 redirects
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 pm.w55c.net 2 redirects
2 cs.media.net contextual.media.net
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 a.tribalfusion.com 1 redirects 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
2 www.adtrek.co 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
www.adtrek.co
2 aplogger.adpushup.com cdn.adpushup.com
2 tps.doubleverify.com ads.as.criteo.com
2 cat.sg1.as.criteo.com ads.as.criteo.com
2 htlb.casalemedia.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 ads.as.criteo.com googleads.g.doubleclick.net
2 rtb.jp2.as.criteo.com www.bg3.co
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 image6.pubmatic.com ads.pubmatic.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
1 g2.gumgum.com public.servenobid.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 um.simpli.fi 1 redirects
1 csync.loopme.me ssum-sec.casalemedia.com
1 c.bing.com eb2.3lift.com
1 inv-nets.admixer.net 1 redirects
1 dis.criteo.com 1 redirects
1 tg.socdm.com 1 redirects
1 u.openx.net cdn.adpushup.com
cs-rtb.minutemedia-prebid.com
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 s.tribalfusion.com 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 a.teads.tv cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 prebid.a-mo.net cdn.adpushup.com
cs-rtb.minutemedia-prebid.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 adx.holmesmind.com pagead2.googlesyndication.com
1 305ead8bb9e1fc2af0134cdb4ec9593a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 5fb543f625ea1e3be246c7c2fc8e6709.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d-1838737222392901985.ampproject.net cdn.ampproject.org
1 campaign.adpushup.com www.bg3.co
1 www.bg3.co
0 rtb-csync.smartadserver.com Failed ssbsync.smartadserver.com
0 id.rlcdn.com Failed ssbsync.smartadserver.com
0 fonts.googleapis.com Failed s3-ap-southeast-2.amazonaws.com
0 image4.pubmatic.com Failed ads.pubmatic.com
0 idsync.rlcdn.com Failed ads.pubmatic.com
0 image2.pubmatic.com Failed ads.pubmatic.com
0 cm.ambientdsp.com Failed ads.pubmatic.com
0 simage2.pubmatic.com Failed ads.pubmatic.com
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
0 ads.us.e-planning.net Failed cs-rtb.minutemedia-prebid.com
0 image8.pubmatic.com Failed cs-rtb.minutemedia-prebid.com
0 sync.bfmio.com Failed cs-rtb.minutemedia-prebid.com
0 cs.krushmedia.com Failed cs-rtb.minutemedia-prebid.com
0 ads.betweendigital.com Failed cs-rtb.minutemedia-prebid.com
0 match.sharethrough.com Failed cs-rtb.minutemedia-prebid.com
0 cs.iqzone.com Failed cs-rtb.minutemedia-prebid.com
0 ap.lijit.com Failed cs-rtb.minutemedia-prebid.com
0 ads.yieldmo.com Failed cs-rtb.minutemedia-prebid.com
0 visitor.omnitagjs.com Failed cs-rtb.minutemedia-prebid.com
0 ssc-cms.33across.com Failed cs-rtb.minutemedia-prebid.com
0 cs.minutemedia-prebid.com Failed cs-rtb.minutemedia-prebid.com
0 creativecdn.com Failed g2.gumgum.com
0 cs.admanmedia.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 sync-tm.everesttech.net Failed g2.gumgum.com
ads.pubmatic.com
ssbsync.smartadserver.com
0 sync.inmobi.com Failed g2.gumgum.com
0 ad.360yield.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 match.deepintent.com Failed g2.gumgum.com
0 sync.technoratimedia.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 sync.ipredictive.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 bh.contextweb.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 sync.1rx.io Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 usersync.gumgum.com Failed g2.gumgum.com
0 event.clientgear.com Failed g2.gumgum.com
0 secure.adnxs.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
ssbsync.smartadserver.com
0 dpm.demdex.net Failed ssum-sec.casalemedia.com
0 b1sync.zemanta.com Failed ssum-sec.casalemedia.com
g2.gumgum.com
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 pixel.rubiconproject.com Failed www.bg3.co
eus.rubiconproject.com
0 token.rubiconproject.com Failed www.bg3.co
0 ssp.disqus.com Failed public.servenobid.com
cs-rtb.minutemedia-prebid.com
0 sync.go.sonobi.com Failed public.servenobid.com
cs-rtb.minutemedia-prebid.com
0 rtb.mfadsrvr.com Failed contextual.media.net
cs-rtb.minutemedia-prebid.com
0 stags.bluekai.com Failed contextual.media.net
0 sync.targeting.unrulymedia.com Failed contextual.media.net
public.servenobid.com
492 152

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2
2022-05-20 -
2023-06-21
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
cdn.adpushup.com
R3
2022-09-07 -
2022-12-06
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-04-16 -
2023-04-16
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA
2022-10-19 -
2023-11-19
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA
2022-08-02 -
2023-09-02
a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1
2022-02-14 -
2023-03-17
a year crt.sh
*.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google.co.nz
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2
2022-05-19 -
2023-06-20
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-18 -
2023-01-15
3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-09 -
2023-01-11
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
ads.servenobid.com
Amazon
2022-05-29 -
2023-06-27
a year crt.sh
*.a-mo.net
R3
2022-09-05 -
2022-12-04
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-31 -
2023-01-26
3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-05-04
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
*.omnitagjs.com
Amazon
2022-05-17 -
2023-06-15
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
teads.tv
R3
2022-10-27 -
2023-01-25
3 months crt.sh
quantserve.com
R3
2022-11-11 -
2023-02-09
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-11-08 -
2023-02-04
3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-10 -
2023-01-10
3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2
2022-09-28 -
2023-10-30
a year crt.sh
www.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-11-12 -
2023-02-10
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
tr.blismedia.com
GTS CA 1D4
2022-10-16 -
2023-01-14
3 months crt.sh
www.adtrek.co
Amazon
2022-10-22 -
2023-11-20
a year crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon
2022-09-21 -
2023-09-05
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2022-10-21 -
2023-10-22
a year crt.sh
*.servenobid.com
Amazon
2022-02-06 -
2023-03-07
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
*.emxdgt.com
Amazon
2022-06-03 -
2023-07-02
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2022-11-25 -
2023-05-25
6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-11-08 -
2023-05-03
6 months crt.sh
loopme.com
R3
2022-11-25 -
2023-02-23
3 months crt.sh
d.adroll.com
Amazon RSA 2048 M02
2022-11-08 -
2023-12-07
a year crt.sh
*.gumgum.com
Amazon
2022-05-06 -
2023-06-04
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.minutemedia-prebid.com
Amazon
2022-05-31 -
2023-06-29
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh

This page contains 84 frames:

Primary Page: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Frame ID: 48927975A8524B2A86DF04FA5C8ABE22
Requests: 96 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 58A39C5B2B364FF84EF354C81DC2C455
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: A67AD0681AA97F05A6BBAB58DE3C4D28
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 0F4688E11DA3B1B2635600100DEDE8D0
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 485D2898002CF97336119A6F938CE45B
Requests: 9 HTTP requests in this frame

Frame: https://5fb543f625ea1e3be246c7c2fc8e6709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B3377A69CCAFC5922A00A9BBBD0E985E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669508237&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508235944&bpp=13&bdt=1919&idt=1637&shv=r20221110&mjsv=m202211140101&ptt=5&saldr=sa&correlator=4799427792427&frm=23&ife=1&pv=2&ga_vid=1852690037.1669508238&ga_sid=1669508238&ga_hid=2099637927&ga_fc=0&ga_cid=amp-EK-O7O0gkQfSw33_3wB6fw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1034371593&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44773614%2C31070924&oid=2&pvsid=1713591695959193&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4qyhgm4asang&fsb=1&dtd=1655
Frame ID: E638A1EF2207A4BEDB8E586FA76DC41F
Requests: 1 HTTP requests in this frame

Frame: https://305ead8bb9e1fc2af0134cdb4ec9593a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6FFEA30D98396547AB0D4B524983A357
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Frame ID: 4B4C4A4BF538BDAE14DC502DD8CEBDA4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-17292836151146314371&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3093&oid=2&is_amp=5&amp_v=2211042305000&d_imp=1&c=703336000288&ga_cid=amp-EK-O7O0gkQfSw33_3wB6fw&ga_hid=288&dt=1669508237358&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&bdt=4961&dtd=706&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 703FD7E8CBD32C1B2C5860795BB57075
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C5o8RjqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEmwJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx6PDzcPHn4lv9W0PPBYqitjKm25UMDnKV9WQxlFJA2U9WFmXQa5KgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=PgDnjrhJjm4&uach_m=[UACH]&cid=CAQSGwDq26N9RYgAb91iYfOe9wBYyeV3a5fAfKV57xgBIBM
Frame ID: C18EC68DCFBCC17A0734D50D7DA0E62A
Requests: 7 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KsjgAEJcYKaLdHAAqBrRphmxOFm_xd3Hr5cQ&u=%7CsVDH2n4wXk7oOHfjfEw691mPmKT5a2CbU%2BLFo7ydk8I%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq45pcnQGbwcA40gFrmziGccKeRh2FSn1fnGw2LGgXmJKy08EwpFcFEvDV2zG4rgF-ys_1g6mSAyjrba6mZ8f8BH7mvFNLvNN6yzKGSb9uNqX_vvGMprBn4T3jI75xBaMHOe0S95AM7lmZ8Jlc724VwLyTB8kiLMjix4g7UPYHrOZzfO1N1wxTzjPXTkaFIVKaoVLfLV-zgUqtm3MiVHKsrOZdvuM4d94cpg3dKdnz6gs6vnF-dQcOheFaQT5LTtRhWMCnUNthBnlQQtCnp5BYC5FAWboNCyB_XZSVRcS7bjcnAds63UxCqDj4uIwvQhdhwyYMLHzYkDwakODpFkuwDWZRkYgKjQuKMlSvwUqXGFcotT9pptqU6jKPCDzpHtBpD3V-bA_GdPCgQESL3O6H7PW1Eedc2YSePu2jCiBwcGM2BD7tJCFYAu6fsalnL9oILY2odUTV3CoMlCHTpnpVvYu2mJQwuMFh6e8oFUjj5qLhR-Ow8tNghwOK0D-MdV6kzMz-exLOUucB_UYhFFXigUIGZdqLGZWF5Zsgo_YJzN1LMB6hhdsbumxYrPUq08UPr3oHT8Cr2jP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUw4_jqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEngJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx-HB7FEiUQARCuR-ov18EBvjj2TDOhfSv11jkMuAvXsRQL580NC1AfRGgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ED5_Fc1J3NCq83Z1OEKRzCzhHUQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 42B34B2299B26B5C8E08F0CEB3E618C4
Requests: 11 HTTP requests in this frame

Frame: https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/index.html
Frame ID: 5CEADEF843032762158C3F80D86FB4CD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 032339C78BB35977AAFE6A400BCC6E79
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EB5754C7AC3A45BCA03DB28EE91FD90C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F13A050211283FB0893DC03A9F67A82C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C9A8ABBE1F7CE18BA7B4F872416E525C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508239812&bpp=12&bdt=429&idt=873&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=2517652018912&frm=8&ife=1&pv=2&ga_vid=16333101.1669508241&ga_sid=1669508241&ga_hid=734576642&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C44777948&oid=2&pvsid=663942046339342&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9lkqnh48ukqw&fsb=1&dtd=890
Frame ID: 522F2C1248C66EA85A5CD445AAF9259D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CewyikKyCY9b1Moy0oQP4uZT4BJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAubyxXG4pqY-qAMBqgS3AU_QFj5hfgD7Zv26WRVrL-V6Bg8fiLtxkMK_NGJPTg_tA1ubdGH1cjdx8LTi9bZltK-cQnIuZ_uZLfoeHpwL9ac2-ZQA9nIwWI0BlqXkk04zWfIkK3SmouThs6-yP4zPmfA8m1vScH2S6DgLqYbGoucUWaXSNSJA-YfPlL1lVGZH5NrMUquMnlFOBq09pB91axsJhDxOMxOxavRuIk6ny2zku7T_Mik64_KrsDLyG4j6YsbVQBVn0YAGtdv8ssvQgeppoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=EriqVTteMws&uach_m=[UACH]&cid=CAQSKQDq26N9z6vo7O-9wEju2GKz1z_Wh8PGh8fDHaHn4iCntsFfF_s4-Zy6GAEgEw
Frame ID: DC783C752B76E718D5EDC747EC13AEFB
Requests: 7 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KskAAMutYKaFoMAAUc-OEJVIYCD-hUXv-XDA&u=%7CFs1poHeYXnNSnyvBoXZeBzP7eUYNyH83FXIpLbDc%2B3A%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq5Qb0gtGZhQ2pHyeuyEFKL6Ens0VSz_bcoXWE8W2yLppNDaQnxtdpAclXWLNu7f467qlgc0ydUT0ffGPqUYV_0PZTv5XE59ZAdVW9PCNcYs-OCuL1SGr2k2AyCOty8a4R42rwY0XwkEVp9R0-uMtAIQ048MHKGIc6Yv7OWKBZWU99gOa1FSJD8BBEMkmBBnT_skOIDTbiQOmWH4EH9ly1aTeFdVXnVR_PFR3zw5MpLgpqM_9KC-KwlpafCyXyeDP1LhWTT1fxpTpQQCIlRz6HgfrG66N_rxmopsNLNzRKyQZVlQRuUQlF987X9qe7YczOWFvC5Pl6j9yOcK7BUgvyh97RqZEiQ5ZUfRe-yVtc4AExFqlSK4jfmxBDqzBVMsNU6gE8C7WmN99qynl6c2syTGTSmHoDYttzyWDlqwgH1x5WBSaq6Hu1lDwjVBgGuDHTDuLIElMDXF0ZsU2yG2mTFCBKjJAF5rhWR9DudJMYP8TiwS5NLvv15_LT3yjrLhQxAkX8KA_Dcaio2TLrQzw59J2PJhbVRw9JME9C90SLjgx5Kx0jE2P_0SdhsPssha-Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJojxkKyCY9b1Moy0oQP4uZT4BJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAubyxXG4pqY-qAMBqgS6AU_QFj5hfgD7Zv26WRVrL-V6Bg8fiLtxkMK_NGJPTg_tA1ubdGH1cjdx8LTi9bZltK-cQnIuZ_uZLfoeHpwL9ac2-ZQA9nIwWI0BlqXkk04zWfIkK3SmouThs6-yP4zPmfA8m1vScH2S6DgLqYbGoucUWaXSNSJA-YfPlL1lVGZH5NrMUquMnlFOBq09pB91axtLhh3c1t04FAvnU9BMnfYnkqD1pSMU-xojQ2Ro0jbkTt4yq4QZLrl_jYAGtdv8ssvQgeppoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0OMAcICOsjaWQS4dUdsheQRDdeGQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 5982584D1A2668EC8543AD7064262D51
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8A8142F132204085A183DD8CDD292BCD
Requests: 7 HTTP requests in this frame

Frame: https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/index.html
Frame ID: DEEFE07355701EDEAC706B76A319A36C
Requests: 3 HTTP requests in this frame

Frame: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D7160A76B8038C0B279D8CD5C8575959
Requests: 1 HTTP requests in this frame

Frame: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6182EF4AB1C5C6825F44E03A909CDA56
Requests: 10 HTTP requests in this frame

Frame: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F4D59F629FA3624F6233AD243A4F232F
Requests: 15 HTTP requests in this frame

Frame: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 97D6D04DB0AEF0844C25E234F2B49AF5
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A16F436C63B9282D01632057FC1A635F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 39D271077708873714AF5F0EF17F06D6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICELGQ6u0CGOeI-9UBMAE&v=APEucNX0RMkMtwkmDbJ5Ba8XZbOMmja_qJSkg2Z4lbPIZifVBxabVyF-kYHAGoZ-XrwHoAXB7wV4-qJ7f_VtLMcHPMpd8iL_dQ
Frame ID: 1460ECCFD50A0F5F2480DB2EF80B4C65
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIzeRBCm8U8YlImP2gEwAQ&v=APEucNUW4VDXYSSky7--orhyhW6Qs4DR3rPrbnOugeex2icBKyocPireEY-slXsshvStNvdsYaLy34iLJTkB1r6UnBMV_QM0Jw
Frame ID: 814B6DF19233C631C5823582E474BBE6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGIbTltoBMAE&v=APEucNVNL6xJwzOm4J49-zCx9j4YLwnAr5exbPLk9hzmNQh720f03nuMJIz9CH-Y0ev0qJLMcLVtztaVHoryOfJaGR80ISgTTw
Frame ID: E9EE7E5E830FB145EE97333D64A62E0E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B0B129F4FC2B2B068879D85FB0DB0EEA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A6D24E97BC6AF606B663A9ACE2011CC4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 11DEC842D0FB3C5FDDA72AB923230A6A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FA15F51753478E05403AE555AA128C83
Requests: 2 HTTP requests in this frame

Frame: https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCEy9ckayCY-THONCavQSa9rKwDdKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKqlijH2_WkPqgDAaoE7gFP0NAGsffWgUgIjFgPbdpxz_yNvnYmqO5Hz3Yokpd1P3_qe7eBNz4Mq2tbotg2z1sgeeUnugm1YZLcgFXNyQy9JjTb5QQV-xug5AkEde0v3vE9ungVlFlsbowaMWkr_zeNJE4zS7HKaQ23b7-P6PFLphAE9KtDqKlq-ssK6khGcdsPvpRXciGsB8tbC-mRFEyLi-CjR2I3tSXW4Ajek7-zCYwP1d_dyxwHLTyEY9-6ZXYzCO2XgLAd2MBvjP1uO47dt-2BAASjIkfQCp2HMf0DoQUwSi2X0JVZuBKN3Jq2q_7U3Ne2LANpTiAUBA65wATN78nshgTgBAOQBgGgBk2AB7j91OwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT2-nxEMgTt4yk4QPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw%26sig%3DAOD64_1aiBbSRAyggsJyvx2IZyxq334Avw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-AElV9YGv8kHlif74yCOcwRkTSIs7qkSZJjbwmrm8Wrfxqi4-n9_PlTY3_XnBpsOQDpwozIB8nQTS6HBorQabr2Sfot9D9BE0WAISr-pkd71aDaoYm25MWTnZlq1Jm1-Jl-BV83tgQPljgmyE_rszhY6Rfp02I7dVY0T3RquA2spw5SfIQ%26cry%3D1%26dbm_d%3DAKAmf-C3OQYz_P6yRZFSWsbBGXqV_E9Tcmq2-_FUyh21wq73O2n52RqWB3-pocqftHOxh7WfIPSWbjD07cHJOdntE9DEmNQYkOGpSe32Pn8KxaujUbcKgNAEZegZHBlt-RAbwFdNyCRSqcgaL2MgAUVl22vN80BPg5Jfr8XiiQrauFriuchvjpkv0Y31dufVklMK14dbzw4NQg9gOJucvynfh8bVY5GyAdie11B3BWcBaHX12oP03Wz8a8hYoIdThU6GY0U6G6gLjGzX54hfT3YLpUHblSER7-vDYvUqWXz47W12jXbwj2RjYvpt_GtKfb2cimqB3iLLuAmhDabczx0RH4J5wm0_Z-yLD6RYpX8O7bLlBkhOWmN0nBpbC4jH6z0cq_y0sXUtKcj318bS26V1PMcUWG5BvEZ42iyAOtzgons5lWD7ST7VecFHFSyx4_Ul_1EaVYO5NlaR46lawiWs6MLtIBXJNuTQrAQgkECopB6_PTMMWQnAGAHK6r6v9IwdoNZKz3YVcC1mWTBBJBDygeGkx71pG4TS8oNVfSzLYbsmKvdfq_7ZFsn4vd68vnZUJCenbjvpg5AljkAj8DurHXNXLwX_gXL9-u0Yy6a7fzbVFkvvWvIJIHj7kE2plrmhWOTPCJDxqEQAWpSbF_MtfbWmuQOnxSf9P0nDBaoFJ133pk7je-s%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1669508241926692
Frame ID: F2BDE79C61F5EBB3A367B5FE0A2A27DC
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 44BECDD7A9F10BAFFC8ED8E8908A1C0F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1334218608980B861B33137CC40147C0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E3FFA03AF2598D5BA1E523B7C2473A37
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 20E256EA2C2F46A363D65F4D79F6B2EE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 700AB15AB7DFBF69DCA72CC3171194F7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7D2BD714747208F260CD8135DC18624A
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D7BA05CDFFAFEDB6E58D86A98FC31625
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 51013E0929BFCCAB3AA35654B349CC1A
Requests: 10 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 0A4639CBFD08626CC9BA4F6F87AEDD81
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9C15320A1715E165A88B56DBF1F4EB88
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: C0924675F39A53ABC941A883C33A3CCF
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: AB53AD298AD4A1B0C4FE6742960C9AAF
Requests: 14 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 56B4D62DA755FDD7C949F41CB473EE87
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1669508239788
Frame ID: 0F105FED120085744BFB497A3FA315B6
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/index.html
Frame ID: 2D04CD625B1019F7D82B3F2C1F0FDC01
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F2FD6A0C4BE213A65B9D8904B306E1A9
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: E0273A6D4614D47963F92764B61D09A5
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3125098457444838000V10&type=rkt&refUrl=&vid=95082456093125098457444838000V10&ovsid=1992631737882419638
Frame ID: 4575A9A17E50CB57A75BE1394B339930
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dpba%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3DPM_UID
Frame ID: 6EE411D0579CE0A0C8342C66CB20396E
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 592C72763BD5E1C4BE07DEDC29BE31D2
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 5179B5FE0B35C1FC5F1E817771150053
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 7AA5B5F88131F9D102AA70CEFCE7E5C2
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: AFCCD452016E2475559F05672D12E03D
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: A4BB4E6570617D072AA617674876ED7F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: B0D09BAAFC2C8B14AE0E19CCF8FE895C
Requests: 10 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: AEB98B7CFC93055CBD856A48161ED8BF
Requests: 28 HTTP requests in this frame

Frame: https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: D7E7D68924BDAEB9D093A8E586EE28A1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: E62094B2016E83059EBF2F9F8012AA68
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=34f39761-0016-448c-b60e-9f4dc4c42967
Frame ID: B8F544CF619898F52B0F45B2569FD936
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=88876382-ac92-4300-a95b-e8bf0e6e3a9b&gdpr=0&gdpr_consent=
Frame ID: E92EF08DF5D83C24692CA7E7E317AFE8
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 615C1DE89342642EFCFE0B0F528907CC
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV81MTc1N2ZiMi0zYWE3LTRiYzktYjlmYi0yNjExYjBjNmQ0NWM=&gdpr=0&gdpr_consent=
Frame ID: 20100C693D8751837F82EC851C2D0CA6
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 68B7FE3B488A2A83903A1589D972EFF3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y4Ksl8Co8X8AAGbqL1sAAAAA
Frame ID: A9A00E52347C1127E073DE6C1BD32EC4
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Frame ID: 091E3987799D5086E383706BCDFE08F6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y4KslD7BCQcDcBfYYZ6kdgAA%264731
Frame ID: 98C701FE2AEAA2AA2B3F53F9102EF0FA
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: 9546B1D536D5EDA84A977B47F85B06C3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: E357B7AC6F55C6E6183C6975B7764403
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: F7330F579BAA2A4396CC5EAB9E776CB2
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Frame ID: 156D987572C7744013F6F2119821741B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: 31DD82F930C2283DD9AA6E4DA8177CE4
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=CEB39A7C-DC17-437E-B693-FDD734EFB451&gdpr=0&gdpr_consent=
Frame ID: BEEA847B077E62F541CE236DB8735E72
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:88876382-ac92-4300-a95b-e8bf0e6e3a9b&gdpr=0&gdpr_consent=
Frame ID: 515912B2DA5AC9B999E90F14B2A157EE
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 5745BE97FE02C7591E72EE298F054504
Requests: 1 HTTP requests in this frame

Frame: https://cm.ambientdsp.com/cm/send?vc=pmj
Frame ID: ED222ADCD8F40B53AEB9B443B273B1D2
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Frame ID: 01134AF690C9AC6E461DE6CC86262209
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GQlY1k5ZWdYCDVjRTF5N3BwLAYUCCQHUHVmkp0jD
Frame ID: A9BF6EA96B1C960C97899C16C4839A72
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=CEB39A7C-DC17-437E-B693-FDD734EFB451
Frame ID: 28149BC189E3BC179CB3CFBE0728ED30
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

F-16清晨掛彈執行戰備轉場 C-130載送後勤人力、裝備任務 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

492
Requests

66 %
HTTPS

0 %
IPv6

97
Domains

152
Subdomains

81
IPs

12
Countries

3193 kB
Transfer

8775 kB
Size

76
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 83
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1669508237&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508236123&bpp=12&bdt=2080&idt=1705&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=4799427792427&frm=23&ife=1&pv=1&ga_vid=1334962792.1669508238&ga_sid=1669508238&ga_hid=151034749&ga_fc=0&ga_cid=amp-EK-O7O0gkQfSw33_3wB6fw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1308&biw=1600&bih=1200&isw=336&ish=280&ifk=1214197855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44774649%2C42531705%2C44773613%2C44774653%2C44770881%2C44769661&oid=2&pvsid=506911142357986&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.148wtiv9ohb8&btvi=1&fsb=1&dtd=1721 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Request Chain 166
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECtYGHc_6IHYsI20YiLFk60&google_cver=1&google_push=ASkJ3FaA0OlIJXU0KgbYp5PvVUUhxAClmmhyZ2U2-0Xmlp-Yn4M-bAGcEAXhMPzMesfvjVRpkeTOsakupg3HmCXQHP9YaZdubkBoo305W9aATi7DVrJ-pJgPAJgEhSuuLXgwEs9fUEVR2enKK41FdX75FLU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaA0OlIJXU0KgbYp5PvVUUhxAClmmhyZ2U2-0Xmlp-Yn4M-bAGcEAXhMPzMesfvjVRpkeTOsakupg3HmCXQHP9YaZdubkBoo305W9aATi7DVrJ-pJgPAJgEhSuuLXgwEs9fUEVR2enKK41FdX75FLU
Request Chain 168
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOx08EgLItsFKYD4ctIZHH8&google_cver=1&google_push=ASkJ3FbIfZaNVrdMLOx6ElSp1_gy2p6cbigzeZRz64cpuz-0ELmxdu3b4d9JUEVV_uGxCOFmIM0opdJxZkeKkvqyt2ZXNYds5RHhA21Ac0YXKphQdc37HM2v5c5OJzzspdLyHzurFXql7ssD7lRipfWluc4 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOx08EgLItsFKYD4ctIZHH8&google_cver=1&google_push=ASkJ3FbIfZaNVrdMLOx6ElSp1_gy2p6cbigzeZRz64cpuz-0ELmxdu3b4d9JUEVV_uGxCOFmIM0opdJxZkeKkvqyt2ZXNYds5RHhA21Ac0YXKphQdc37HM2v5c5OJzzspdLyHzurFXql7ssD7lRipfWluc4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbIfZaNVrdMLOx6ElSp1_gy2p6cbigzeZRz64cpuz-0ELmxdu3b4d9JUEVV_uGxCOFmIM0opdJxZkeKkvqyt2ZXNYds5RHhA21Ac0YXKphQdc37HM2v5c5OJzzspdLyHzurFXql7ssD7lRipfWluc4&google_hm=dmp4glmXSE2v0J9xCFmQMg==
Request Chain 169
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN1hL2FgaCQYh9ralHjbiRY&google_cver=1&google_push=ASkJ3FY2Bj6bejcPh3X93rbdBGvWiOFUY-aijiaNCBMXpyxqhAWwsCXS8MZN53WKULrD8-R-HTF4cCNyHRvJ-VZfdPocS8TkSH8JwVaCYqOpqXQ68mDokZySjUfkE0FAO0TDXZ7Kp7_HNjAjO2Rincroqg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN1hL2FgaCQYh9ralHjbiRY&google_cver=1&google_push=ASkJ3FY2Bj6bejcPh3X93rbdBGvWiOFUY-aijiaNCBMXpyxqhAWwsCXS8MZN53WKULrD8-R-HTF4cCNyHRvJ-VZfdPocS8TkSH8JwVaCYqOpqXQ68mDokZySjUfkE0FAO0TDXZ7Kp7_HNjAjO2Rincroqg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIwODc3NjY2ODExMjA5MDA0NA&google_push=ASkJ3FY2Bj6bejcPh3X93rbdBGvWiOFUY-aijiaNCBMXpyxqhAWwsCXS8MZN53WKULrD8-R-HTF4cCNyHRvJ-VZfdPocS8TkSH8JwVaCYqOpqXQ68mDokZySjUfkE0FAO0TDXZ7Kp7_HNjAjO2Rincroqg
Request Chain 170
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDRG44y_20IXy_kjl1h2i_U&google_cver=1&google_push=ASkJ3FZUXkXcj3iZ8nyQwwh6P5zWVVBfCyVo4iz3XHmkPjg626XwKyyn9Gny5sqa-RVdTicQx9IGGKj-JxlSIrlICZA2Hfbw08p3LIPMNZkJPfG7MH5VXC7wTe-ROSz8iOR3ZKFFIVTdrXAApyvLLZV__ZQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dKsCa37UT3F9I8wiSYczX3RaStA&google_push=ASkJ3FZUXkXcj3iZ8nyQwwh6P5zWVVBfCyVo4iz3XHmkPjg626XwKyyn9Gny5sqa-RVdTicQx9IGGKj-JxlSIrlICZA2Hfbw08p3LIPMNZkJPfG7MH5VXC7wTe-ROSz8iOR3ZKFFIVTdrXAApyvLLZV__ZQ
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1&C=1
Request Chain 230
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4KslJo57fvSpcYSHxVRTQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPEJpc56QolU-uP7jI6sKeY&google_cver=1
Request Chain 232
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyODU5ODU1Mzk5MzU4Nzg5Mw%3D%3D
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1&C=1
Request Chain 234
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4KslJo57fvSpcYSHxVRTQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPEJpc56QolU-uP7jI6sKeY&google_cver=1
Request Chain 236
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyODU5ODU1Mzk5MzU4Nzg5Mw%3D%3D
Request Chain 237
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1&C=1
Request Chain 238
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4KslBanxDG98KxwJHjnKQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPEJpc56QolU-uP7jI6sKeY&google_cver=1
Request Chain 240
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyODU5ODU1Mzk5MzU4Nzg5Mw%3D%3D
Request Chain 249
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1&google_push=ASkJ3FamkYe8VwGy-SGB0ZNPTrVrqZfWBs2icaHleofPTQkGvqbPiS2xPbnpXRsW-7kbORan0QEsJHgPfH5tzs6iWxwebbVY7-w33xg7kYlU1xtwfMC92SR0HG9Ahx86mHQsHXUhc6Rs7J1Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE1MzA5MzQ1NDMzMzE2MjE3Mw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1
Request Chain 251
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECtYGHc_6IHYsI20YiLFk60&google_cver=1&google_push=ASkJ3FZE_KbvQO6wysoTM4N1E3ZoT82s2zTAt2QOyp7aVazkpXckg21yehQ8h8sgfe69KDXc1THCjer8dGhEhx24oW__kUbABr5LUEfs4DzthSxs3GDCo3EC_k-mijN3gdsbpiytiUWX-BuC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=iIdjgqySQwCpW-i_Dm46mw&google_push=ASkJ3FZE_KbvQO6wysoTM4N1E3ZoT82s2zTAt2QOyp7aVazkpXckg21yehQ8h8sgfe69KDXc1THCjer8dGhEhx24oW__kUbABr5LUEfs4DzthSxs3GDCo3EC_k-mijN3gdsbpiytiUWX-BuC
Request Chain 252
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEC9n_7K2DO3DRZAbzjuUToo&google_cver=1&google_push=ASkJ3FbzT7m712KewbWA7R-4Dma5S2AJw08wWMszrl3Eh20Lw9ZVp6rLF8_3bnLUmUkTY_8oHoB3wuR7yL4yE2Bo0eCCgGLp7HzURK7QiwD4vCO8NxIuLlSekSz5pcnAIUoZd5M2ds8N5qY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FbzT7m712KewbWA7R-4Dma5S2AJw08wWMszrl3Eh20Lw9ZVp6rLF8_3bnLUmUkTY_8oHoB3wuR7yL4yE2Bo0eCCgGLp7HzURK7QiwD4vCO8NxIuLlSekSz5pcnAIUoZd5M2ds8N5qY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC9n_7K2DO3DRZAbzjuUToo&google_cver=1&google_push=ASkJ3FbzT7m712KewbWA7R-4Dma5S2AJw08wWMszrl3Eh20Lw9ZVp6rLF8_3bnLUmUkTY_8oHoB3wuR7yL4yE2Bo0eCCgGLp7HzURK7QiwD4vCO8NxIuLlSekSz5pcnAIUoZd5M2ds8N5qY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FbzT7m712KewbWA7R-4Dma5S2AJw08wWMszrl3Eh20Lw9ZVp6rLF8_3bnLUmUkTY_8oHoB3wuR7yL4yE2Bo0eCCgGLp7HzURK7QiwD4vCO8NxIuLlSekSz5pcnAIUoZd5M2ds8N5qY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 253
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEB7TxgM6e_zilxjcmi7UpLg&google_cver=1&google_push=ASkJ3FZXs903WV-aLQ5WFlTz89bXJNxl68129cRgcvS2abaRaFz4eKSvQhFovF5040i6BJ-ls9akukCnbw5BlAtGL51oJkVGzy1nRut6qsVIHxuoIFcLVsL6YYwcpThOBYWT5d29pMP-hGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FZXs903WV-aLQ5WFlTz89bXJNxl68129cRgcvS2abaRaFz4eKSvQhFovF5040i6BJ-ls9akukCnbw5BlAtGL51oJkVGzy1nRut6qsVIHxuoIFcLVsL6YYwcpThOBYWT5d29pMP-hGc&google_hm=3mLovL-3QSqP9jWXgFr0OdA
Request Chain 254
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEInWfTGwXEmipSHJKZ3gwV8&google_cver=1&google_push=ASkJ3FbfMUpu2D0RL8_vRGMmeB7zBMNlZwSxar0DAnna-xj0HQ9fix8DV1UnZQVSkFHsGf-9V-J2nRzQ-EOUM5Dv1q9NhOd5k8kv5jkCRfRP4FoYbo18vZRAy_1u4s5KjllH2WA59lQDOUxP HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FbfMUpu2D0RL8_vRGMmeB7zBMNlZwSxar0DAnna-xj0HQ9fix8DV1UnZQVSkFHsGf-9V-J2nRzQ-EOUM5Dv1q9NhOd5k8kv5jkCRfRP4FoYbo18vZRAy_1u4s5KjllH2WA59lQDOUxP&google_hm=hmOCrJFvqI6kCRGi8g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6382AC916FA88EA40911A2F2BLIS
Request Chain 255
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN1hL2FgaCQYh9ralHjbiRY&google_cver=1&google_push=ASkJ3FaykTM6Pc0lk6_jIqK0WOVPhxnnlBpTsVizUFJOQPG_heJY3cb1YyxT3KJfYx61Xoe_B5EW2QsaUTnIQTzifhJvVNybSbSRTOqrD-G_4i5Hq7mXkO-QUCtqar4yU3PvsyLNpkFO90U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIwODc3NjY2ODExMjA5MDA0NA&google_push=ASkJ3FaykTM6Pc0lk6_jIqK0WOVPhxnnlBpTsVizUFJOQPG_heJY3cb1YyxT3KJfYx61Xoe_B5EW2QsaUTnIQTzifhJvVNybSbSRTOqrD-G_4i5Hq7mXkO-QUCtqar4yU3PvsyLNpkFO90U
Request Chain 277
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1&google_push=ASkJ3FaT_NDn32pUAB8XfV1rmuhGkTDQPdDQmDLO3KkTgWlOT_CM0Nh3zw1-Q314BF1A2capa9yFBklm5uWYyP2ErvQa-acdvM8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkwMjkwMzA5NDA3MjUyMTQwNQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1
Request Chain 278
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMxjY1bPZj3Hh1on1Mk1Hx4&google_cver=1&google_push=ASkJ3FZrepsTAraMGygH5CRGBxzP44LVA9gjZFXKZhKG5kVswo6LuCP_KeiaCKNUM7MXZIfPQTou-t41pACsXNhPUB4sFY0n7so HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZrepsTAraMGygH5CRGBxzP44LVA9gjZFXKZhKG5kVswo6LuCP_KeiaCKNUM7MXZIfPQTou-t41pACsXNhPUB4sFY0n7so&google_hm=8Fn3ZZHkEC-swn2AwXAQKQ
Request Chain 280
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEB7TxgM6e_zilxjcmi7UpLg&google_cver=1&google_push=ASkJ3FbWODUFgX_Inc5PR9Z7bWUajT2diqzkQRDemxI_CvNmGA5aqbllNzd8cXk7VZjBQKgrJsiBbeG5_riz7NH91sTvhB3hKY8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FbWODUFgX_Inc5PR9Z7bWUajT2diqzkQRDemxI_CvNmGA5aqbllNzd8cXk7VZjBQKgrJsiBbeG5_riz7NH91sTvhB3hKY8&google_hm=3mLovL-3QSqP9jWXgFr0OdA
Request Chain 281
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEInWfTGwXEmipSHJKZ3gwV8&google_cver=1&google_push=ASkJ3FYvAmpwXCqyMyDJlTPgteaLvGXQDSa3_Z_xoE4PXyZOUz4mPgKRD60O4iIArpe_iORL65AVdSS10Z0HeAeFZWxQNjxiRzP2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FYvAmpwXCqyMyDJlTPgteaLvGXQDSa3_Z_xoE4PXyZOUz4mPgKRD60O4iIArpe_iORL65AVdSS10Z0HeAeFZWxQNjxiRzP2&google_hm=hmOCrJFvqI6kCRGi8g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6382AC916FA88EA40911A2F2BLIS
Request Chain 282
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOx08EgLItsFKYD4ctIZHH8&google_cver=1&google_push=ASkJ3Fbh3xFuRlg8lv7zeZKAbkdZ31ZaUV1hYsXTiIvsPFX66jC7xtRAq7o07bqUENBWPUVXhXaBE4_vEiwFtqApN3ec8dFu_129 HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=12d9ff6d-e790-4973-804e-ab42b3396025&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=dmp4glmXSE2v0J9xCFmQMg== HTTP 302
  • https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEOx08EgLItsFKYD4ctIZHH8&google_cver=1
Request Chain 283
  • https://an.yandex.ru/mapuid/google/CAESEP8a5uwyyxVZPXzB7t_hn84?ext-param=ASkJ3FYxGJoo27g5aCQKDr7M-r9atsFonHxogPA70-qYnBLGo2uzCRFKOLgNYC5EY3rU5EBqmzUdT3OGOegUZLG0ZD3CxvhIIHkYpw&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEP8a5uwyyxVZPXzB7t_hn84?redir-setuniq=1&ext-param=ASkJ3FYxGJoo27g5aCQKDr7M-r9atsFonHxogPA70-qYnBLGo2uzCRFKOLgNYC5EY3rU5EBqmzUdT3OGOegUZLG0ZD3CxvhIIHkYpw&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEP8a5uwyyxVZPXzB7t_hn84&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 287
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1&google_push=ASkJ3FbE9VQ36bS-M3tQyHLbQCUCDnFtZA-jmVr5Ha3fC6qzzYJO9D-PMPtdyOh0UrrSeyXfMG1Kh0CImh1DhAWCL8mf9h57WYP09GzxlhfuH16yXosXiCJZPf9W-0IFcGHvBkPR2kQRSuOv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUzNzAyNTMyMjU2NjQ5Njk1Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1
Request Chain 288
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMxjY1bPZj3Hh1on1Mk1Hx4&google_cver=1&google_push=ASkJ3FYfFKzNYIsmCM_flY4Ed1yFWiNljms7kyEO_tOEmlDa2vdLq7PC_wESETSK6_aMcjF3Q_GnHUk6UDfRpWVa-MCLpEQuHaBgN9qHORGPfYDjMJvJJbsCF8WANV9n6-7wYiUcjP9xfSmy HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FYfFKzNYIsmCM_flY4Ed1yFWiNljms7kyEO_tOEmlDa2vdLq7PC_wESETSK6_aMcjF3Q_GnHUk6UDfRpWVa-MCLpEQuHaBgN9qHORGPfYDjMJvJJbsCF8WANV9n6-7wYiUcjP9xfSmy&google_hm=8Fn3ZZHkEC-swn2AwXAQKQ
Request Chain 289
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEB7TxgM6e_zilxjcmi7UpLg&google_cver=1&google_push=ASkJ3Fbu3C1lThvaoXhYDqDZvLRUPdBfBgSVT_qmTKArDuBWxNip1HDaYYSKPXeRGUjXuNhUoX_C2Yd-JB7Xf9DZDZsVOkkQVaq6ytoLu2lhrChiaatdP5FKufrR0y-NnFp3dPbMb0KzGN8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3Fbu3C1lThvaoXhYDqDZvLRUPdBfBgSVT_qmTKArDuBWxNip1HDaYYSKPXeRGUjXuNhUoX_C2Yd-JB7Xf9DZDZsVOkkQVaq6ytoLu2lhrChiaatdP5FKufrR0y-NnFp3dPbMb0KzGN8Q&google_hm=3mLovL-3QSqP9jWXgFr0OdA
Request Chain 290
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEInWfTGwXEmipSHJKZ3gwV8&google_cver=1&google_push=ASkJ3FY5Go0LIcoUH0a4yOCCjZEQn07g6GobPvXbYauMgJW2MzP2jglOzVj8mwRh2WvsxNgj8admd6IHCtUObteh6fCWBvyUu9QqlSJfjFtfyMeeh3IJy9A1vyLcdffpmTGYHomHfeYM0WA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FY5Go0LIcoUH0a4yOCCjZEQn07g6GobPvXbYauMgJW2MzP2jglOzVj8mwRh2WvsxNgj8admd6IHCtUObteh6fCWBvyUu9QqlSJfjFtfyMeeh3IJy9A1vyLcdffpmTGYHomHfeYM0WA&google_hm=hmOCrJFvqI6kCRGi8g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6382AC916FA88EA40911A2F2BLIS
Request Chain 291
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOx08EgLItsFKYD4ctIZHH8&google_cver=1&google_push=ASkJ3FYBL8o6KggpQ7txKvsUXXCbHd9xW5ZCbM12PfK7MrK8qhqLMoVr7JeFBAeTwWadCZfZknE2Jta32QppEm54Gm7OrHopuwb3UW5jHNLtVTlElO_XiL64P-kP7PG24MA-5Y9A4w5ePko HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=0&user_id=&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYBL8o6KggpQ7txKvsUXXCbHd9xW5ZCbM12PfK7MrK8qhqLMoVr7JeFBAeTwWadCZfZknE2Jta32QppEm54Gm7OrHopuwb3UW5jHNLtVTlElO_XiL64P-kP7PG24MA-5Y9A4w5ePko&google_hm=dmp4glmXSE2v0J9xCFmQMg==
Request Chain 292
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN1hL2FgaCQYh9ralHjbiRY&google_cver=1&google_push=ASkJ3FbtTNdTXjeURPaq5CJ1JEvzakcBPDLgkrreywKeZcfrvVRrB7PxejGGtls-T0pSeAsTYtofLlH_e7AedmpEocspTMGwD87r10290XkTkuxAVhbtXSRf3Zh0GrNtnV7xHKnJWD7oN9Yr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIwODc3NjY2ODExMjA5MDA0NA&google_push=ASkJ3FbtTNdTXjeURPaq5CJ1JEvzakcBPDLgkrreywKeZcfrvVRrB7PxejGGtls-T0pSeAsTYtofLlH_e7AedmpEocspTMGwD87r10290XkTkuxAVhbtXSRf3Zh0GrNtnV7xHKnJWD7oN9Yr
Request Chain 293
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDRG44y_20IXy_kjl1h2i_U&google_cver=1&google_push=ASkJ3FYS1AangmDInC73T2_CZq2-EzFphKqnVyj1pg_h3yU6EBteWwrm4yf-6pfcsVWyG4xeiLHqGsJTEh9Xms2fHbAVY5ENL-WTak54uUlFP6MXt7jj2SjSWFc-H-JZQ1GgWCAeRqjONBox HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dKsCa37UT3F9I8wiSYczX3RaStA&google_push=ASkJ3FYS1AangmDInC73T2_CZq2-EzFphKqnVyj1pg_h3yU6EBteWwrm4yf-6pfcsVWyG4xeiLHqGsJTEh9Xms2fHbAVY5ENL-WTak54uUlFP6MXt7jj2SjSWFc-H-JZQ1GgWCAeRqjONBox
Request Chain 307
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 314
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4537025322566496957&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 315
  • https://match.adsrvr.org/track/cmf/openx?oxid=7bd80c90-60af-79ef-d905-f8ba2697a2eb&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=7bd80c90-60af-79ef-d905-f8ba2697a2eb&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=34f39761-0016-448c-b60e-9f4dc4c42967&ttd_puid=7bd80c90-60af-79ef-d905-f8ba2697a2eb&gdpr=0&gdpr_consent=
Request Chain 316
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y4KslcCo8X8AAGbqLtAAAAAA
Request Chain 317
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbOaAJMOpLIDks8ADxwUvgT3p88AAAGEtnIpzQ
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEHq-THlu7XoZHrrYV7r2Ag&google_cver=1
Request Chain 332
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 333
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Drkt%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3125098457444838000V10&type=rkt&refUrl=&vid=95082456093125098457444838000V10&ovsid=1992631737882419638
Request Chain 335
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dapx%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3125098457444838000V10&type=apx&refUrl=&vid=95082456093125098457444838000V10&ovsid=6028598553993587893
Request Chain 336
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dopx%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3125098457444838000V10&type=opx&refUrl=&vid=95082456093125098457444838000V10&ovsid=b3f4650f-cbaf-430f-ba4a-86d494783037
Request Chain 337
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dmma%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3125098457444838000V10&type=mma&refUrl=&vid=95082456093125098457444838000V10&ovsid=88876382-ac92-4300-a95b-e8bf0e6e3a9b
Request Chain 338
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dr1%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dr1%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3D%5BRX_UUID%5D&cb=1669508246442 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2991982393 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/34f39761-0016-448c-b60e-9f4dc4c42967 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0a5e5534-f1b1-4030-ad23-d9af86c18b32-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dr1%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3DRX-0a5e5534-f1b1-4030-ad23-d9af86c18b32-004
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzEyNTA5ODQ1NzQ0NDgzODAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBVW14DEv0x37uikZKCDo1k&google_cver=1
Request Chain 340
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Ddxu%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Ddxu%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3125098457444838000V10&type=dxu&refUrl=&vid=95082456093125098457444838000V10&ovsid=Exll8OJB1OZ5mm5
Request Chain 341
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=686e4297-e1e2-4509-a07f-f4d02f5b052c
Request Chain 342
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D766a7882-5997-484d-afd0-9f7108599032&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=88876382-ac92-4300-a95b-e8bf0e6e3a9b&expires=30&ssp=medianet&bsw_param=766a7882-5997-484d-afd0-9f7108599032&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=766a7882-5997-484d-afd0-9f7108599032&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 343
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dzem%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=KW_4f8o0NfAuw9VHYLAV&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKLK5PTIZRYN4YE4ZSBOV3TSVSILFGECVRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4TKMBYGI2DKNRQHEZTCMRVGA4TQNBVG42DINBYGM4DAMBQKYYTAJTWONUWIPJTGEZDKMBZHA2DKNZUGQ2DQMZYGAYDAVRRGA
Request Chain 346
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=34f39761-0016-448c-b60e-9f4dc4c42967
Request Chain 347
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=34f39761-0016-448c-b60e-9f4dc4c42967&dongle=0cfd
Request Chain 348
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjgyNjY3MTUzNDM3MDg2NTk3NDU3OA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 349
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEE4C4b5xasibsEgom55J6Wk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 350
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjgyNjY3MTUzNDM3MDg2NTk3NDU3OA%3D%3D
Request Chain 351
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2826671534370865974578&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2826671534370865974578&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2887543e-caf6-4b8e-85d8-e39181454466&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2887543e-caf6-4b8e-85d8-e39181454466&_noobservation=1&_expected_cookie=3173b257346f719e852e9b06547be3b6
Request Chain 352
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2826671534370865974578&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3D766a7882-5997-484d-afd0-9f7108599032%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=8e054f76e85c43faa01ab42d082b97bc&ssp=triplelift&bsw_param=766a7882-5997-484d-afd0-9f7108599032&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=766a7882-5997-484d-afd0-9f7108599032&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 353
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2826671534370865974578?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-2hszZpJE2oQnfQkJhVuBjM_9AqH1kY5r0tfXbTUdFQ--~A&dongle=0883
Request Chain 354
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2826671534370865974578 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2826671534370865974578&dcc=t
Request Chain 356
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6028598553993587893&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 358
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH99jElH_W7YKFZnLZEzZnA&google_cver=1
Request Chain 359
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB&dcc=t
Request Chain 360
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=34f39761-0016-448c-b60e-9f4dc4c42967&expiration=1672100245&gdpr=0&gdpr_consent=
Request Chain 363
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DE657C3EC0754347B9A8AB4FAA85442D
Request Chain 364
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=dKsCa37UT3F9I8wiSYczX3RaStA
Request Chain 374
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 377
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=6028598553993587893
Request Chain 378
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Ft-xCRZHUN4W9OsERWOmjoI9
Request Chain 379
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=Ft-xELZHekBFlomqQtSF_SWP
Request Chain 380
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1669508246442 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4514317990 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/34f39761-0016-448c-b60e-9f4dc4c42967 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0a5e5534-f1b1-4030-ad23-d9af86c18b32-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dr1%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3DRX-0a5e5534-f1b1-4030-ad23-d9af86c18b32-004
Request Chain 381
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1992631737882419639
Request Chain 383
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3463%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Da5167e1d-5a07-4d0b-a2a6-1400ad32ab5b%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/3463?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=a5167e1d-5a07-4d0b-a2a6-1400ad32ab5b&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=6028598553993587893 HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3463%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Da5167e1d-5a07-4d0b-a2a6-1400ad32ab5b%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 384
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-gWfhomBE2uGvoM92BP2PjNH8SsQYSDeuOiXRCMw-~A
Request Chain 388
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEpW-327IADFvdQfsNZUXLU&google_cver=1
Request Chain 394
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=34f39761-0016-448c-b60e-9f4dc4c42967&gdpr=0&gdpr_consent=&expires=30
Request Chain 395
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6028598553993587893
Request Chain 396
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB
Request Chain 397
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=88876382-ac92-4300-a95b-e8bf0e6e3a9b
Request Chain 398
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4537025322566496957
Request Chain 399
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=BQN9OlJTfDoeB309UFRoMAABJGkeAyQ4AVMjCKZP
Request Chain 401
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6028598553993587893
Request Chain 410
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_51757fb2-3aa7-4bc9-b9fb-2611b0c6d45c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=766a7882-5997-484d-afd0-9f7108599032
Request Chain 411
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-74ab026b-7ed4-4f71-7d23-cc224987335f$ip$116.90.74.208
Request Chain 413
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2608643581 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/34f39761-0016-448c-b60e-9f4dc4c42967
Request Chain 416
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=8ce5a8e0-48ba-41b9-be7e-e857eec7a3ad
Request Chain 426
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=34f39761-0016-448c-b60e-9f4dc4c42967
Request Chain 427
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=88876382-ac92-4300-a95b-e8bf0e6e3a9b&gdpr=0&gdpr_consent=
Request Chain 431
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y4Ksl8Co8X8AAGbqL1sAAAAA
Request Chain 433
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y4KslD7BCQcDcBfYYZ6kdgAA%264731
Request Chain 435
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 438
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT] HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=3448623052748763557&gdpr=0&gdpr_consent=
Request Chain 467
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 471
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:88876382-ac92-4300-a95b-e8bf0e6e3a9b&gdpr=0&gdpr_consent=
Request Chain 475
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GQlY1k5ZWdYCDVjRTF5N3BwLAYUCCQHUHVmkp0jD
Request Chain 477
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zrOafNwXQ362k_3XNO-0UQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 479
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=88876382-ac92-4300-a95b-e8bf0e6e3a9b
Request Chain 480
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0VCMzlBN0MtREMxNy00MzdFLUI2OTMtRkRENzM0RUZCNDUx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 481
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOC_1KasA4YtMjH9yuTD1Vs&google_cver=1
Request Chain 482
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:DE657C3EC0754347B9A8AB4FAA85442D
Request Chain 484
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=34f39761-0016-448c-b60e-9f4dc4c42967&gdpr=0&gdpr_consent=

492 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
www.bg3.co/a/
49 KB
14 KB
Document
General
Full URL
https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4d11eb681e969f43f6f4eaf183f1525a0d7a27c6c8864527e8168439a538b3a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 27 Nov 2022 00:17:11 GMT
ETag
"c5b9-6AzbDW1injUht5RUbO9UTw8Syss"
Expires
Sun, 27 Nov 2022 01:17:11 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/
276 KB
72 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
1d06186935333e9e0054906d58a51794a743376d1b71dc55df78e65debcc9820
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 27 Nov 2022 00:17:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72561
x-xss-protection
0
server
sffe
etag
"8982a451fc00c1b3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 27 Nov 2022 00:17:13 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/
31 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
0535100df27c6d49a6d1c06b7f98455bf0cdef6ae63c4c168b5cf1f170c14c51
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 27 Nov 2022 00:17:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9664
x-xss-protection
0
server
sffe
etag
"6079829c87823654"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 27 Nov 2022 00:17:13 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/
24 KB
7 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
2c71445ec9538a4d031b32ba0f044ae793aac625896846f838f9c8abace99c08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 27 Nov 2022 00:17:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7578
x-xss-protection
0
server
sffe
etag
"1ef491f2ce412f6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 27 Nov 2022 00:17:13 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/
109 KB
31 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
878674d3e2986e2a0da06a414498ebe39c165c2e22624600ee179ec9df149105
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 27 Nov 2022 00:17:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31953
x-xss-protection
0
server
sffe
etag
"eddf6e9f984d26cc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 27 Nov 2022 00:17:13 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
44 KB
44 KB
Script
General
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3902
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44566
last-modified
Wed, 16 Nov 2022 08:39:32 GMT
server
cloudflare
etag
"6374a1c4-ae16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7cLGtFIrOdmsV%2BxMqEY%2B3DKo%2FH0hIW7%2FgwlvPow3Az2gwN7Ie3IMPPLcgbFnMvHdezmLhR5%2FG65H2gW7BpBMVddFog%2FWKO%2BADLohE39wXvqOymCXwRSrobOr3liBfbmiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7706adfcd884aae1-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/
34 KB
9 KB
Script
General
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sun, 27 Nov 2022 00:17:13 GMT
content-encoding
br
last-modified
Sat, 26 Nov 2022 08:00:19 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
NZ
content-length
9035
expires
Sun, 27 Nov 2022 01:17:13 GMT
adpushup.js
cdn.adpushup.com/42753/
518 KB
112 KB
Script
General
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6bfd228178a7920f79853de46df09c0a6ee732b6d92100be5bb99174d05a9c07

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sun, 27 Nov 2022 00:17:13 GMT
content-encoding
br
last-modified
Thu, 17 Nov 2022 09:46:28 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=4
x-cf-geodata
NZ
content-length
114452
expires
Sun, 27 Nov 2022 01:17:13 GMT
jquery-2.2.2.min.js
code.jquery.com/
84 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:14 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJr1ipwGEogBCiQyMmFiNjhkYy05YWJkLTQ0ODQtODk2ZC1iMDRiMDcxYTM2OWEQ6JCNkN3O+gIaBgiK2YqcBiINMTE2LjkwLjc0LjIwOCi4xgMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGUyODk4Y2YxLWM4NzQtNGE4Ni1iYmZmLWFlMjA3YTU5M2Q0ZRi46QE=.h6uU28QGN2wNXOX9ZlOvPa41VAHQOsWbUh03wnkeMPY=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1669508234.dop002.la3.t,1669508234.cds261.la3.hn,1669508234.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
4ae49a3274d96fc29249301ca822a7d7.jpg
static.bg3.co/imgs/202105/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202105/4ae49a3274d96fc29249301ca822a7d7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

38d24fa49742f9f63dad7d33423af14e.jpg
static.bg3.co/imgs/202106/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202106/38d24fa49742f9f63dad7d33423af14e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

0bcae59c9fd60dc88441662a58fe61f1.jpg
static.bg3.co/imgs/202105/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202105/0bcae59c9fd60dc88441662a58fe61f1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bbda8973649c419d73079c70c85b43a5.jpg
static.bg3.co/imgs/202106/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202106/bbda8973649c419d73079c70c85b43a5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

8ad3c0aca38107a705b775efffaed127.jpg
static.bg3.co/imgs/202106/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202106/8ad3c0aca38107a705b775efffaed127.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

660841c65e3a8772b4ce1e04bf94ba79.jpg
static.bg3.co/imgs/202107/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202107/660841c65e3a8772b4ce1e04bf94ba79.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

9032aba83628dc12d7b2207a1579e457.jpg
static.bg3.co/imgs/202106/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202106/9032aba83628dc12d7b2207a1579e457.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

91760bcd6c35f8d9c3583d6d442ce477.jpg
static.bg3.co/imgs/202105/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202105/91760bcd6c35f8d9c3583d6d442ce477.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cbd9b9d22adb936da1922d3ddbe1d1e8.jpg
static.bg3.co/imgs/202106/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202106/cbd9b9d22adb936da1922d3ddbe1d1e8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

e9fbe45c321520237409cf4ae6b9adb5.jpg
static.bg3.co/imgs/202105/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202105/e9fbe45c321520237409cf4ae6b9adb5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cdc5473c5bbd0449514ee8318b14a9cb.jpg
static.bg3.co/imgs/202106/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202106/cdc5473c5bbd0449514ee8318b14a9cb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

f7649ea832bac450354b23eebe1ae593.jpg
static.bg3.co/imgs/202105/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202105/f7649ea832bac450354b23eebe1ae593.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cfe7b5135a71a79a1d0b4c56b3de2869.jpg
static.bg3.co/imgs/202203/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202203/cfe7b5135a71a79a1d0b4c56b3de2869.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

1c59e8a284809d07c0e004b15eaba716.jpg
static.bg3.co/imgs/202105/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202105/1c59e8a284809d07c0e004b15eaba716.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

458e8f40a6f7b26c3fa7952fc4c52e03.jpg
static.bg3.co/imgs/202106/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202106/458e8f40a6f7b26c3fa7952fc4c52e03.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

00b6b235bb93fa8ecae1cd680033b30c.jpg
static.bg3.co/imgs/202105/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202105/00b6b235bb93fa8ecae1cd680033b30c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

e46dd73f96081cc3490a7331911bcfae.jpg
static.bg3.co/imgs/202106/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202106/e46dd73f96081cc3490a7331911bcfae.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

a04b12c73444816fc82211466d2e2b19.jpg
static.bg3.co/imgs/202106/
0
0
Image
General
Full URL
https://static.bg3.co/imgs/202106/a04b12c73444816fc82211466d2e2b19.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
9367980d1a2a729754c9a6777d7236e9d49c662a197f00e210ba276d7e0aa6ac
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 22 Nov 2022 20:06:17 GMT
age
360659
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2991
x-xss-protection
0
server
sffe
etag
"413d5b5eb26df1c9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 20:06:17 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/
81 KB
23 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
e005bd498c71a1e59de4a20aec621c9a51451e498778fb049957e17fca316f8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 24 Nov 2022 00:15:08 GMT
age
259328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23066
x-xss-protection
0
server
sffe
etag
"1b79e24071ca714c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 24 Nov 2023 00:15:08 GMT
ama
pagead2.googlesyndication.com/getconfig/
3 KB
905 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
c7960fa01b219284ff1f6ced310ad6aab5fcedb8b9cb470238d23b1f535ecbb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
464
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
3e76fa5f8f7b53855ef3a64bb458a6ff4a09da9a814e81d844c973008139f527
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 22 Nov 2022 20:06:01 GMT
age
360675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3936
x-xss-protection
0
server
sffe
etag
"2e876f41249f1a45"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 20:06:01 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/
975 B
644 B
Stylesheet
General
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5004
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVW1n%2BU9xhOjQhbIBgUdwhCF62w8DdZrhhj%2B9u4dC0fZiRNpEoQj5l6i0v5rXlqOWUDoNZIP8VZBD317CtcRV73cymbDOd%2FFyuokiTehDw%2BHxE4FvgjrHH%2F1r%2FDBHwJk1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7706adff1b41aae1-SYD
idRequest
sync.aralego.com/
46 B
488 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
64130342828152e777b39517eb0e90586f5ff14d092ee86658f2f09e524c7053

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:14 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/
46 B
488 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
64130342828152e777b39517eb0e90586f5ff14d092ee86658f2f09e524c7053

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:14 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/
508 B
1 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.46414123173488653&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:14 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/
508 B
1 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.6375838797767093&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:14 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
jquery-3.6.0.min.js
code.jquery.com/
87 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:16 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJz1ipwGEogBCiRiYTFiZTkyMS1mOTc4LTQ0ZmQtOGQyZS02NDllZWIyNjk4ZDkQ6JCNkN3O+gIaBgiM2YqcBiINMTE2LjkwLjc0LjIwOCi4xgMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDc0ZTk4NDIxLWZhYWYtNDg4Zi04MmFlLWY4ZmRjZGU0YmFkYhib8QE=.IQslI+WqTu0rHRwlAFTHTyFQ8h0dMiOdL7rqvO2oVYQ=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1669508236.dop002.la3.t,1669508236.cds261.la3.hn,1669508236.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 58A3
99 KB
34 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
8a7fd9cf272483c91d91595ab284f310c610d42e61c41c740004ed4df0fd4912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34259
x-xss-protection
0
server
cafe
etag
6832663631163911588
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 00:17:15 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A67A
99 KB
34 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
70e2ff3ace36724ab2fa34bf8cec5e9a3ff126c6a69ce9837138f66250449421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34222
x-xss-protection
0
server
cafe
etag
5576922559291022192
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 00:17:15 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012211042305000/v0/
40 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
ef61de62bdd4d685961d0da741d164c50e531c9d98376158e47bb777363970f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 25 Nov 2022 03:24:50 GMT
age
161546
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10255
x-xss-protection
0
server
sffe
etag
"4d52d329cbd34968"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Nov 2023 03:24:50 GMT
block.jpg
delivery.adrecover.com/
631 B
915 B
Image
General
Full URL
https://delivery.adrecover.com/block.jpg?ts=1669508234929
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sun, 27 Nov 2022 00:17:16 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
631
expires
Sun, 27 Nov 2022 01:17:16 GMT
gtag.json
cdn.ampproject.org/rtv/012211042305000/v0/analytics-vendors/
2 KB
931 B
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 22 Nov 2022 20:10:34 GMT
age
360401
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"f8777e0f4a2af1a5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 20:10:34 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 0F46
714 B
799 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3587
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7706ae05cb3adfbd-SYD
content-encoding
br
content-type
text/html
date
Sun, 27 Nov 2022 00:17:15 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BRTf9gkpEo1m7A70%2BXPcDSkqVkjSr0aHLjfcKR4c0r%2FRyALFwzN1JNIZM8AriWygOrm6oCbJ6aBxFHBIU%2FWw3MRwoVkTYpqM9GdUv4h%2Fj3n7PgyMijp6esHdF45i8Ayvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/
35 B
384 B
Image
General
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:16 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 485D
714 B
759 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3587
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7706ae05eb4fdfbd-SYD
content-encoding
br
content-type
text/html
date
Sun, 27 Nov 2022 00:17:15 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KN3X8XtDxHkiGgCAQlbVpW8fZ7oiRolg4OB17LGwwokB4h5g1ziDm7KQAg3%2BAJem79uYXVGIEq1OyU2MFydQaoJER9Tb0PmtaFM1btO4bMFonuZq%2BFGoq0iQp%2FnpNpXKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0F46
78 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1404 / 601 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 27 Nov 2022 00:17:15 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 485D
78 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1404 / 369 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 27 Nov 2022 00:17:15 GMT
amp
www.googletagmanager.com/gtag/
610 B
808 B
Fetch
General
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sun, 27 Nov 2022 00:17:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ Frame A67A
354 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
98a88b0e0a1d558186eb2bd505b0c2b09bcaa1e0772402f306e6866fb6c127f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119216
x-xss-protection
0
server
cafe
etag
7194174589220020141
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 00:17:17 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 58A3
355 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
23fcb68994f7fd49b61fa0303100574f24a81f611958b7852f60ba8938503df6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119608
x-xss-protection
0
server
cafe
etag
11192224504657061087
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 00:17:17 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame 0F46
381 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Nov 2023 12:10:15 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame 485D
381 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Nov 2023 12:10:15 GMT
collect
www.google-analytics.com/r/
35 B
396 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=F-16%E6%B8%85%E6%99%A8%E6%8E%9B%E5%BD%88%E5%9F%B7%E8%A1%8C%E6%88%B0%E5%82%99%E8%BD%89%E5%A0%B4%E3%80%80C-130%E8%BC%89%E9%80%81%E5%BE%8C%E5%8B%A4%E4%BA%BA%E5%8A%9B%E3%80%81%E8%A3%9D%E5%82%99%E4%BB%BB%E5%8B%99%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-EK-O7O0gkQfSw33_3wB6fw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.4794131495772618&gjid=0.7573974145749371&_r=1&a=288&z=0.6557269229160192&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/
214 KB
57 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
a89c99a73b3c1f0c7a3977dd68ceba2286f13385d81aa1bf2c6811bce17f84fd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 22 Nov 2022 20:11:15 GMT
age
360361
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57837
x-xss-protection
0
server
sffe
etag
"23f3142da2c5be06"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 20:11:15 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/
342 KB
92 KB
Script
General
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sun, 27 Nov 2022 00:17:18 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
94168
expires
Mon, 27 Nov 2023 00:17:18 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/
450 B
505 B
Script
General
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sun, 27 Nov 2022 00:17:18 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
211
expires
Mon, 27 Nov 2023 00:17:18 GMT
linkPreview.js
cdn.adpushup.com/42753/
72 KB
17 KB
Script
General
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sun, 27 Nov 2022 00:17:18 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-length
17440
expires
Sun, 27 Nov 2022 01:17:18 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
78 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1404 / 582 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 27 Nov 2022 00:17:17 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/
70 B
538 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:17 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2Njk1MDgyMzY5NjMsInBhY2tldElkIjoiMDAwMEE3MDEtYWM1YzFjMGEtYWViYy00ZDUxLTg1N2UtZDQxNDQ2NzgxN2RmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2YtMTZxaW5nLWNoZW4tZ3VhLWRhbi16aGkteGluZy16aGFuLWJlaS16aHVhbi1jaGFuZy1jLTEzMHphaS1zb25nLWhvdS1xaW4tcmVuLWxpLXpodWFuZy1iZWktcmVuLXd1Lmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D&c_b=6004.900000572205
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:18 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2Njk1MDgyMzY5NjMsInBhY2tldElkIjoiMDAwMEE3MDEtYWM1YzFjMGEtYWViYy00ZDUxLTg1N2UtZDQxNDQ2NzgxN2RmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2YtMTZxaW5nLWNoZW4tZ3VhLWRhbi16aGkteGluZy16aGFuLWJlaS16aHVhbi1jaGFuZy1jLTEzMHphaS1zb25nLWhvdS1xaW4tcmVuLWxpLXpodWFuZy1iZWktcmVuLXd1Lmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D&c_b=6005.60000038147
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:18 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2Njk1MDgyMzY5NjMsInBhY2tldElkIjoiMDAwMEE3MDEtYWM1YzFjMGEtYWViYy00ZDUxLTg1N2UtZDQxNDQ2NzgxN2RmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2YtMTZxaW5nLWNoZW4tZ3VhLWRhbi16aGkteGluZy16aGFuLWJlaS16aHVhbi1jaGFuZy1jLTEzMHphaS1zb25nLWhvdS1xaW4tcmVuLWxpLXpodWFuZy1iZWktcmVuLXd1Lmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dfQ%3D%3D&c_b=6005.900000572205
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:18 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/
8 KB
9 KB
Image
General
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:18 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
1612
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Sun, 27 Nov 2022 04:17:18 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2Njk1MDgyMzY5NjksInBhY2tldElkIjoiMDAwMEE3MDEtYWM1YzFjMGEtYWViYy00ZDUxLTg1N2UtZDQxNDQ2NzgxN2RmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2YtMTZxaW5nLWNoZW4tZ3VhLWRhbi16aGkteGluZy16aGFuLWJlaS16aHVhbi1jaGFuZy1jLTEzMHphaS1zb25nLWhvdS1xaW4tcmVuLWxpLXpodWFuZy1iZWktcmVuLXd1Lmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=6011.900000572205
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:18 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2Njk1MDgyMzY5NzMsInBhY2tldElkIjoiMDAwMEE3MDEtYWM1YzFjMGEtYWViYy00ZDUxLTg1N2UtZDQxNDQ2NzgxN2RmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2YtMTZxaW5nLWNoZW4tZ3VhLWRhbi16aGkteGluZy16aGFuLWJlaS16aHVhbi1jaGFuZy1jLTEzMHphaS1zb25nLWhvdS1xaW4tcmVuLWxpLXpodWFuZy1iZWktcmVuLXd1Lmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV8xMjBYNjAwXzEwNGIyIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfMTIwWDYwMF8xMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=6015
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:18 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.json
adservice.google.com/adsid/
86 B
219 B
Fetch
General
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-1838737222392901985.ampproject.net/2211042305000/
0
0
Other
General
Full URL
https://d-1838737222392901985.ampproject.net/2211042305000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/
381 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389223
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Nov 2023 12:10:15 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
109 B
97 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Sun, 27 Nov 2022 00:17:18 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame 0F46
107 B
165 B
Script
General
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0F46
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0F46
492 B
263 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1703428166661079&correlator=3337550759244946&eid=31061690&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1669508237425&lmt=1644386353&dlt=1669508235253&idt=2151&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=jd5e8al1ys1b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=95418914.1669508237&ga_sid=1669508237&ga_hid=2036541407&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
abec67ea8b6c38c5634d47a12cd8066e7f3348b3500b35ea64ce3db62a1b4af3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5fb543f625ea1e3be246c7c2fc8e6709.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B337
6 KB
3 KB
Document
General
Full URL
https://5fb543f625ea1e3be246c7c2fc8e6709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:18 GMT
expires
Mon, 27 Nov 2023 00:17:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame A67A
379 B
453 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
36dc398a24c1bf6644f0e227dec5ce7d8c603d482067d064d22ac122180f3763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame A67A
107 B
165 B
Script
General
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A67A
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E638
28 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669508237&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508235944&bpp=13&bdt=1919&idt=1637&shv=r20221110&mjsv=m202211140101&ptt=5&saldr=sa&correlator=4799427792427&frm=23&ife=1&pv=2&ga_vid=1852690037.1669508238&ga_sid=1669508238&ga_hid=2099637927&ga_fc=0&ga_cid=amp-EK-O7O0gkQfSw33_3wB6fw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1034371593&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44773614%2C31070924&oid=2&pvsid=1713591695959193&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4qyhgm4asang&fsb=1&dtd=1655
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
5f84d2d09062f08518f2569792044af25d9789e431c3d82ea377b33da878986b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10728
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:18 GMT
expires
Sun, 27 Nov 2022 00:17:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 485D
107 B
165 B
Script
General
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 485D
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 485D
492 B
265 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4330118342677897&correlator=750504799855730&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1669508237633&lmt=1644386353&dlt=1669508235261&idt=2362&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=cku3f47spzwj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=159231045.1669508238&ga_sid=1669508238&ga_hid=1092871974&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
7d4757b1d039f59e7de6cfa1ea3d9a927aec499132d575a3f82f8ee7dbc65ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
305ead8bb9e1fc2af0134cdb4ec9593a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6FFE
6 KB
3 KB
Document
General
Full URL
https://305ead8bb9e1fc2af0134cdb4ec9593a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:18 GMT
expires
Mon, 27 Nov 2023 00:17:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 58A3
379 B
317 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
4d1383b53cf79d4cdc7cb8e0426a905ca944fbeee3116433b6a6de87f4b70110
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 58A3
107 B
792 B
Script
General
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 58A3
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
adx.holmesmind.com/adx-file/20221117/ Frame 4B4C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1669508237&url=...
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
673 B
1 KB
Document
General
Full URL
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-85.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
831
content-length
673
content-type
text/html
date
Sun, 27 Nov 2022 00:03:47 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Thu, 17 Nov 2022 07:10:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 92ebddd34a5dacfb924391ae6946602a.cloudfront.net (CloudFront)
x-amz-cf-id
4Nk2yTJko6f-E3jUJDWOAJYxvkJ_0ClKH_-Yq6ndSSNzhuq0qmDZxw==
x-amz-cf-pop
SIN5-C1
x-amz-version-id
b3LGmBAhby0rF5s3WuXdhl5wmvGClwHA
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:18 GMT
location
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 703F
603 B
338 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-17292836151146314371&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3093&oid=2&is_amp=5&amp_v=2211042305000&d_imp=1&c=703336000288&ga_cid=amp-EK-O7O0gkQfSw33_3wB6fw&ga_hid=288&dt=1669508237358&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&bdt=4961&dtd=706&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:18 GMT
expires
Sun, 27 Nov 2022 00:17:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0F46
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
8587f6427faffbd6a2d4161eb3f15c94884f73bf27195a418089afe917f55a85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12377
x-xss-protection
0
quant.js
secure.quantserve.com/
25 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:19 GMT
content-encoding
gzip
etag
"nAbmxtqHqaYrwBiADJAeFg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 04 Dec 2022 00:17:19 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 485D
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
53f9f9582b5ca6a0ec45cd44bd033e2eac6d512569b42276e251d541d2141f8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12541
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame C18E
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C5o8RjqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEmwJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx6PDzcPHn4lv9W0PPBYqitjKm25UMDnKV9WQxlFJA2U9WFmXQa5KgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=PgDnjrhJjm4&uach_m=[UACH]&cid=CAQSGwDq26N9RYgAb91iYfOe9wBYyeV3a5fAfKV57xgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669508237&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508235944&bpp=13&bdt=1919&idt=1637&shv=r20221110&mjsv=m202211140101&ptt=5&saldr=sa&correlator=4799427792427&frm=23&ife=1&pv=2&ga_vid=1852690037.1669508238&ga_sid=1669508238&ga_hid=2099637927&ga_fc=0&ga_cid=amp-EK-O7O0gkQfSw33_3wB6fw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1034371593&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44773614%2C31070924&oid=2&pvsid=1713591695959193&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4qyhgm4asang&fsb=1&dtd=1655
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 27 Nov 2022 00:17:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame C18E
0
0
Fetch
General
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k6rEFPz1BqwC-gFi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQjqyCYwuJqQYE8RLyjXBLABIAAA&wp=Y4KsjgAEJcYKaLdHAAqBrRphmxOFm_xd3Hr5cQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
176124
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 42B3
37 KB
15 KB
Document
General
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KsjgAEJcYKaLdHAAqBrRphmxOFm_xd3Hr5cQ&u=%7CsVDH2n4wXk7oOHfjfEw691mPmKT5a2CbU%2BLFo7ydk8I%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq45pcnQGbwcA40gFrmziGccKeRh2FSn1fnGw2LGgXmJKy08EwpFcFEvDV2zG4rgF-ys_1g6mSAyjrba6mZ8f8BH7mvFNLvNN6yzKGSb9uNqX_vvGMprBn4T3jI75xBaMHOe0S95AM7lmZ8Jlc724VwLyTB8kiLMjix4g7UPYHrOZzfO1N1wxTzjPXTkaFIVKaoVLfLV-zgUqtm3MiVHKsrOZdvuM4d94cpg3dKdnz6gs6vnF-dQcOheFaQT5LTtRhWMCnUNthBnlQQtCnp5BYC5FAWboNCyB_XZSVRcS7bjcnAds63UxCqDj4uIwvQhdhwyYMLHzYkDwakODpFkuwDWZRkYgKjQuKMlSvwUqXGFcotT9pptqU6jKPCDzpHtBpD3V-bA_GdPCgQESL3O6H7PW1Eedc2YSePu2jCiBwcGM2BD7tJCFYAu6fsalnL9oILY2odUTV3CoMlCHTpnpVvYu2mJQwuMFh6e8oFUjj5qLhR-Ow8tNghwOK0D-MdV6kzMz-exLOUucB_UYhFFXigUIGZdqLGZWF5Zsgo_YJzN1LMB6hhdsbumxYrPUq08UPr3oHT8Cr2jP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUw4_jqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEngJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx-HB7FEiUQARCuR-ov18EBvjj2TDOhfSv11jkMuAvXsRQL580NC1AfRGgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ED5_Fc1J3NCq83Z1OEKRzCzhHUQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669508237&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508235944&bpp=13&bdt=1919&idt=1637&shv=r20221110&mjsv=m202211140101&ptt=5&saldr=sa&correlator=4799427792427&frm=23&ife=1&pv=2&ga_vid=1852690037.1669508238&ga_sid=1669508238&ga_hid=2099637927&ga_fc=0&ga_cid=amp-EK-O7O0gkQfSw33_3wB6fw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1034371593&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44773614%2C31070924&oid=2&pvsid=1713591695959193&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4qyhgm4asang&fsb=1&dtd=1655
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
000a5eac81aaf2bfa4112990ccfe9afb0560c653da623a2016f5a928bb1032eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:18 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=4FOiXLhV71u6x5MI02DC5FHsiZ7LXMzMfW2h9wcboO_-uFkgZWGgNWS9eLyX418S95Z_ANOK2dOoKRtKNeCNwIqC_ArOImSiHf-G1VTp10zUbuO4Z-_jR2w_6KbrsNb6SjynHvogFNlxE5qJXvC6g0ydYvW-yX9h12vKIHu7HA73YQ4fGXZBiUeo5Rvpx2gEuJ-XLLmfRH_8BCJHtBJd7JMkh2P2p5RSPC51IbthPTOEjK7N-GB2E7o0mST4zj9NqC4lIg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3267675
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C18E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669508237&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508235944&bpp=13&bdt=1919&idt=1637&shv=r20221110&mjsv=m202211140101&ptt=5&saldr=sa&correlator=4799427792427&frm=23&ife=1&pv=2&ga_vid=1852690037.1669508238&ga_sid=1669508238&ga_hid=2099637927&ga_fc=0&ga_cid=amp-EK-O7O0gkQfSw33_3wB6fw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1034371593&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44773614%2C31070924&oid=2&pvsid=1713591695959193&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4qyhgm4asang&fsb=1&dtd=1655
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 15:03:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
33205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 15:03:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C18E
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669508237&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508235944&bpp=13&bdt=1919&idt=1637&shv=r20221110&mjsv=m202211140101&ptt=5&saldr=sa&correlator=4799427792427&frm=23&ife=1&pv=2&ga_vid=1852690037.1669508238&ga_sid=1669508238&ga_hid=2099637927&ga_fc=0&ga_cid=amp-EK-O7O0gkQfSw33_3wB6fw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1034371593&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44773614%2C31070924&oid=2&pvsid=1713591695959193&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4qyhgm4asang&fsb=1&dtd=1655
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
28567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 16:21:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C18E
154 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669508237&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508235944&bpp=13&bdt=1919&idt=1637&shv=r20221110&mjsv=m202211140101&ptt=5&saldr=sa&correlator=4799427792427&frm=23&ife=1&pv=2&ga_vid=1852690037.1669508238&ga_sid=1669508238&ga_hid=2099637927&ga_fc=0&ga_cid=amp-EK-O7O0gkQfSw33_3wB6fw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1034371593&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44773614%2C31070924&oid=2&pvsid=1713591695959193&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4qyhgm4asang&fsb=1&dtd=1655
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 00:17:18 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221127
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
124ba282fba9be018e2677e71d05d9cc739653b55a7e24d0f5d91b07d1bdce7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 27 Nov 2022 00:17:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
33380
x-jsd-version
1.0.1536
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4578-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-vxZzeLxydzMK1Wbo6Dqx5U/wGK8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKvTYEWEU9vxtXY8kqA%2BlxhCanVo%2FPV%2BvNpPliPjhdfLVH5cAiOwFMtVbSPk7Wq%2Ftyk%2By6yEGZ0j%2BNx81BrK9VsuJXXkTxulpmt%2F%2F8IXmxVmHAf%2FOZrHebwPEjHmWM9W6Po%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7706ae1e4b2c55b1-SYD
prebid
ib.adnxs.com/ut/v3/
369 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4f0de4d7a3059d2d724fedfff3f252fe6c7a8181871544a7966822e2bb0f615f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:19 GMT
AN-X-Request-Uuid
22ab5ea5-6563-4ffc-812a-d6f82be4f4f5
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.208; 116.90.74.208; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
369
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/
23 B
360 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f1280d7300e9d4f9ceac67f4170998605c770d5397330e1e62c04084966057bd

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 27 Nov 2022 00:17:19 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
auction
prebid-server.rubiconproject.com/openrtb2/
185 B
407 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.16.50 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-16-50.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
46b94dd9e89612315570c32ceef8d758a13f6d3731afa8f43a90a0db6999c2ff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:21 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
185 B
406 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.16.50 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-16-50.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e68ea196c6d7b69c48c5731a36abe964bc8074d22513fc4ed1375546cde0491b

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:21 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
0
0

fastlane.json
fastlane.rubiconproject.com/a/api/
472 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=a87433c9-c928-4618-83d3-305242b09116%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=6544039b-34dc-49f4-902c-1b13eb0c2e41%3B43ec3c9a-ef68-4409-b531-9f13e247b333%3B4f7126ab-e36a-49e1-83be-6b4968303fd0&l_pb_bid_id=1029cef82df61da%3B11cb87fac5e4d17%3B124f2dd55ac94d4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.9689567705141264
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cf9047ac8bdf9df4651b1f49d559f272517aae0ce96f3517e85adb240154cc2a

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/
717 B
672 B
XHR
General
Full URL
https://ads.servenobid.com/adreq?cb=3291
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 27 Nov 2022 00:17:19 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/
0
167 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Sun, 27 Nov 2022 00:17:18 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
arj
adpushup-d.openx.net/w/1.0/
173 B
385 B
XHR
General
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a44a57c2-f724-4783-95e2-d1e46060be1f%2Cd20be26a-70d9-4bbe-bb18-ea8202ef13c8%2C201673ec-0ac6-47fd-8af4-352aebf63edd&nocache=1669508238752&pubcid=a87433c9-c928-4618-83d3-305242b09116&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
41917208086f4738ff77c9613c3e1b58ba1d5f8a93e55c27d0084fbe5c2f2d08

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:19 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/
106 B
297 B
XHR
General
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=45338cf7-49c2-4a99-9676-73ff9579b34e&nocache=1669508238752&pubcid=a87433c9-c928-4618-83d3-305242b09116&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:19 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/
106 B
505 B
XHR
General
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d8685317-87cc-4366-8204-42cf0e07cb24&nocache=1669508238752&pubcid=a87433c9-c928-4618-83d3-305242b09116&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:19 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/
106 B
297 B
XHR
General
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ced0b818-9810-44c8-aa8f-40ebd4474e92&nocache=1669508238752&pubcid=a87433c9-c928-4618-83d3-305242b09116&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:19 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/
0
212 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=52276196388
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 27 Nov 2022 00:17:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
prebid.media.net/rtb/
1 KB
1 KB
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f737e6651d248592da0d73f4c4f6b68a5a10dc75bd006a58d5500a95ce90e977

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:19 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
159
alt-svc
clear
expires
Sun, 27 Nov 2022 00:17:19 GMT
auction
tlx.3lift.com/header/
19 B
504 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.248.223 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-248-223.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:19 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/
3 B
518 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.16.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-16-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 27 Nov 2022 00:17:19 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
15
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid-request
onetag-sys.com/
15 B
358 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cygnus
htlb.casalemedia.com/
7 KB
4 KB
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2258f862219ac1294%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2265f866de0a25869%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2268870b8f0ed0494%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%226953fed7f7e67a5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a87433c9-c928-4618-83d3-305242b09116%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee0d4fbd2f57ab77dba75aa60696a37b1c0b193ef7ae8a7d659da998517d2d05

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ej4iN2thnO9gGK%2BaLF2MO%2F9cPMpKV0%2FdmxEtIEdrR7m39xtChA9NwTUEeyoFgcB8TBzA3JDQH4UYKpaHckvgvTPswGdRi2tfL6gMPW%2B4HKo3wonqAmS0xl7iZ6jZNioYrRadKgfA"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7706ae1e9d5ca898-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
cygnus
htlb.casalemedia.com/
37 B
567 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2258f862219ac1294%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2268870b8f0ed0494%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%226953fed7f7e67a5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a87433c9-c928-4618-83d3-305242b09116%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72d04605cc71056294a313aa468b474bb46e57031f3647cd9b8c629904eb84ad

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83SzdVa7zdM4Vhi4lGEG7CW8SDDgRZPGod%2B%2BWPQZJY09W0Hj15BUZHAnTQ0S45bfOwamFe2%2BJPuPz2GGpGvErX8bKOv8De6%2B%2BP3fnRrZse4jXuiBQlrG15lWXQDgmsDCiN%2BIrCRg"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7706ae1e9d61a898-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bid-request
a.teads.tv/hb/
16 B
502 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.119.72 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-119-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:19 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 27 Nov 2022 00:17:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0F46
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 00:17:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 485D
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 00:17:19 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/
160 B
634 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 23:27:36 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
2987
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
koybzFduV0kQibFZGHfUOKTQUTHgAR6SA75cwhexqDOPFzusEwIjWw==
privacy_small.svg
static.criteo.net/flash/icon/ Frame 42B3
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KsjgAEJcYKaLdHAAqBrRphmxOFm_xd3Hr5cQ&u=%7CsVDH2n4wXk7oOHfjfEw691mPmKT5a2CbU%2BLFo7ydk8I%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq45pcnQGbwcA40gFrmziGccKeRh2FSn1fnGw2LGgXmJKy08EwpFcFEvDV2zG4rgF-ys_1g6mSAyjrba6mZ8f8BH7mvFNLvNN6yzKGSb9uNqX_vvGMprBn4T3jI75xBaMHOe0S95AM7lmZ8Jlc724VwLyTB8kiLMjix4g7UPYHrOZzfO1N1wxTzjPXTkaFIVKaoVLfLV-zgUqtm3MiVHKsrOZdvuM4d94cpg3dKdnz6gs6vnF-dQcOheFaQT5LTtRhWMCnUNthBnlQQtCnp5BYC5FAWboNCyB_XZSVRcS7bjcnAds63UxCqDj4uIwvQhdhwyYMLHzYkDwakODpFkuwDWZRkYgKjQuKMlSvwUqXGFcotT9pptqU6jKPCDzpHtBpD3V-bA_GdPCgQESL3O6H7PW1Eedc2YSePu2jCiBwcGM2BD7tJCFYAu6fsalnL9oILY2odUTV3CoMlCHTpnpVvYu2mJQwuMFh6e8oFUjj5qLhR-Ow8tNghwOK0D-MdV6kzMz-exLOUucB_UYhFFXigUIGZdqLGZWF5Zsgo_YJzN1LMB6hhdsbumxYrPUq08UPr3oHT8Cr2jP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUw4_jqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEngJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx-HB7FEiUQARCuR-ov18EBvjj2TDOhfSv11jkMuAvXsRQL580NC1AfRGgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ED5_Fc1J3NCq83Z1OEKRzCzhHUQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 22 Nov 2023 00:17:19 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 42B3
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KsjgAEJcYKaLdHAAqBrRphmxOFm_xd3Hr5cQ&u=%7CsVDH2n4wXk7oOHfjfEw691mPmKT5a2CbU%2BLFo7ydk8I%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq45pcnQGbwcA40gFrmziGccKeRh2FSn1fnGw2LGgXmJKy08EwpFcFEvDV2zG4rgF-ys_1g6mSAyjrba6mZ8f8BH7mvFNLvNN6yzKGSb9uNqX_vvGMprBn4T3jI75xBaMHOe0S95AM7lmZ8Jlc724VwLyTB8kiLMjix4g7UPYHrOZzfO1N1wxTzjPXTkaFIVKaoVLfLV-zgUqtm3MiVHKsrOZdvuM4d94cpg3dKdnz6gs6vnF-dQcOheFaQT5LTtRhWMCnUNthBnlQQtCnp5BYC5FAWboNCyB_XZSVRcS7bjcnAds63UxCqDj4uIwvQhdhwyYMLHzYkDwakODpFkuwDWZRkYgKjQuKMlSvwUqXGFcotT9pptqU6jKPCDzpHtBpD3V-bA_GdPCgQESL3O6H7PW1Eedc2YSePu2jCiBwcGM2BD7tJCFYAu6fsalnL9oILY2odUTV3CoMlCHTpnpVvYu2mJQwuMFh6e8oFUjj5qLhR-Ow8tNghwOK0D-MdV6kzMz-exLOUucB_UYhFFXigUIGZdqLGZWF5Zsgo_YJzN1LMB6hhdsbumxYrPUq08UPr3oHT8Cr2jP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUw4_jqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEngJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx-HB7FEiUQARCuR-ov18EBvjj2TDOhfSv11jkMuAvXsRQL580NC1AfRGgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ED5_Fc1J3NCq83Z1OEKRzCzhHUQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 22 Nov 2023 00:17:19 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 42B3
308 B
637 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KsjgAEJcYKaLdHAAqBrRphmxOFm_xd3Hr5cQ&u=%7CsVDH2n4wXk7oOHfjfEw691mPmKT5a2CbU%2BLFo7ydk8I%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq45pcnQGbwcA40gFrmziGccKeRh2FSn1fnGw2LGgXmJKy08EwpFcFEvDV2zG4rgF-ys_1g6mSAyjrba6mZ8f8BH7mvFNLvNN6yzKGSb9uNqX_vvGMprBn4T3jI75xBaMHOe0S95AM7lmZ8Jlc724VwLyTB8kiLMjix4g7UPYHrOZzfO1N1wxTzjPXTkaFIVKaoVLfLV-zgUqtm3MiVHKsrOZdvuM4d94cpg3dKdnz6gs6vnF-dQcOheFaQT5LTtRhWMCnUNthBnlQQtCnp5BYC5FAWboNCyB_XZSVRcS7bjcnAds63UxCqDj4uIwvQhdhwyYMLHzYkDwakODpFkuwDWZRkYgKjQuKMlSvwUqXGFcotT9pptqU6jKPCDzpHtBpD3V-bA_GdPCgQESL3O6H7PW1Eedc2YSePu2jCiBwcGM2BD7tJCFYAu6fsalnL9oILY2odUTV3CoMlCHTpnpVvYu2mJQwuMFh6e8oFUjj5qLhR-Ow8tNghwOK0D-MdV6kzMz-exLOUucB_UYhFFXigUIGZdqLGZWF5Zsgo_YJzN1LMB6hhdsbumxYrPUq08UPr3oHT8Cr2jP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUw4_jqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEngJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx-HB7FEiUQARCuR-ov18EBvjj2TDOhfSv11jkMuAvXsRQL580NC1AfRGgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ED5_Fc1J3NCq83Z1OEKRzCzhHUQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 22 Nov 2023 00:17:19 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 42B3
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KsjgAEJcYKaLdHAAqBrRphmxOFm_xd3Hr5cQ&u=%7CsVDH2n4wXk7oOHfjfEw691mPmKT5a2CbU%2BLFo7ydk8I%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq45pcnQGbwcA40gFrmziGccKeRh2FSn1fnGw2LGgXmJKy08EwpFcFEvDV2zG4rgF-ys_1g6mSAyjrba6mZ8f8BH7mvFNLvNN6yzKGSb9uNqX_vvGMprBn4T3jI75xBaMHOe0S95AM7lmZ8Jlc724VwLyTB8kiLMjix4g7UPYHrOZzfO1N1wxTzjPXTkaFIVKaoVLfLV-zgUqtm3MiVHKsrOZdvuM4d94cpg3dKdnz6gs6vnF-dQcOheFaQT5LTtRhWMCnUNthBnlQQtCnp5BYC5FAWboNCyB_XZSVRcS7bjcnAds63UxCqDj4uIwvQhdhwyYMLHzYkDwakODpFkuwDWZRkYgKjQuKMlSvwUqXGFcotT9pptqU6jKPCDzpHtBpD3V-bA_GdPCgQESL3O6H7PW1Eedc2YSePu2jCiBwcGM2BD7tJCFYAu6fsalnL9oILY2odUTV3CoMlCHTpnpVvYu2mJQwuMFh6e8oFUjj5qLhR-Ow8tNghwOK0D-MdV6kzMz-exLOUucB_UYhFFXigUIGZdqLGZWF5Zsgo_YJzN1LMB6hhdsbumxYrPUq08UPr3oHT8Cr2jP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUw4_jqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEngJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx-HB7FEiUQARCuR-ov18EBvjj2TDOhfSv11jkMuAvXsRQL580NC1AfRGgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ED5_Fc1J3NCq83Z1OEKRzCzhHUQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 22 Nov 2023 00:17:19 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 42B3
43 B
348 B
Image
General
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=v3a_KJA-zNi4AqeVUC89WNVQeKwxq1X6sR0-nUI4vlxwhIMomdeWOJmtMUwLRuI70fVCFZT00Jfu_pcDRD_NHKYiEf5ecAuflaOktljDeIVBN-occulXsHKZv2kharx4fN3GHTneBQunWFBKnNrQ1WfKM2O49zgootR7AO5DIaf2nfvZ7pfVFAo7r-cqW4HfME1mp2mFcDeCBX9ZvSCoURTb6titxW5D-AfgtK4RX3K-72FQwqVsJ8CL6NETuWD0RbwJ7mgYThWzjuVTOJL72nHZVLQn3hEJjBW73sMFdLHyIdUMLS4IWc2-98J2bLIi0aq3_0SgOluRESRYWwAAts3_yjQ-I-DnrxzGAadaTepTj4rnPwIFGJVHQt7Egx3a0wpRjJWgVmjvMzz0l2VFakekc1syLfAQy3Wsfd-4Xyz760wwOk8wDg5Mu_L52QBbkqSJiQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KsjgAEJcYKaLdHAAqBrRphmxOFm_xd3Hr5cQ&u=%7CsVDH2n4wXk7oOHfjfEw691mPmKT5a2CbU%2BLFo7ydk8I%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq45pcnQGbwcA40gFrmziGccKeRh2FSn1fnGw2LGgXmJKy08EwpFcFEvDV2zG4rgF-ys_1g6mSAyjrba6mZ8f8BH7mvFNLvNN6yzKGSb9uNqX_vvGMprBn4T3jI75xBaMHOe0S95AM7lmZ8Jlc724VwLyTB8kiLMjix4g7UPYHrOZzfO1N1wxTzjPXTkaFIVKaoVLfLV-zgUqtm3MiVHKsrOZdvuM4d94cpg3dKdnz6gs6vnF-dQcOheFaQT5LTtRhWMCnUNthBnlQQtCnp5BYC5FAWboNCyB_XZSVRcS7bjcnAds63UxCqDj4uIwvQhdhwyYMLHzYkDwakODpFkuwDWZRkYgKjQuKMlSvwUqXGFcotT9pptqU6jKPCDzpHtBpD3V-bA_GdPCgQESL3O6H7PW1Eedc2YSePu2jCiBwcGM2BD7tJCFYAu6fsalnL9oILY2odUTV3CoMlCHTpnpVvYu2mJQwuMFh6e8oFUjj5qLhR-Ow8tNghwOK0D-MdV6kzMz-exLOUucB_UYhFFXigUIGZdqLGZWF5Zsgo_YJzN1LMB6hhdsbumxYrPUq08UPr3oHT8Cr2jP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUw4_jqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEngJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx-HB7FEiUQARCuR-ov18EBvjj2TDOhfSv11jkMuAvXsRQL580NC1AfRGgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ED5_Fc1J3NCq83Z1OEKRzCzhHUQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3667793
expires
Mon, 26 Jul 1997 05:00:00 GMT
visit.jpg
tps.doubleverify.com/ Frame 42B3
0
157 B
Image
General
Full URL
https://tps.doubleverify.com/visit.jpg?ctx=23716808&cmp=192271&sid=3129&plc=6795137&adsrv=29&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&gdpr=0&
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KsjgAEJcYKaLdHAAqBrRphmxOFm_xd3Hr5cQ&u=%7CsVDH2n4wXk7oOHfjfEw691mPmKT5a2CbU%2BLFo7ydk8I%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq45pcnQGbwcA40gFrmziGccKeRh2FSn1fnGw2LGgXmJKy08EwpFcFEvDV2zG4rgF-ys_1g6mSAyjrba6mZ8f8BH7mvFNLvNN6yzKGSb9uNqX_vvGMprBn4T3jI75xBaMHOe0S95AM7lmZ8Jlc724VwLyTB8kiLMjix4g7UPYHrOZzfO1N1wxTzjPXTkaFIVKaoVLfLV-zgUqtm3MiVHKsrOZdvuM4d94cpg3dKdnz6gs6vnF-dQcOheFaQT5LTtRhWMCnUNthBnlQQtCnp5BYC5FAWboNCyB_XZSVRcS7bjcnAds63UxCqDj4uIwvQhdhwyYMLHzYkDwakODpFkuwDWZRkYgKjQuKMlSvwUqXGFcotT9pptqU6jKPCDzpHtBpD3V-bA_GdPCgQESL3O6H7PW1Eedc2YSePu2jCiBwcGM2BD7tJCFYAu6fsalnL9oILY2odUTV3CoMlCHTpnpVvYu2mJQwuMFh6e8oFUjj5qLhR-Ow8tNghwOK0D-MdV6kzMz-exLOUucB_UYhFFXigUIGZdqLGZWF5Zsgo_YJzN1LMB6hhdsbumxYrPUq08UPr3oHT8Cr2jP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUw4_jqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEngJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx-HB7FEiUQARCuR-ov18EBvjj2TDOhfSv11jkMuAvXsRQL580NC1AfRGgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ED5_Fc1J3NCq83Z1OEKRzCzhHUQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:21 GMT
Cache-Control
max-age=0
Connection
close
Expires
11/26/2022 00:17:21
index.html
static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/ Frame 5CEA
63 KB
20 KB
Document
General
Full URL
https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/index.html
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KsjgAEJcYKaLdHAAqBrRphmxOFm_xd3Hr5cQ&u=%7CsVDH2n4wXk7oOHfjfEw691mPmKT5a2CbU%2BLFo7ydk8I%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq45pcnQGbwcA40gFrmziGccKeRh2FSn1fnGw2LGgXmJKy08EwpFcFEvDV2zG4rgF-ys_1g6mSAyjrba6mZ8f8BH7mvFNLvNN6yzKGSb9uNqX_vvGMprBn4T3jI75xBaMHOe0S95AM7lmZ8Jlc724VwLyTB8kiLMjix4g7UPYHrOZzfO1N1wxTzjPXTkaFIVKaoVLfLV-zgUqtm3MiVHKsrOZdvuM4d94cpg3dKdnz6gs6vnF-dQcOheFaQT5LTtRhWMCnUNthBnlQQtCnp5BYC5FAWboNCyB_XZSVRcS7bjcnAds63UxCqDj4uIwvQhdhwyYMLHzYkDwakODpFkuwDWZRkYgKjQuKMlSvwUqXGFcotT9pptqU6jKPCDzpHtBpD3V-bA_GdPCgQESL3O6H7PW1Eedc2YSePu2jCiBwcGM2BD7tJCFYAu6fsalnL9oILY2odUTV3CoMlCHTpnpVvYu2mJQwuMFh6e8oFUjj5qLhR-Ow8tNghwOK0D-MdV6kzMz-exLOUucB_UYhFFXigUIGZdqLGZWF5Zsgo_YJzN1LMB6hhdsbumxYrPUq08UPr3oHT8Cr2jP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUw4_jqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEngJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx-HB7FEiUQARCuR-ov18EBvjj2TDOhfSv11jkMuAvXsRQL580NC1AfRGgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ED5_Fc1J3NCq83Z1OEKRzCzhHUQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ff7044fa27e31cb0b9cbcca8afcb17757bdab2e6cdf225559d87ea5dfda369b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:19 GMT
etag
W/"632bf2eb-fd81"
expires
Wed, 22 Nov 2023 00:17:19 GMT
last-modified
Thu, 22 Sep 2022 05:30:19 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 4B4C
99 KB
33 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e38faebb5a6d42d74b0d294dd2b03c18f010247843533812c25b47e9d2850dc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34251
x-xss-protection
0
server
cafe
etag
13444292989094522988
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 00:17:19 GMT
truncated
/ Frame C18E
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d26a25fc3875ba53fe0f85cf3faca91d18dd52400e3899ec923edbe43813cee7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0323
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
120254
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Nov 2022 14:53:05 GMT
expires
Sat, 25 Nov 2023 14:53:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EB57
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
GSE /
Resource Hash
78c2d8202152efb8c7743216173b5549deac5992fc6056aa45ef4e45faf0b3d2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pSpka7XUEU7qIdCd9d50qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-pSpka7XUEU7qIdCd9d50qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:20 GMT
expires
Sun, 27 Nov 2022 00:17:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
all
csm.as.criteo.net/ Frame 42B3
0
128 B
Ping
General
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=4FOiXLhV71u6x5MI02DC5FHsiZ7LXMzMfW2h9wcboO_-uFkgZWGgNWS9eLyX418S95Z_ANOK2dOoKRtKNeCNwIqC_ArOImSiHf-G1VTp10zUbuO4Z-_jR2w_6KbrsNb6SjynHvogFNlxE5qJXvC6g0ydYvW-yX9h12vKIHu7HA73YQ4fGXZBiUeo5Rvpx2gEuJ-XLLmfRH_8BCJHtBJd7JMkh2P2p5RSPC51IbthPTOEjK7N-GB2E7o0mST4zj9NqC4lIg&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KsjgAEJcYKaLdHAAqBrRphmxOFm_xd3Hr5cQ&u=%7CsVDH2n4wXk7oOHfjfEw691mPmKT5a2CbU%2BLFo7ydk8I%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq45pcnQGbwcA40gFrmziGccKeRh2FSn1fnGw2LGgXmJKy08EwpFcFEvDV2zG4rgF-ys_1g6mSAyjrba6mZ8f8BH7mvFNLvNN6yzKGSb9uNqX_vvGMprBn4T3jI75xBaMHOe0S95AM7lmZ8Jlc724VwLyTB8kiLMjix4g7UPYHrOZzfO1N1wxTzjPXTkaFIVKaoVLfLV-zgUqtm3MiVHKsrOZdvuM4d94cpg3dKdnz6gs6vnF-dQcOheFaQT5LTtRhWMCnUNthBnlQQtCnp5BYC5FAWboNCyB_XZSVRcS7bjcnAds63UxCqDj4uIwvQhdhwyYMLHzYkDwakODpFkuwDWZRkYgKjQuKMlSvwUqXGFcotT9pptqU6jKPCDzpHtBpD3V-bA_GdPCgQESL3O6H7PW1Eedc2YSePu2jCiBwcGM2BD7tJCFYAu6fsalnL9oILY2odUTV3CoMlCHTpnpVvYu2mJQwuMFh6e8oFUjj5qLhR-Ow8tNghwOK0D-MdV6kzMz-exLOUucB_UYhFFXigUIGZdqLGZWF5Zsgo_YJzN1LMB6hhdsbumxYrPUq08UPr3oHT8Cr2jP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUw4_jqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEngJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx-HB7FEiUQARCuR-ov18EBvjj2TDOhfSv11jkMuAvXsRQL580NC1AfRGgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ED5_Fc1J3NCq83Z1OEKRzCzhHUQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 27 Nov 2022 00:17:20 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 42B3
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KsjgAEJcYKaLdHAAqBrRphmxOFm_xd3Hr5cQ&u=%7CsVDH2n4wXk7oOHfjfEw691mPmKT5a2CbU%2BLFo7ydk8I%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq45pcnQGbwcA40gFrmziGccKeRh2FSn1fnGw2LGgXmJKy08EwpFcFEvDV2zG4rgF-ys_1g6mSAyjrba6mZ8f8BH7mvFNLvNN6yzKGSb9uNqX_vvGMprBn4T3jI75xBaMHOe0S95AM7lmZ8Jlc724VwLyTB8kiLMjix4g7UPYHrOZzfO1N1wxTzjPXTkaFIVKaoVLfLV-zgUqtm3MiVHKsrOZdvuM4d94cpg3dKdnz6gs6vnF-dQcOheFaQT5LTtRhWMCnUNthBnlQQtCnp5BYC5FAWboNCyB_XZSVRcS7bjcnAds63UxCqDj4uIwvQhdhwyYMLHzYkDwakODpFkuwDWZRkYgKjQuKMlSvwUqXGFcotT9pptqU6jKPCDzpHtBpD3V-bA_GdPCgQESL3O6H7PW1Eedc2YSePu2jCiBwcGM2BD7tJCFYAu6fsalnL9oILY2odUTV3CoMlCHTpnpVvYu2mJQwuMFh6e8oFUjj5qLhR-Ow8tNghwOK0D-MdV6kzMz-exLOUucB_UYhFFXigUIGZdqLGZWF5Zsgo_YJzN1LMB6hhdsbumxYrPUq08UPr3oHT8Cr2jP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUw4_jqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEngJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx-HB7FEiUQARCuR-ov18EBvjj2TDOhfSv11jkMuAvXsRQL580NC1AfRGgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ED5_Fc1J3NCq83Z1OEKRzCzhHUQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 22 Nov 2023 00:17:20 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 42B3
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KsjgAEJcYKaLdHAAqBrRphmxOFm_xd3Hr5cQ&u=%7CsVDH2n4wXk7oOHfjfEw691mPmKT5a2CbU%2BLFo7ydk8I%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq45pcnQGbwcA40gFrmziGccKeRh2FSn1fnGw2LGgXmJKy08EwpFcFEvDV2zG4rgF-ys_1g6mSAyjrba6mZ8f8BH7mvFNLvNN6yzKGSb9uNqX_vvGMprBn4T3jI75xBaMHOe0S95AM7lmZ8Jlc724VwLyTB8kiLMjix4g7UPYHrOZzfO1N1wxTzjPXTkaFIVKaoVLfLV-zgUqtm3MiVHKsrOZdvuM4d94cpg3dKdnz6gs6vnF-dQcOheFaQT5LTtRhWMCnUNthBnlQQtCnp5BYC5FAWboNCyB_XZSVRcS7bjcnAds63UxCqDj4uIwvQhdhwyYMLHzYkDwakODpFkuwDWZRkYgKjQuKMlSvwUqXGFcotT9pptqU6jKPCDzpHtBpD3V-bA_GdPCgQESL3O6H7PW1Eedc2YSePu2jCiBwcGM2BD7tJCFYAu6fsalnL9oILY2odUTV3CoMlCHTpnpVvYu2mJQwuMFh6e8oFUjj5qLhR-Ow8tNghwOK0D-MdV6kzMz-exLOUucB_UYhFFXigUIGZdqLGZWF5Zsgo_YJzN1LMB6hhdsbumxYrPUq08UPr3oHT8Cr2jP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUw4_jqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEngJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx-HB7FEiUQARCuR-ov18EBvjj2TDOhfSv11jkMuAvXsRQL580NC1AfRGgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ED5_Fc1J3NCq83Z1OEKRzCzhHUQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 22 Nov 2023 00:17:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F13A
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
120255
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Nov 2022 14:53:05 GMT
expires
Sat, 25 Nov 2023 14:53:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C9A8
783 B
743 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
GSE /
Resource Hash
65f826077a6a7f5d1d03e8ca4f276f18278462563843284ebde89df409802e40
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gU1YhMgQGQxH4MbU3HgKyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-gU1YhMgQGQxH4MbU3HgKyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:20 GMT
expires
Sun, 27 Nov 2022 00:17:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
log
aplogger.adpushup.com/
0
119 B
Ping
General
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI2NzY2MDRfMTY2OTUwODIzOTc3NCIsInVzZXJJZCI6IjMwNTc0N18xNjY5NTA4MjM5Nzc0Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNjU2NjQwXzE2Njk1MDgyMzk3NzQiLCJwYWdlUGF0aCI6IiUyRmElMkZmLTE2cWluZy1jaGVuLWd1YS1kYW4temhpLXhpbmctemhhbi1iZWktemh1YW4tY2hhbmctYy0xMzB6YWktc29uZy1ob3UtcWluLXJlbi1saS16aHVhbmctYmVpLXJlbi13dS5odG1sIiwiaG9zdG5hbWUiOiJ3d3cuYmczLmNvIiwidXJsIjoiaHR0cHMlM0ElMkYlMkZ3d3cuYmczLmNvJTJGYSUyRmYtMTZxaW5nLWNoZW4tZ3VhLWRhbi16aGkteGluZy16aGFuLWJlaS16aHVhbi1jaGFuZy1jLTEzMHphaS1zb25nLWhvdS1xaW4tcmVuLWxpLXpodWFuZy1iZWktcmVuLXd1Lmh0bWwiLCJwaGFzZSI6MCwidXNlclR5cGUiOiJORVciLCJwcmV2aWV3VmFyaWF0aW9uIjoiZGVzY3JpcHRpb25QYWdlIiwiZXhwZXJpbWVudFBhZ2UiOnRydWUsInRpbWVzdGFtcCI6MTY2OTUwODIzOTc3NH0=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.183.162.69 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 27 Nov 2022 00:17:22 GMT
Server
nginx/1.18.0 (Ubuntu)
L2EvZi0xNnFpbmctY2hlbi1ndWEtZGFuLXpoaS14aW5nLXpoYW4tYmVpLXpodWFuLWNoYW5nLWMtMTMwemFpLXNvbmctaG91LXFpbi1yZW4tbGktemh1YW5nLWJlaS1yZW4td3UuaHRtbA==.json
cdn.adpushup.com/42753/
555 B
819 B
XHR
General
Full URL
https://cdn.adpushup.com/42753/L2EvZi0xNnFpbmctY2hlbi1ndWEtZGFuLXpoaS14aW5nLXpoYW4tYmVpLXpodWFuLWNoYW5nLWMtMTMwemFpLXNvbmctaG91LXFpbi1yZW4tbGktemh1YW5nLWJlaS1yZW4td3UuaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sun, 27 Nov 2022 00:17:20 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=103, origin; dur=211
content-length
555
expires
Sun, 27 Nov 2022 01:17:20 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 4B4C
355 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
b4759bb4f7feb87cdfa4b36b4fe2754a54224629226f76df1287a5873c1176af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119603
x-xss-protection
0
server
cafe
etag
18041840905878368703
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 00:17:19 GMT
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 0323
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 23:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 23:01:25 GMT
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame F13A
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 23:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 23:01:25 GMT
Enabler.js
s0.2mdn.net/ads/studio/ Frame 5CEA
136 KB
46 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 27 Nov 2022 00:20:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EB57
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=4330118342677897&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame C9A8
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=1703428166661079&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

js
www.googletagmanager.com/gtag/
223 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6f3b79cc8cc613dbc5936b1aa69fd15ee78237f6d595734c70cbcc95568319d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78325
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 27 Nov 2022 00:17:21 GMT
log
aplogger.adpushup.com/
0
119 B
Ping
General
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9mLTE2cWluZy1jaGVuLWd1YS1kYW4temhpLXhpbmctemhhbi1iZWktemh1YW4tY2hhbmctYy0xMzB6YWktc29uZy1ob3UtcWluLXJlbi1saS16aHVhbmctYmVpLXJlbi13dS5odG1sIiwidGltZSI6MTY2OTUwODI0MDQyOH0=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.183.162.69 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 27 Nov 2022 00:17:22 GMT
Server
nginx/1.18.0 (Ubuntu)
activeview
pagead2.googlesyndication.com/pcs/ Frame C18E
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvY10yM4KX52qYka84Ddy5Jak4sD3MZtbaFeXKwElScREHNJsyFo3qHtBrma3QMbgwyvqHPjCOLcqU5eS0ngV2yviGl&sig=Cg0ArKJSzORKqTKxeyoZEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669508238585&rpt=908&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 42B3
0
127 B
Ping
General
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=4FOiXLhV71u6x5MI02DC5FHsiZ7LXMzMfW2h9wcboO_-uFkgZWGgNWS9eLyX418S95Z_ANOK2dOoKRtKNeCNwIqC_ArOImSiHf-G1VTp10zUbuO4Z-_jR2w_6KbrsNb6SjynHvogFNlxE5qJXvC6g0ydYvW-yX9h12vKIHu7HA73YQ4fGXZBiUeo5Rvpx2gEuJ-XLLmfRH_8BCJHtBJd7JMkh2P2p5RSPC51IbthPTOEjK7N-GB2E7o0mST4zj9NqC4lIg&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KsjgAEJcYKaLdHAAqBrRphmxOFm_xd3Hr5cQ&u=%7CsVDH2n4wXk7oOHfjfEw691mPmKT5a2CbU%2BLFo7ydk8I%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq45pcnQGbwcA40gFrmziGccKeRh2FSn1fnGw2LGgXmJKy08EwpFcFEvDV2zG4rgF-ys_1g6mSAyjrba6mZ8f8BH7mvFNLvNN6yzKGSb9uNqX_vvGMprBn4T3jI75xBaMHOe0S95AM7lmZ8Jlc724VwLyTB8kiLMjix4g7UPYHrOZzfO1N1wxTzjPXTkaFIVKaoVLfLV-zgUqtm3MiVHKsrOZdvuM4d94cpg3dKdnz6gs6vnF-dQcOheFaQT5LTtRhWMCnUNthBnlQQtCnp5BYC5FAWboNCyB_XZSVRcS7bjcnAds63UxCqDj4uIwvQhdhwyYMLHzYkDwakODpFkuwDWZRkYgKjQuKMlSvwUqXGFcotT9pptqU6jKPCDzpHtBpD3V-bA_GdPCgQESL3O6H7PW1Eedc2YSePu2jCiBwcGM2BD7tJCFYAu6fsalnL9oILY2odUTV3CoMlCHTpnpVvYu2mJQwuMFh6e8oFUjj5qLhR-Ow8tNghwOK0D-MdV6kzMz-exLOUucB_UYhFFXigUIGZdqLGZWF5Zsgo_YJzN1LMB6hhdsbumxYrPUq08UPr3oHT8Cr2jP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUw4_jqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEngJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx-HB7FEiUQARCuR-ov18EBvjj2TDOhfSv11jkMuAvXsRQL580NC1AfRGgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ED5_Fc1J3NCq83Z1OEKRzCzhHUQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 27 Nov 2022 00:17:20 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 0323
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?g_spow
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
integrator.js
adservice.google.co.nz/adsid/ Frame 4B4C
107 B
165 B
Script
General
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4B4C
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 522F
30 KB
12 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508239812&bpp=12&bdt=429&idt=873&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=2517652018912&frm=8&ife=1&pv=2&ga_vid=16333101.1669508241&ga_sid=1669508241&ga_hid=734576642&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C44777948&oid=2&pvsid=663942046339342&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9lkqnh48ukqw&fsb=1&dtd=890
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
2f79aaf6e437b1dbcaaeb4e3328146776eeff98d9f56aea0ce2eb3e27d9e8956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12240
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame F13A
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?0aA-bA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
adview
googleads.g.doubleclick.net/pagead/ Frame DC78
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CewyikKyCY9b1Moy0oQP4uZT4BJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAubyxXG4pqY-qAMBqgS3AU_QFj5hfgD7Zv26WRVrL-V6Bg8fiLtxkMK_NGJPTg_tA1ubdGH1cjdx8LTi9bZltK-cQnIuZ_uZLfoeHpwL9ac2-ZQA9nIwWI0BlqXkk04zWfIkK3SmouThs6-yP4zPmfA8m1vScH2S6DgLqYbGoucUWaXSNSJA-YfPlL1lVGZH5NrMUquMnlFOBq09pB91axsJhDxOMxOxavRuIk6ny2zku7T_Mik64_KrsDLyG4j6YsbVQBVn0YAGtdv8ssvQgeppoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=EriqVTteMws&uach_m=[UACH]&cid=CAQSKQDq26N9z6vo7O-9wEju2GKz1z_Wh8PGh8fDHaHn4iCntsFfF_s4-Zy6GAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508239812&bpp=12&bdt=429&idt=873&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=2517652018912&frm=8&ife=1&pv=2&ga_vid=16333101.1669508241&ga_sid=1669508241&ga_hid=734576642&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C44777948&oid=2&pvsid=663942046339342&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9lkqnh48ukqw&fsb=1&dtd=890
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 27 Nov 2022 00:17:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame DC78
0
0
Fetch
General
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k6rEFPz1BqwC-gFi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQj6yCY9w8rlKKJUZg8912ABIAAA&wp=Y4KskAAMutYKaFoMAAUc-OEJVIYCD-hUXv-XDA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
120327
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 5982
40 KB
16 KB
Document
General
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KskAAMutYKaFoMAAUc-OEJVIYCD-hUXv-XDA&u=%7CFs1poHeYXnNSnyvBoXZeBzP7eUYNyH83FXIpLbDc%2B3A%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq5Qb0gtGZhQ2pHyeuyEFKL6Ens0VSz_bcoXWE8W2yLppNDaQnxtdpAclXWLNu7f467qlgc0ydUT0ffGPqUYV_0PZTv5XE59ZAdVW9PCNcYs-OCuL1SGr2k2AyCOty8a4R42rwY0XwkEVp9R0-uMtAIQ048MHKGIc6Yv7OWKBZWU99gOa1FSJD8BBEMkmBBnT_skOIDTbiQOmWH4EH9ly1aTeFdVXnVR_PFR3zw5MpLgpqM_9KC-KwlpafCyXyeDP1LhWTT1fxpTpQQCIlRz6HgfrG66N_rxmopsNLNzRKyQZVlQRuUQlF987X9qe7YczOWFvC5Pl6j9yOcK7BUgvyh97RqZEiQ5ZUfRe-yVtc4AExFqlSK4jfmxBDqzBVMsNU6gE8C7WmN99qynl6c2syTGTSmHoDYttzyWDlqwgH1x5WBSaq6Hu1lDwjVBgGuDHTDuLIElMDXF0ZsU2yG2mTFCBKjJAF5rhWR9DudJMYP8TiwS5NLvv15_LT3yjrLhQxAkX8KA_Dcaio2TLrQzw59J2PJhbVRw9JME9C90SLjgx5Kx0jE2P_0SdhsPssha-Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJojxkKyCY9b1Moy0oQP4uZT4BJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAubyxXG4pqY-qAMBqgS6AU_QFj5hfgD7Zv26WRVrL-V6Bg8fiLtxkMK_NGJPTg_tA1ubdGH1cjdx8LTi9bZltK-cQnIuZ_uZLfoeHpwL9ac2-ZQA9nIwWI0BlqXkk04zWfIkK3SmouThs6-yP4zPmfA8m1vScH2S6DgLqYbGoucUWaXSNSJA-YfPlL1lVGZH5NrMUquMnlFOBq09pB91axtLhh3c1t04FAvnU9BMnfYnkqD1pSMU-xojQ2Ro0jbkTt4yq4QZLrl_jYAGtdv8ssvQgeppoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0OMAcICOsjaWQS4dUdsheQRDdeGQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508239812&bpp=12&bdt=429&idt=873&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=2517652018912&frm=8&ife=1&pv=2&ga_vid=16333101.1669508241&ga_sid=1669508241&ga_hid=734576642&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C44777948&oid=2&pvsid=663942046339342&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9lkqnh48ukqw&fsb=1&dtd=890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0f46fc2ccc591120e2ff17f9aee448007226a2903c14298c1137f88e825c9fa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:20 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=k6sxBrhV71u6x5MI2cK--ZHGO5e5Tp9sR4-zWx11y2KezKWtdyB3mJRLeo1_3NCfPhhMkLk9g2TkQjt4fXjWqjyONHk7TNWhILokmkMKiUdovuvV4JI4jDRewdLiEpk7-1vSIvazvDf9T7EmfYt5qKARNLr83a_1c70RspBy0HRwuwKdE7piUrapvK7dySNX8hVWH0yQeuntj1sFDpxkEzFGEOXGRNx9c6ktF8fIAtWd22_3FTiUG6e-hYpKPK9s-9ct02vG2jhXFFya"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
4426757
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DC78
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508239812&bpp=12&bdt=429&idt=873&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=2517652018912&frm=8&ife=1&pv=2&ga_vid=16333101.1669508241&ga_sid=1669508241&ga_hid=734576642&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C44777948&oid=2&pvsid=663942046339342&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9lkqnh48ukqw&fsb=1&dtd=890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 15:03:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
33207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 15:03:54 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8A81
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508239812&bpp=12&bdt=429&idt=873&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=2517652018912&frm=8&ife=1&pv=2&ga_vid=16333101.1669508241&ga_sid=1669508241&ga_hid=734576642&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C44777948&oid=2&pvsid=663942046339342&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9lkqnh48ukqw&fsb=1&dtd=890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
71300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 04:29:01 GMT
etag
48472445140208031
expires
Sun, 27 Nov 2022 04:29:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DC78
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508239812&bpp=12&bdt=429&idt=873&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=2517652018912&frm=8&ife=1&pv=2&ga_vid=16333101.1669508241&ga_sid=1669508241&ga_hid=734576642&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C44777948&oid=2&pvsid=663942046339342&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9lkqnh48ukqw&fsb=1&dtd=890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
28569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 16:21:12 GMT
l
www.google.com/ads/measurement/ Frame DC78
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRD8Zd3p56EJqFMyMHKHM8it-S-RR9eOSz67e1Hei9TaSqMEtCENtJBNyzuat0nOn3Iy3hysmzQ4IyOI0zeKHhKBzGhUw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508239812&bpp=12&bdt=429&idt=873&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=2517652018912&frm=8&ife=1&pv=2&ga_vid=16333101.1669508241&ga_sid=1669508241&ga_hid=734576642&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C44777948&oid=2&pvsid=663942046339342&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9lkqnh48ukqw&fsb=1&dtd=890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DC78
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508239812&bpp=12&bdt=429&idt=873&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=2517652018912&frm=8&ife=1&pv=2&ga_vid=16333101.1669508241&ga_sid=1669508241&ga_hid=734576642&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C44777948&oid=2&pvsid=663942046339342&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9lkqnh48ukqw&fsb=1&dtd=890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 00:17:21 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5982
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KskAAMutYKaFoMAAUc-OEJVIYCD-hUXv-XDA&u=%7CFs1poHeYXnNSnyvBoXZeBzP7eUYNyH83FXIpLbDc%2B3A%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq5Qb0gtGZhQ2pHyeuyEFKL6Ens0VSz_bcoXWE8W2yLppNDaQnxtdpAclXWLNu7f467qlgc0ydUT0ffGPqUYV_0PZTv5XE59ZAdVW9PCNcYs-OCuL1SGr2k2AyCOty8a4R42rwY0XwkEVp9R0-uMtAIQ048MHKGIc6Yv7OWKBZWU99gOa1FSJD8BBEMkmBBnT_skOIDTbiQOmWH4EH9ly1aTeFdVXnVR_PFR3zw5MpLgpqM_9KC-KwlpafCyXyeDP1LhWTT1fxpTpQQCIlRz6HgfrG66N_rxmopsNLNzRKyQZVlQRuUQlF987X9qe7YczOWFvC5Pl6j9yOcK7BUgvyh97RqZEiQ5ZUfRe-yVtc4AExFqlSK4jfmxBDqzBVMsNU6gE8C7WmN99qynl6c2syTGTSmHoDYttzyWDlqwgH1x5WBSaq6Hu1lDwjVBgGuDHTDuLIElMDXF0ZsU2yG2mTFCBKjJAF5rhWR9DudJMYP8TiwS5NLvv15_LT3yjrLhQxAkX8KA_Dcaio2TLrQzw59J2PJhbVRw9JME9C90SLjgx5Kx0jE2P_0SdhsPssha-Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJojxkKyCY9b1Moy0oQP4uZT4BJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAubyxXG4pqY-qAMBqgS6AU_QFj5hfgD7Zv26WRVrL-V6Bg8fiLtxkMK_NGJPTg_tA1ubdGH1cjdx8LTi9bZltK-cQnIuZ_uZLfoeHpwL9ac2-ZQA9nIwWI0BlqXkk04zWfIkK3SmouThs6-yP4zPmfA8m1vScH2S6DgLqYbGoucUWaXSNSJA-YfPlL1lVGZH5NrMUquMnlFOBq09pB91axtLhh3c1t04FAvnU9BMnfYnkqD1pSMU-xojQ2Ro0jbkTt4yq4QZLrl_jYAGtdv8ssvQgeppoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0OMAcICOsjaWQS4dUdsheQRDdeGQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 22 Nov 2023 00:17:21 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5982
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KskAAMutYKaFoMAAUc-OEJVIYCD-hUXv-XDA&u=%7CFs1poHeYXnNSnyvBoXZeBzP7eUYNyH83FXIpLbDc%2B3A%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq5Qb0gtGZhQ2pHyeuyEFKL6Ens0VSz_bcoXWE8W2yLppNDaQnxtdpAclXWLNu7f467qlgc0ydUT0ffGPqUYV_0PZTv5XE59ZAdVW9PCNcYs-OCuL1SGr2k2AyCOty8a4R42rwY0XwkEVp9R0-uMtAIQ048MHKGIc6Yv7OWKBZWU99gOa1FSJD8BBEMkmBBnT_skOIDTbiQOmWH4EH9ly1aTeFdVXnVR_PFR3zw5MpLgpqM_9KC-KwlpafCyXyeDP1LhWTT1fxpTpQQCIlRz6HgfrG66N_rxmopsNLNzRKyQZVlQRuUQlF987X9qe7YczOWFvC5Pl6j9yOcK7BUgvyh97RqZEiQ5ZUfRe-yVtc4AExFqlSK4jfmxBDqzBVMsNU6gE8C7WmN99qynl6c2syTGTSmHoDYttzyWDlqwgH1x5WBSaq6Hu1lDwjVBgGuDHTDuLIElMDXF0ZsU2yG2mTFCBKjJAF5rhWR9DudJMYP8TiwS5NLvv15_LT3yjrLhQxAkX8KA_Dcaio2TLrQzw59J2PJhbVRw9JME9C90SLjgx5Kx0jE2P_0SdhsPssha-Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJojxkKyCY9b1Moy0oQP4uZT4BJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAubyxXG4pqY-qAMBqgS6AU_QFj5hfgD7Zv26WRVrL-V6Bg8fiLtxkMK_NGJPTg_tA1ubdGH1cjdx8LTi9bZltK-cQnIuZ_uZLfoeHpwL9ac2-ZQA9nIwWI0BlqXkk04zWfIkK3SmouThs6-yP4zPmfA8m1vScH2S6DgLqYbGoucUWaXSNSJA-YfPlL1lVGZH5NrMUquMnlFOBq09pB91axtLhh3c1t04FAvnU9BMnfYnkqD1pSMU-xojQ2Ro0jbkTt4yq4QZLrl_jYAGtdv8ssvQgeppoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0OMAcICOsjaWQS4dUdsheQRDdeGQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 22 Nov 2023 00:17:21 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5982
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KskAAMutYKaFoMAAUc-OEJVIYCD-hUXv-XDA&u=%7CFs1poHeYXnNSnyvBoXZeBzP7eUYNyH83FXIpLbDc%2B3A%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq5Qb0gtGZhQ2pHyeuyEFKL6Ens0VSz_bcoXWE8W2yLppNDaQnxtdpAclXWLNu7f467qlgc0ydUT0ffGPqUYV_0PZTv5XE59ZAdVW9PCNcYs-OCuL1SGr2k2AyCOty8a4R42rwY0XwkEVp9R0-uMtAIQ048MHKGIc6Yv7OWKBZWU99gOa1FSJD8BBEMkmBBnT_skOIDTbiQOmWH4EH9ly1aTeFdVXnVR_PFR3zw5MpLgpqM_9KC-KwlpafCyXyeDP1LhWTT1fxpTpQQCIlRz6HgfrG66N_rxmopsNLNzRKyQZVlQRuUQlF987X9qe7YczOWFvC5Pl6j9yOcK7BUgvyh97RqZEiQ5ZUfRe-yVtc4AExFqlSK4jfmxBDqzBVMsNU6gE8C7WmN99qynl6c2syTGTSmHoDYttzyWDlqwgH1x5WBSaq6Hu1lDwjVBgGuDHTDuLIElMDXF0ZsU2yG2mTFCBKjJAF5rhWR9DudJMYP8TiwS5NLvv15_LT3yjrLhQxAkX8KA_Dcaio2TLrQzw59J2PJhbVRw9JME9C90SLjgx5Kx0jE2P_0SdhsPssha-Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJojxkKyCY9b1Moy0oQP4uZT4BJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAubyxXG4pqY-qAMBqgS6AU_QFj5hfgD7Zv26WRVrL-V6Bg8fiLtxkMK_NGJPTg_tA1ubdGH1cjdx8LTi9bZltK-cQnIuZ_uZLfoeHpwL9ac2-ZQA9nIwWI0BlqXkk04zWfIkK3SmouThs6-yP4zPmfA8m1vScH2S6DgLqYbGoucUWaXSNSJA-YfPlL1lVGZH5NrMUquMnlFOBq09pB91axtLhh3c1t04FAvnU9BMnfYnkqD1pSMU-xojQ2Ro0jbkTt4yq4QZLrl_jYAGtdv8ssvQgeppoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0OMAcICOsjaWQS4dUdsheQRDdeGQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 22 Nov 2023 00:17:21 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5982
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KskAAMutYKaFoMAAUc-OEJVIYCD-hUXv-XDA&u=%7CFs1poHeYXnNSnyvBoXZeBzP7eUYNyH83FXIpLbDc%2B3A%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq5Qb0gtGZhQ2pHyeuyEFKL6Ens0VSz_bcoXWE8W2yLppNDaQnxtdpAclXWLNu7f467qlgc0ydUT0ffGPqUYV_0PZTv5XE59ZAdVW9PCNcYs-OCuL1SGr2k2AyCOty8a4R42rwY0XwkEVp9R0-uMtAIQ048MHKGIc6Yv7OWKBZWU99gOa1FSJD8BBEMkmBBnT_skOIDTbiQOmWH4EH9ly1aTeFdVXnVR_PFR3zw5MpLgpqM_9KC-KwlpafCyXyeDP1LhWTT1fxpTpQQCIlRz6HgfrG66N_rxmopsNLNzRKyQZVlQRuUQlF987X9qe7YczOWFvC5Pl6j9yOcK7BUgvyh97RqZEiQ5ZUfRe-yVtc4AExFqlSK4jfmxBDqzBVMsNU6gE8C7WmN99qynl6c2syTGTSmHoDYttzyWDlqwgH1x5WBSaq6Hu1lDwjVBgGuDHTDuLIElMDXF0ZsU2yG2mTFCBKjJAF5rhWR9DudJMYP8TiwS5NLvv15_LT3yjrLhQxAkX8KA_Dcaio2TLrQzw59J2PJhbVRw9JME9C90SLjgx5Kx0jE2P_0SdhsPssha-Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJojxkKyCY9b1Moy0oQP4uZT4BJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAubyxXG4pqY-qAMBqgS6AU_QFj5hfgD7Zv26WRVrL-V6Bg8fiLtxkMK_NGJPTg_tA1ubdGH1cjdx8LTi9bZltK-cQnIuZ_uZLfoeHpwL9ac2-ZQA9nIwWI0BlqXkk04zWfIkK3SmouThs6-yP4zPmfA8m1vScH2S6DgLqYbGoucUWaXSNSJA-YfPlL1lVGZH5NrMUquMnlFOBq09pB91axtLhh3c1t04FAvnU9BMnfYnkqD1pSMU-xojQ2Ro0jbkTt4yq4QZLrl_jYAGtdv8ssvQgeppoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0OMAcICOsjaWQS4dUdsheQRDdeGQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 22 Nov 2023 00:17:21 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 5982
43 B
347 B
Image
General
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=EE0pjpA-zNi4AqeVUC89WNVQeKzWeYsVKl7Bpw204PD5zBoAT4udDHi1GtjEL8QUBC7cYkE1sNqCx8eLjh9VZ7n6gnpEgYgEepWLkKjNv9knRMBRvibWXNuUvg_6cpGnf3JWRdqNxOxx60nmi-TWPZCDkU4oOYMomxZTbnLbnbN8y8iD1i1VwOcku7QEMe-yPfdcyjA8uGk14M0N6fpFrUagqPlEaXf7RdIeN5kIWKCKpWYD1D3_aL_8aFuovPz3zwhX_yjh-IPSW0Sh6vQUguw46tVDyGeBys_SNW2PvydF2XWd3BgEAyumXEVSGrlPwWM69Ko5EtUb1Z6ODkZqF6qQtxe_5xKjFyCUYtxOOru-IzW5yHsg9I5Qzk4fYDz3wnAo12U--RIV7DjmS74cw2UTpbQmVatrnih5gB_eM5Bnhh6GKf_yGE54N6_V7VqGJwh5WQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KskAAMutYKaFoMAAUc-OEJVIYCD-hUXv-XDA&u=%7CFs1poHeYXnNSnyvBoXZeBzP7eUYNyH83FXIpLbDc%2B3A%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq5Qb0gtGZhQ2pHyeuyEFKL6Ens0VSz_bcoXWE8W2yLppNDaQnxtdpAclXWLNu7f467qlgc0ydUT0ffGPqUYV_0PZTv5XE59ZAdVW9PCNcYs-OCuL1SGr2k2AyCOty8a4R42rwY0XwkEVp9R0-uMtAIQ048MHKGIc6Yv7OWKBZWU99gOa1FSJD8BBEMkmBBnT_skOIDTbiQOmWH4EH9ly1aTeFdVXnVR_PFR3zw5MpLgpqM_9KC-KwlpafCyXyeDP1LhWTT1fxpTpQQCIlRz6HgfrG66N_rxmopsNLNzRKyQZVlQRuUQlF987X9qe7YczOWFvC5Pl6j9yOcK7BUgvyh97RqZEiQ5ZUfRe-yVtc4AExFqlSK4jfmxBDqzBVMsNU6gE8C7WmN99qynl6c2syTGTSmHoDYttzyWDlqwgH1x5WBSaq6Hu1lDwjVBgGuDHTDuLIElMDXF0ZsU2yG2mTFCBKjJAF5rhWR9DudJMYP8TiwS5NLvv15_LT3yjrLhQxAkX8KA_Dcaio2TLrQzw59J2PJhbVRw9JME9C90SLjgx5Kx0jE2P_0SdhsPssha-Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJojxkKyCY9b1Moy0oQP4uZT4BJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAubyxXG4pqY-qAMBqgS6AU_QFj5hfgD7Zv26WRVrL-V6Bg8fiLtxkMK_NGJPTg_tA1ubdGH1cjdx8LTi9bZltK-cQnIuZ_uZLfoeHpwL9ac2-ZQA9nIwWI0BlqXkk04zWfIkK3SmouThs6-yP4zPmfA8m1vScH2S6DgLqYbGoucUWaXSNSJA-YfPlL1lVGZH5NrMUquMnlFOBq09pB91axtLhh3c1t04FAvnU9BMnfYnkqD1pSMU-xojQ2Ro0jbkTt4yq4QZLrl_jYAGtdv8ssvQgeppoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0OMAcICOsjaWQS4dUdsheQRDdeGQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3058976
expires
Mon, 26 Jul 1997 05:00:00 GMT
visit.jpg
tps.doubleverify.com/ Frame 5982
0
157 B
Image
General
Full URL
https://tps.doubleverify.com/visit.jpg?ctx=23716808&cmp=192271&sid=3129&plc=6795137&adsrv=29&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&gdpr=0&
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KskAAMutYKaFoMAAUc-OEJVIYCD-hUXv-XDA&u=%7CFs1poHeYXnNSnyvBoXZeBzP7eUYNyH83FXIpLbDc%2B3A%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq5Qb0gtGZhQ2pHyeuyEFKL6Ens0VSz_bcoXWE8W2yLppNDaQnxtdpAclXWLNu7f467qlgc0ydUT0ffGPqUYV_0PZTv5XE59ZAdVW9PCNcYs-OCuL1SGr2k2AyCOty8a4R42rwY0XwkEVp9R0-uMtAIQ048MHKGIc6Yv7OWKBZWU99gOa1FSJD8BBEMkmBBnT_skOIDTbiQOmWH4EH9ly1aTeFdVXnVR_PFR3zw5MpLgpqM_9KC-KwlpafCyXyeDP1LhWTT1fxpTpQQCIlRz6HgfrG66N_rxmopsNLNzRKyQZVlQRuUQlF987X9qe7YczOWFvC5Pl6j9yOcK7BUgvyh97RqZEiQ5ZUfRe-yVtc4AExFqlSK4jfmxBDqzBVMsNU6gE8C7WmN99qynl6c2syTGTSmHoDYttzyWDlqwgH1x5WBSaq6Hu1lDwjVBgGuDHTDuLIElMDXF0ZsU2yG2mTFCBKjJAF5rhWR9DudJMYP8TiwS5NLvv15_LT3yjrLhQxAkX8KA_Dcaio2TLrQzw59J2PJhbVRw9JME9C90SLjgx5Kx0jE2P_0SdhsPssha-Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJojxkKyCY9b1Moy0oQP4uZT4BJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAubyxXG4pqY-qAMBqgS6AU_QFj5hfgD7Zv26WRVrL-V6Bg8fiLtxkMK_NGJPTg_tA1ubdGH1cjdx8LTi9bZltK-cQnIuZ_uZLfoeHpwL9ac2-ZQA9nIwWI0BlqXkk04zWfIkK3SmouThs6-yP4zPmfA8m1vScH2S6DgLqYbGoucUWaXSNSJA-YfPlL1lVGZH5NrMUquMnlFOBq09pB91axtLhh3c1t04FAvnU9BMnfYnkqD1pSMU-xojQ2Ro0jbkTt4yq4QZLrl_jYAGtdv8ssvQgeppoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0OMAcICOsjaWQS4dUdsheQRDdeGQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:21 GMT
Cache-Control
max-age=0
Connection
close
Expires
11/26/2022 00:17:21
index.html
static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/ Frame DEEF
63 KB
20 KB
Document
General
Full URL
https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/index.html
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KskAAMutYKaFoMAAUc-OEJVIYCD-hUXv-XDA&u=%7CFs1poHeYXnNSnyvBoXZeBzP7eUYNyH83FXIpLbDc%2B3A%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq5Qb0gtGZhQ2pHyeuyEFKL6Ens0VSz_bcoXWE8W2yLppNDaQnxtdpAclXWLNu7f467qlgc0ydUT0ffGPqUYV_0PZTv5XE59ZAdVW9PCNcYs-OCuL1SGr2k2AyCOty8a4R42rwY0XwkEVp9R0-uMtAIQ048MHKGIc6Yv7OWKBZWU99gOa1FSJD8BBEMkmBBnT_skOIDTbiQOmWH4EH9ly1aTeFdVXnVR_PFR3zw5MpLgpqM_9KC-KwlpafCyXyeDP1LhWTT1fxpTpQQCIlRz6HgfrG66N_rxmopsNLNzRKyQZVlQRuUQlF987X9qe7YczOWFvC5Pl6j9yOcK7BUgvyh97RqZEiQ5ZUfRe-yVtc4AExFqlSK4jfmxBDqzBVMsNU6gE8C7WmN99qynl6c2syTGTSmHoDYttzyWDlqwgH1x5WBSaq6Hu1lDwjVBgGuDHTDuLIElMDXF0ZsU2yG2mTFCBKjJAF5rhWR9DudJMYP8TiwS5NLvv15_LT3yjrLhQxAkX8KA_Dcaio2TLrQzw59J2PJhbVRw9JME9C90SLjgx5Kx0jE2P_0SdhsPssha-Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJojxkKyCY9b1Moy0oQP4uZT4BJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAubyxXG4pqY-qAMBqgS6AU_QFj5hfgD7Zv26WRVrL-V6Bg8fiLtxkMK_NGJPTg_tA1ubdGH1cjdx8LTi9bZltK-cQnIuZ_uZLfoeHpwL9ac2-ZQA9nIwWI0BlqXkk04zWfIkK3SmouThs6-yP4zPmfA8m1vScH2S6DgLqYbGoucUWaXSNSJA-YfPlL1lVGZH5NrMUquMnlFOBq09pB91axtLhh3c1t04FAvnU9BMnfYnkqD1pSMU-xojQ2Ro0jbkTt4yq4QZLrl_jYAGtdv8ssvQgeppoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0OMAcICOsjaWQS4dUdsheQRDdeGQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ff7044fa27e31cb0b9cbcca8afcb17757bdab2e6cdf225559d87ea5dfda369b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:21 GMT
etag
W/"632bf2eb-fd81"
expires
Wed, 22 Nov 2023 00:17:21 GMT
last-modified
Thu, 22 Sep 2022 05:30:19 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixel
cm.g.doubleclick.net/ Frame 8A81
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECtYGHc_6IHYsI20YiLFk60&google_cver=1&google_push=ASkJ3FaA0OlIJXU0KgbYp5PvVUUhxAClmmhyZ2U2-0Xmlp-Yn4M-bAGcEAXhMPzMesfvjVRpkeTOsakupg3HmCXQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaA0OlIJXU0KgbYp5PvVUUhxAClmmhyZ2U2-0Xmlp-Yn4M-bAGcEAXhMPzMesfvjVRpkeTOsakupg3HmCXQHP9YaZdubkBoo305W9aATi7DVrJ-pJ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaA0OlIJXU0KgbYp5PvVUUhxAClmmhyZ2U2-0Xmlp-Yn4M-bAGcEAXhMPzMesfvjVRpkeTOsakupg3HmCXQHP9YaZdubkBoo305W9aATi7DVrJ-pJgPAJgEhSuuLXgwEs9fUEVR2enKK41FdX75FLU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508239812&bpp=12&bdt=429&idt=873&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=2517652018912&frm=8&ife=1&pv=2&ga_vid=16333101.1669508241&ga_sid=1669508241&ga_hid=734576642&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C44777948&oid=2&pvsid=663942046339342&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9lkqnh48ukqw&fsb=1&dtd=890
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 27 Nov 2022 00:17:22 GMT
Server
MT3 169 32252b7 master hkg-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaA0OlIJXU0KgbYp5PvVUUhxAClmmhyZ2U2-0Xmlp-Yn4M-bAGcEAXhMPzMesfvjVRpkeTOsakupg3HmCXQHP9YaZdubkBoo305W9aATi7DVrJ-pJgPAJgEhSuuLXgwEs9fUEVR2enKK41FdX75FLU
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 27 Nov 2022 00:17:21 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 8A81
0
172 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEInWfTGwXEmipSHJKZ3gwV8&google_cver=1&google_push=ASkJ3FYlUfJ9SgKYNTro6tq_1OibjOZ-ejNtKcT4OcbpaFXy5YEsX6DTGr-_Ns7yLm6eJrkMqy_zbpTJsAcc-4S_nB9hIGXGuRa4yu5RXYONvCcZEs26X1L7sullvjbsnSn1GIcAEYspOJCFHZU86hSQYyM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508239812&bpp=12&bdt=429&idt=873&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=2517652018912&frm=8&ife=1&pv=2&ga_vid=16333101.1669508241&ga_sid=1669508241&ga_hid=734576642&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C44777948&oid=2&pvsid=663942046339342&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9lkqnh48ukqw&fsb=1&dtd=890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 8A81
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOx08EgLItsFKYD4ctIZHH8&google_cver=1&google_push=ASkJ3FbIfZaNVrdMLOx6ElSp1_gy2p6cbigzeZRz64cpuz-0ELmxdu3b4d9JUEVV_uGxCOFmIM0opdJxZkeKkvqyt2ZX...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOx08EgLItsFKYD4ctIZHH8&google_cver=1&google_push=ASkJ3FbIfZaNVrdMLOx6ElSp1_gy2p6cbigzeZRz64cpuz-0ELmxdu3b4d9JUEVV_uGxCOFmIM0opdJxZkeKkv...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbIfZaNVrdMLOx6ElSp1_gy2p6cbigzeZRz64cpuz-0ELmxdu3b4d9JUEVV_uGxCOFmIM0opdJxZkeKkvqyt2ZXNYds5RHhA21Ac0YXKphQdc37HM2v5c5OJzzspdLyHz...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbIfZaNVrdMLOx6ElSp1_gy2p6cbigzeZRz64cpuz-0ELmxdu3b4d9JUEVV_uGxCOFmIM0opdJxZkeKkvqyt2ZXNYds5RHhA21Ac0YXKphQdc37HM2v5c5OJzzspdLyHzurFXql7ssD7lRipfWluc4&google_hm=dmp4glmXSE2v0J9xCFmQMg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FbIfZaNVrdMLOx6ElSp1_gy2p6cbigzeZRz64cpuz-0ELmxdu3b4d9JUEVV_uGxCOFmIM0opdJxZkeKkvqyt2ZXNYds5RHhA21Ac0YXKphQdc37HM2v5c5OJzzspdLyHzurFXql7ssD7lRipfWluc4&google_hm=dmp4glmXSE2v0J9xCFmQMg==
Date
Sun, 27 Nov 2022 00:17:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8A81
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN1hL2FgaCQYh9ralHjbiRY&google_cver=1&google_push=ASkJ3FY2Bj6bejcPh3X93rbdBGvWiOFUY-aijiaNCBMXpyxqhAWwsCXS8MZN53WKULrD8-R-HTF4cCNy...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN1hL2FgaCQYh9ralHjbiRY&google_cver=1&google_push=ASkJ3FY2Bj6bejcPh3X93rbdBGvWiOFUY-aijiaNCBMXpyxqhAWwsCXS8MZN53WKULrD8-R-HTF...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIwODc3NjY2ODExMjA5MDA0NA&google_push=ASkJ3FY2Bj6bejcPh3X93rbdBGvWiOFUY-aijiaNCBMXpyxqhAWwsCXS8MZN53WKULrD8-R-HTF4cC...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIwODc3NjY2ODExMjA5MDA0NA&google_push=ASkJ3FY2Bj6bejcPh3X93rbdBGvWiOFUY-aijiaNCBMXpyxqhAWwsCXS8MZN53WKULrD8-R-HTF4cCNyHRvJ-VZfdPocS8TkSH8JwVaCYqOpqXQ68mDokZySjUfkE0FAO0TDXZ7Kp7_HNjAjO2Rincroqg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIwODc3NjY2ODExMjA5MDA0NA&google_push=ASkJ3FY2Bj6bejcPh3X93rbdBGvWiOFUY-aijiaNCBMXpyxqhAWwsCXS8MZN53WKULrD8-R-HTF4cCNyHRvJ-VZfdPocS8TkSH8JwVaCYqOpqXQ68mDokZySjUfkE0FAO0TDXZ7Kp7_HNjAjO2Rincroqg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 8A81
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDRG44y_20IXy_kjl1h2i_U&google_cver=1&google_push=ASkJ3FZUXkXcj3iZ8nyQwwh6P5zWVVBfCyVo4iz3XHmkPjg626XwKyyn9Gny5sqa-RVdTicQx9IGGKj-JxlSIrl...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dKsCa37UT3F9I8wiSYczX3RaStA&google_push=ASkJ3FZUXkXcj3iZ8nyQwwh6P5zWVVBfCyVo4iz3XHmkPjg626XwKyyn9Gny5sqa-RVdTicQx9IGGKj-JxlSIr...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dKsCa37UT3F9I8wiSYczX3RaStA&google_push=ASkJ3FZUXkXcj3iZ8nyQwwh6P5zWVVBfCyVo4iz3XHmkPjg626XwKyyn9Gny5sqa-RVdTicQx9IGGKj-JxlSIrlICZA2Hfbw08p3LIPMNZkJPfG7MH5VXC7wTe-ROSz8iOR3ZKFFIVTdrXAApyvLLZV__ZQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dKsCa37UT3F9I8wiSYczX3RaStA&google_push=ASkJ3FZUXkXcj3iZ8nyQwwh6P5zWVVBfCyVo4iz3XHmkPjg626XwKyyn9Gny5sqa-RVdTicQx9IGGKj-JxlSIrlICZA2Hfbw08p3LIPMNZkJPfG7MH5VXC7wTe-ROSz8iOR3ZKFFIVTdrXAApyvLLZV__ZQ
Date
Sun, 27 Nov 2022 00:17:22 GMT
Connection
keep-alive
Content-Length
297
Content-Type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 8A81
0
69 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JD5f0ppDIVwTGwFnrpGACrXvDdSVn5Q6gfL4OJ_fjgKLPsROfN8XSyrco
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508239812&bpp=12&bdt=429&idt=873&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=2517652018912&frm=8&ife=1&pv=2&ga_vid=16333101.1669508241&ga_sid=1669508241&ga_hid=734576642&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770881%2C44777948&oid=2&pvsid=663942046339342&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9lkqnh48ukqw&fsb=1&dtd=890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame DC78
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a315744dee77b28d2b8812cc3c78ddcbf3674ad0e42a323db2f0d08e1a6cec74

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
all
csm.as.criteo.net/ Frame 5982
0
127 B
Ping
General
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=k6sxBrhV71u6x5MI2cK--ZHGO5e5Tp9sR4-zWx11y2KezKWtdyB3mJRLeo1_3NCfPhhMkLk9g2TkQjt4fXjWqjyONHk7TNWhILokmkMKiUdovuvV4JI4jDRewdLiEpk7-1vSIvazvDf9T7EmfYt5qKARNLr83a_1c70RspBy0HRwuwKdE7piUrapvK7dySNX8hVWH0yQeuntj1sFDpxkEzFGEOXGRNx9c6ktF8fIAtWd22_3FTiUG6e-hYpKPK9s-9ct02vG2jhXFFya&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KskAAMutYKaFoMAAUc-OEJVIYCD-hUXv-XDA&u=%7CFs1poHeYXnNSnyvBoXZeBzP7eUYNyH83FXIpLbDc%2B3A%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq5Qb0gtGZhQ2pHyeuyEFKL6Ens0VSz_bcoXWE8W2yLppNDaQnxtdpAclXWLNu7f467qlgc0ydUT0ffGPqUYV_0PZTv5XE59ZAdVW9PCNcYs-OCuL1SGr2k2AyCOty8a4R42rwY0XwkEVp9R0-uMtAIQ048MHKGIc6Yv7OWKBZWU99gOa1FSJD8BBEMkmBBnT_skOIDTbiQOmWH4EH9ly1aTeFdVXnVR_PFR3zw5MpLgpqM_9KC-KwlpafCyXyeDP1LhWTT1fxpTpQQCIlRz6HgfrG66N_rxmopsNLNzRKyQZVlQRuUQlF987X9qe7YczOWFvC5Pl6j9yOcK7BUgvyh97RqZEiQ5ZUfRe-yVtc4AExFqlSK4jfmxBDqzBVMsNU6gE8C7WmN99qynl6c2syTGTSmHoDYttzyWDlqwgH1x5WBSaq6Hu1lDwjVBgGuDHTDuLIElMDXF0ZsU2yG2mTFCBKjJAF5rhWR9DudJMYP8TiwS5NLvv15_LT3yjrLhQxAkX8KA_Dcaio2TLrQzw59J2PJhbVRw9JME9C90SLjgx5Kx0jE2P_0SdhsPssha-Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJojxkKyCY9b1Moy0oQP4uZT4BJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAubyxXG4pqY-qAMBqgS6AU_QFj5hfgD7Zv26WRVrL-V6Bg8fiLtxkMK_NGJPTg_tA1ubdGH1cjdx8LTi9bZltK-cQnIuZ_uZLfoeHpwL9ac2-ZQA9nIwWI0BlqXkk04zWfIkK3SmouThs6-yP4zPmfA8m1vScH2S6DgLqYbGoucUWaXSNSJA-YfPlL1lVGZH5NrMUquMnlFOBq09pB91axtLhh3c1t04FAvnU9BMnfYnkqD1pSMU-xojQ2Ro0jbkTt4yq4QZLrl_jYAGtdv8ssvQgeppoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0OMAcICOsjaWQS4dUdsheQRDdeGQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 27 Nov 2022 00:17:21 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5982
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KskAAMutYKaFoMAAUc-OEJVIYCD-hUXv-XDA&u=%7CFs1poHeYXnNSnyvBoXZeBzP7eUYNyH83FXIpLbDc%2B3A%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq5Qb0gtGZhQ2pHyeuyEFKL6Ens0VSz_bcoXWE8W2yLppNDaQnxtdpAclXWLNu7f467qlgc0ydUT0ffGPqUYV_0PZTv5XE59ZAdVW9PCNcYs-OCuL1SGr2k2AyCOty8a4R42rwY0XwkEVp9R0-uMtAIQ048MHKGIc6Yv7OWKBZWU99gOa1FSJD8BBEMkmBBnT_skOIDTbiQOmWH4EH9ly1aTeFdVXnVR_PFR3zw5MpLgpqM_9KC-KwlpafCyXyeDP1LhWTT1fxpTpQQCIlRz6HgfrG66N_rxmopsNLNzRKyQZVlQRuUQlF987X9qe7YczOWFvC5Pl6j9yOcK7BUgvyh97RqZEiQ5ZUfRe-yVtc4AExFqlSK4jfmxBDqzBVMsNU6gE8C7WmN99qynl6c2syTGTSmHoDYttzyWDlqwgH1x5WBSaq6Hu1lDwjVBgGuDHTDuLIElMDXF0ZsU2yG2mTFCBKjJAF5rhWR9DudJMYP8TiwS5NLvv15_LT3yjrLhQxAkX8KA_Dcaio2TLrQzw59J2PJhbVRw9JME9C90SLjgx5Kx0jE2P_0SdhsPssha-Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJojxkKyCY9b1Moy0oQP4uZT4BJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAubyxXG4pqY-qAMBqgS6AU_QFj5hfgD7Zv26WRVrL-V6Bg8fiLtxkMK_NGJPTg_tA1ubdGH1cjdx8LTi9bZltK-cQnIuZ_uZLfoeHpwL9ac2-ZQA9nIwWI0BlqXkk04zWfIkK3SmouThs6-yP4zPmfA8m1vScH2S6DgLqYbGoucUWaXSNSJA-YfPlL1lVGZH5NrMUquMnlFOBq09pB91axtLhh3c1t04FAvnU9BMnfYnkqD1pSMU-xojQ2Ro0jbkTt4yq4QZLrl_jYAGtdv8ssvQgeppoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0OMAcICOsjaWQS4dUdsheQRDdeGQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 22 Nov 2023 00:17:21 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5982
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KskAAMutYKaFoMAAUc-OEJVIYCD-hUXv-XDA&u=%7CFs1poHeYXnNSnyvBoXZeBzP7eUYNyH83FXIpLbDc%2B3A%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq5Qb0gtGZhQ2pHyeuyEFKL6Ens0VSz_bcoXWE8W2yLppNDaQnxtdpAclXWLNu7f467qlgc0ydUT0ffGPqUYV_0PZTv5XE59ZAdVW9PCNcYs-OCuL1SGr2k2AyCOty8a4R42rwY0XwkEVp9R0-uMtAIQ048MHKGIc6Yv7OWKBZWU99gOa1FSJD8BBEMkmBBnT_skOIDTbiQOmWH4EH9ly1aTeFdVXnVR_PFR3zw5MpLgpqM_9KC-KwlpafCyXyeDP1LhWTT1fxpTpQQCIlRz6HgfrG66N_rxmopsNLNzRKyQZVlQRuUQlF987X9qe7YczOWFvC5Pl6j9yOcK7BUgvyh97RqZEiQ5ZUfRe-yVtc4AExFqlSK4jfmxBDqzBVMsNU6gE8C7WmN99qynl6c2syTGTSmHoDYttzyWDlqwgH1x5WBSaq6Hu1lDwjVBgGuDHTDuLIElMDXF0ZsU2yG2mTFCBKjJAF5rhWR9DudJMYP8TiwS5NLvv15_LT3yjrLhQxAkX8KA_Dcaio2TLrQzw59J2PJhbVRw9JME9C90SLjgx5Kx0jE2P_0SdhsPssha-Mw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJojxkKyCY9b1Moy0oQP4uZT4BJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAubyxXG4pqY-qAMBqgS6AU_QFj5hfgD7Zv26WRVrL-V6Bg8fiLtxkMK_NGJPTg_tA1ubdGH1cjdx8LTi9bZltK-cQnIuZ_uZLfoeHpwL9ac2-ZQA9nIwWI0BlqXkk04zWfIkK3SmouThs6-yP4zPmfA8m1vScH2S6DgLqYbGoucUWaXSNSJA-YfPlL1lVGZH5NrMUquMnlFOBq09pB91axtLhh3c1t04FAvnU9BMnfYnkqD1pSMU-xojQ2Ro0jbkTt4yq4QZLrl_jYAGtdv8ssvQgeppoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0OMAcICOsjaWQS4dUdsheQRDdeGQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 22 Nov 2023 00:17:21 GMT
p1.jpg
static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/ Frame 5CEA
53 KB
54 KB
Image
General
Full URL
https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/p1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4KsjgAEJcYKaLdHAAqBrRphmxOFm_xd3Hr5cQ&u=%7CsVDH2n4wXk7oOHfjfEw691mPmKT5a2CbU%2BLFo7ydk8I%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq45pcnQGbwcA40gFrmziGccKeRh2FSn1fnGw2LGgXmJKy08EwpFcFEvDV2zG4rgF-ys_1g6mSAyjrba6mZ8f8BH7mvFNLvNN6yzKGSb9uNqX_vvGMprBn4T3jI75xBaMHOe0S95AM7lmZ8Jlc724VwLyTB8kiLMjix4g7UPYHrOZzfO1N1wxTzjPXTkaFIVKaoVLfLV-zgUqtm3MiVHKsrOZdvuM4d94cpg3dKdnz6gs6vnF-dQcOheFaQT5LTtRhWMCnUNthBnlQQtCnp5BYC5FAWboNCyB_XZSVRcS7bjcnAds63UxCqDj4uIwvQhdhwyYMLHzYkDwakODpFkuwDWZRkYgKjQuKMlSvwUqXGFcotT9pptqU6jKPCDzpHtBpD3V-bA_GdPCgQESL3O6H7PW1Eedc2YSePu2jCiBwcGM2BD7tJCFYAu6fsalnL9oILY2odUTV3CoMlCHTpnpVvYu2mJQwuMFh6e8oFUjj5qLhR-Ow8tNghwOK0D-MdV6kzMz-exLOUucB_UYhFFXigUIGZdqLGZWF5Zsgo_YJzN1LMB6hhdsbumxYrPUq08UPr3oHT8Cr2jP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUw4_jqyCY8bLEMfuogOtgyqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLm8sVxuKamPqgDAaoEngJP0KmYYf7EpLBhlKggILHnu6KnRzmhiQmXLjG237OoEajsgEz0lFl_0ZzEg68ZTFhjemw9CLNE6fuYhxX5dgHKTeBjLefSoUeEICrWZFmCC7pZ43XDEEQHfcEeV-X9GROW8xKijsqLcvhIeQouzITF8XQqOdlXNsghIIFbGH8C49_SvGPN3j4ZDUZ83KEu0rJxrtq8svOxdmqLtEKZpUDi4LBnyBp40DKosrBOFJOOfBdeUvg4o0y_sU7b8f1swDmKPEEnahI6VLL5t5YpyADkEB3dJj6A8rb0wAmEkm37rf1vmgao_erqDPXKSPFrjcxEF52gx-HB7FEiUQARCuR-ov18EBvjj2TDOhfSv11jkMuAvXsRQL580NC1AfRGgAa12_yyy9CB6mmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ED5_Fc1J3NCq83Z1OEKRzCzhHUQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
c9d39b0c6fd30f79e7feea1a01d35fbfdeeeeeda6a7b33a2f2f26375b9aa5d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 22 Sep 2022 05:30:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"632bf2eb-d4a7"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
54439
expires
Wed, 22 Nov 2023 00:17:21 GMT
Enabler.js
s0.2mdn.net/ads/studio/ Frame DEEF
136 KB
46 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 27 Nov 2022 00:20:00 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9mLTE2cWluZy1jaGVuLWd1YS1kYW4temhpLXhpbmctemhhbi1iZWktemh1YW4tY2hhbmctYy0xMzB6YWktc29uZy1ob3UtcWluLXJlbi1saS16aHVhbmctYmVpLXJlbi13dS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtYWM1YzFjMGEtYWViYy00ZDUxLTg1N2UtZDQxNDQ2NzgxN2RmIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI2OTI1MGRjYi0wMzQ4LTQ1M2QtOTllMy01ZjY2NjJiYTAyYmMiLCJ0aW1lT2ZBdWN0aW9uIjoxNjY5NTA4MjM4NzI5LCJiaWRzIjpbXSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXX0seyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI2OTI1MGRjYi0wMzQ4LTQ1M2QtOTllMy01ZjY2NjJiYTAyYmMiLCJ0aW1lT2ZBdWN0aW9uIjoxNjY5NTA4MjM4NzI5LCJiaWRzIjpbXSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXX0seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiNjkyNTBkY2ItMDM0OC00NTNkLTk5ZTMtNWY2NjYyYmEwMmJjIiwidGltZU9mQXVjdGlvbiI6MTY2OTUwODIzODcyOSwiYmlkcyI6W3siY3BtIjowLjAxLCJhZElkIjoiNzQzZmMyMDFmYTNiNzJhIiwib3JpZ2luYWxDcG0iOjAuMDEsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NjY0LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY2OTUwODIzOTQyNX1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJpeCIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzQzZmMyMDFmYTNiNzJhIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDAxfV19&c_b=10789.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:21 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.co.nz/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
55 KB
21 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2005740243690629&correlator=2757327178549282&eid=31070116&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-40&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D743fc201fa3b72a%26hb_ap_bidder%3Dix%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D2437ea9eea160579-22b06bd5a7d800ee%3AT%3D1669508238%3ART%3D1669508238%3AS%3DALNI_MYjjqkpZbGWdjfYnIDc3cMG_h2NjA&gpic=UID%3D00000b83db21bcba%3AT%3D1669508238%3ART%3D1669508238%3AS%3DALNI_MaXx_JBAkL2e2dFKiEFQ8NfmnDBjw&arp=1&abxe=1&dt=1669508241761&lmt=1669508241&dlt=1669508232397&idt=6900&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=576298791.1669508242&ga_sid=1669508242&ga_hid=288&ga_fc=false&ga_cid=amp-EK-O7O0gkQfSw33_3wB6fw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
5469d9d2707ec8d436d4100ae5404f4da04178422b84cc3843b0ff676f7762e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21048
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D716
6 KB
3 KB
Document
General
Full URL
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:21 GMT
expires
Mon, 27 Nov 2023 00:17:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 28 Nov 2022 00:17:22 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A67A
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a62b023c816bb56c43ee44e2690797d1ed55490868a0b141e38e445b50dab036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12434
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A67A
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 00:17:22 GMT
pixel;r=1913859735;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html;uh=e51ed67dfb8d9...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1913859735;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-986546504-1669508239278;pbc=a87433c9-c928-4618-83d3-305242b09116;ns=0;ce=1;qjs=1;qv=48c6ea86-20221121114006;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1669508242265;tzo=0;ogl=;ses=8c25f539-f1f5-453d-b29d-80a2404aa803
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:22 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
container.html
094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6182
6 KB
3 KB
Document
General
Full URL
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:22 GMT
expires
Mon, 27 Nov 2023 00:17:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F4D5
6 KB
3 KB
Document
General
Full URL
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:22 GMT
expires
Mon, 27 Nov 2023 00:17:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 97D6
6 KB
3 KB
Document
General
Full URL
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:22 GMT
expires
Mon, 27 Nov 2023 00:17:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/
89 KB
29 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 28 Nov 2022 00:17:23 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4B4C
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
59d05a5388585b1e7bc71cfda944fee6ebe0d77897f23bb3f1c785edae95ab55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12367
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 58A3
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
eb37eefd108395c9e1fdca9dd2b6460d1c0c14a05d391cee21c996ed04a1a67f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12406
x-xss-protection
0
p1.jpg
static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/ Frame DEEF
53 KB
54 KB
Image
General
Full URL
https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/p1.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
c9d39b0c6fd30f79e7feea1a01d35fbfdeeeeeda6a7b33a2f2f26375b9aa5d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://static.criteo.net/html5/97892/20220922_fy22q4_nonpro_savvycomms/sushicat/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:22 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 22 Sep 2022 05:30:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"632bf2eb-d4a7"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
54439
expires
Wed, 22 Nov 2023 00:17:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A16F
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
120257
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Nov 2022 14:53:05 GMT
expires
Sat, 25 Nov 2023 14:53:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 39D2
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
GSE /
Resource Hash
7f44d4de5165f4fd18eabdecd1292b5d5a815e4465f32bb7d3bdfaca895922d3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gBW7TuSMxi-ISMxQ_IL2MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-gBW7TuSMxi-ISMxQ_IL2MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:22 GMT
expires
Sun, 27 Nov 2022 00:17:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 485D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=4330118342677897&bg=!ycqlyo7NAAbvMpMzzzI7ACkAdvg8WgToB0cgBd1sJWjl49l6qlnW97aDiOmSqYrHkXRrVQuolu0dHwIAAABUUgAAAANoAQcKAJUXfKyi7Xxx11DECb-Q6fXrvGlILWBZNDmnTjQxOoLhOcnJ57q9sHEJLDiiAanssx-JRtotuVUqaylPo7fkOmGLQxMSiVTPVEq0ALKqSbfbdZQqoJZgQi2gqJ77IJA7xkhHD1VzVmjYwozOme-JAERxMnDBt6EO9N0gnJWAmxziFN5gLojbbhPmdkvf2wP84J1w77cBE5kCx_62-pslDlTS2KPKFgPETkBJgIUqYAZeWiY-n8iYgn17FjvzxTvJO_G6mUG6g6n6zZmTo0YerN3Ib7DdFBRLdDy8BwbqZeXdcRNq8GVL0znAwrEbeMpkXYODoXNa9lzPNIpAQeSzjqpkrsXq-eho9oOMx5S4N9kzX4OTIXjJfFev17qDy4RxEhp2AE7dh_ALmyrTTUZ2eMyiKs9FtkjKIVhBBGkStl10rH89OvpLCl804oORtiDmQuI02DhMCXC9uKI9GoFTmdOQ4wk7NnRrw1EZs_txuVJnqHwLlMLYR915Yhs4_lNLEqGL-rjUAQmp5iiVdaEpJvC-ZNs8wVGCPgmkeRYbNjQ5Jzh6KOBk9qY8-S69SOsXZoWxFZODhXf3TqsdWRppMipuQUWNuese18zC9fH8_RDjb0lbsC8qbeSQZqXeK1D6OCC2KxKKmikFqkhnUiXye4pVQsWm_7pNXEPeXIihugqlbNajIMmd5IUMSCS8MQfEWf901Q6_ah2ra26waHFZunSGk9Ms0jqX8KPGsThIms6bitFORh80CV-Wbd5B0l4EiGQSNQwixDke5fJORu5tHj7YWFLZrXJ7DmSMpZPlQ7adOBIu5x13RoA_xUtmtP5GiuVxmHoMHFf20Mw-dXtVMTk3IyKueXfGSaEyJzvo-g2pmzTqAHn7KbLn7eDCD3zYDGexpwQ-1oYT1eRYslX5Lfe87L7g2ghc4LHST1DogS5vh-YovT8RMCeFbqH2EA4rutAhekHqqEEOGgPXzDd8qS1xJXZKjawcslSgilLrrGISpQibpgh8W56BgD9X65cM6dvhE688DeKhXtE5-LWz9ZgZMzIS_-99h_fcdp3FgNnazTpFhw1yOAdwMCk_XoE96kpVuvR57-rgxm-jxNsqJ9ajzjJYKU04heTiQuz_UUNuJG1emkUhZQukfUWmB6KZSw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 0F46
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=1703428166661079&bg=!4eKl4qbNAAbvMpMzzzI7ACkAdvg8Wrxnd7tB0T0OxXhsxxLqu_UxJiCB8GulH_X0vIdZYaLbh0co5wIAAABpUgAAAAJoAQcKAJVGdMqYflBphtx6f7khJNBfYBhqMoQwYqrOPWfOKLzw1fB0N19o6xmXCCRvrVQ_nia_lm703KDgmo5ZZ9aTllvzUpxjv83JLVhKtXmO4lksl4368Pt9wUnCxvL7XZaYszp2czmM5M5EB1oYCBedTCP3vr4P7PiBcgXgv6Gt5bEUYdNBgG4wMxFe7jwleVjAPZ8la93-U5kCxIxDpmEstowuUw3McbVY8j81cp-s4bnJ-pzlDQZHF1mtPhyvJWas9OcnZSnRHvXn5msBBQR9Bni_YI8toatvMalYbL1KyLD_mIfaEaSlfyLE1nsNACNqAJUkr9xKiIruo3QQt9opl1fUkOpwfo_RVOxjkLFgti3r1BJmIumDVHORsbGgdTKRETdC0cQtAgpKeOr5-vNN3i-syfGMw_UxZPylCvUPnpDL8qjvTV2ZVG6brkjn_DBnJOQvLB2ij3YVlPDNOh3C8nuHSJf-FOJqirLV7hxDIUFJr1en-kSyN_2r8ywBclmrAD7QAk0_oO2UGxAbTPZgUbK-HPZaE_hO7Ud8AP6FADYYZ0pgvZFGhuxn4Jjc4N6o36zy6x64UgA_i9URqOJnFaedhTrwSdcoJ6yauCIdEaUmrH9awiqu8W26DTXOFfyB1x54O2qM0x1-RbSsBillv2YfpbuRLYY0ycJKTk2xwGu0qdi2ok38HF1EmKLPPwxKaNwxHlqnea9dse6iArrSvOdz3y-NFQgwQHZ8uE-a1cOIAGAFHtws1ITsvN4LJ3cfIbI7DaXKCxJCm5LkgYw8uSpj5BZS7MM1VOU9Dbz1YOxECjBUM0dfV6tsVZQPNWCQxk59qyTVe7Ts-1GflbaOpS45AcoMsSG-APWUGRFzRSkxGjLhvWyB_UVvcqqfcBWZmPXR7BdVe08zk-RnK5C0SPIp9zso4TnzAJzGmgRiabf32t-xm7DmaW4AlBNGeO2N-HZqMoBHxR3arWjlN1FjbLTlDkV-Ei7Knqr9kFSpdVBx4QobJWvl11bsuBcyMQNYkkl1nCMXzIkGraRuIbXs17tkrWb4M5cwgqNMOSQ0Zu9rsR-hnZczyX_kmvj2SZtqX7VPgIaHFm5IrmP3aBZam4cyFlHqWYxZM-tdlkzdH5Z7AXevBUooCpGUiw1WrQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4B4C
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 00:17:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 39D2
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1713591695959193&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame A16F
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 23:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 23:01:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 58A3
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 00:17:22 GMT
collect
www.google-analytics.com/g/
0
106 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb90&_p=288&cid=576298791.1669508242&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669508242&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&dt=F-16%E6%B8%85%E6%99%A8%E6%8E%9B%E5%BD%88%E5%9F%B7%E8%A1%8C%E6%88%B0%E5%82%99%E8%BD%89%E5%A0%B4%E3%80%80C-130%E8%BC%89%E9%80%81%E5%BE%8C%E5%8B%A4%E4%BA%BA%E5%8A%9B%E3%80%81%E8%A3%9D%E5%82%99%E4%BB%BB%E5%8B%99%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1460
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICELGQ6u0CGOeI-9UBMAE&v=APEucNX0RMkMtwkmDbJ5Ba8XZbOMmja_qJSkg2Z4lbPIZifVBxabVyF-kYHAGoZ-XrwHoAXB7wV4-qJ7f_VtLMcHPMpd8iL_dQ
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 6182
15 KB
11 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bw84vlMq67cdsDN4boZUHXbq0LZGSoelHl2tJEtAx3HyuV1O1ENpad3PPGDJvdc1UmlV5ZX4eJvhqah1ZmpPLacoR33iERsFglqfyHX2u3ut9hMfg7iaPfReYftn4L4VraObEI00UT-g1QhnHvX93rLL1BTE71brJ0o5gUHLN2L-O7c3U&cry=1&dbm_d=AKAmf-CCJtM5b0Skx_76r3xHIiFiqy32xUDDHjmtK11mlx0hY_xBGkdvDVMTTl2PhhrZT8GyzCq-351IMxjHOueUPyhsbnuBhtFZ3jyRJCPunBIEHw92h8yTMKX8WImyJCFuSQQ50VcEjBOdqXPeRtXk0x-Yka1IwTBdygINOzYnL_b2vb-8Rafhlym9QztOOyByYrqLxQ31kPeD1pGqvniUntzyhtirF2rxbYvp9ExAXUJl0L26KlAQxw--MhM7sJ9sS6qqZ7ipxYhfbIL5Keha1SpHs4cemtJxA73FwMBSUwEPJbDdSMVA3NlKl1X0UODCgD6J9kQ0LIT6RTIRbB1k16NJfjp8wWQ-SqaHQwXlkk5-dtj8B8sqK4LVN5pU40woLEI051ZPhskBIq2OqhXh7pMUMeM3rB5WnrP_9-VryZul2RACRcxIJ8RtY5Gx_0MUbYTNimqOGp6yZoZKcChZCGf4FPWxrygdNITUA1LgpbLG2H_vTn4kKV1pImWtxomVKzAkjNjGdpdsLw6idQE2x_vcSVHfKfAUKPyBnS9LAXVuiXVpzoGNP9N1oVeyyQEXMJZJS6AA9ysiA7E40HK3xyqDOHA4iqa9yxmSg-Wod4_hOstDfcN7RSR1kND75lbA7dvpLILU6porf3EZf1Uaci6_Ut7WNBoQcqyj-EwNcRsVSqsVaSCbluMy-TzCYGkWEXH6UBpExHVC57mZdenjKEnG6YQIntEsQ_KxnCuH4BIR4lcw_V6DvaIYaqHMqKr6xkH-ooUomyVVBv8UvvWs0eL06HoJZHAI0Pqml7iRq-tZp8UhEo23dzVvMm93fZSXc18oi3DvxEvQy2b2jCwHMIfpLCXozmbx7zoka1PxETkxDl8C77EKC5Cwg2-jm28tBFE6JOeNN1zkw4afDjBkeCSFv08iYsgjc5YNurLM_Xfn108HviqLM7aECUFD1QLc30y4N1OCA5Nl_UVBMHhWuFOwEbHkB8KIlp7YM5ZBw-izRsmUe8PHg8SPLgZrQtzlWmXSErieCgJbVsDjfS-l8yfMFaiympoyVbSJOG04blScivJW1y4K3cU5AG9dJjvSB1H8ZygEflEy68kBfSzlVGF95wAAt_dHYr3lV4tMwFaQyncs6204Dh7-TyRfyAEhc2pH93p9BJFnZ3uqQk9DnG1wNZp3a7xaYe2PSEikE8WcRJyhE-4n1uHkulIKGmTyXVwRTuQLK6VJNncDQGV2CdBl5Q4zBknG0V1UkqDhvsUVzDJO5Ek6ezGD4T2YnVmrkyIRLNdBlBOF1sqWcOEKjAMFVMyk-vq3hDEFS6cR4U7bzNxxzlEH0zct-pJvR-e_R3mwXhBwFpLc8eGtnIlVU0KJshVENWNsL95heDSrJEmRsfeKvC6Z59IFK2T6h5S7-bZLUuWY5hXWo1PNtUQf1vjNglnruOUDEL1oCl6IL-lIB3Xs5o1ZKZ-Soos0H_LUzgEiO77bOoTlzDNhXY2xrh4TlwWga7PE-jBvN-ACVnUUCT-YoHE51oMiKhd4Ff4ZtUDRvtEP7oxIIG0ACq3BHoY74IHObWFcomUlKQI_MHjjseR8AjRJcUX80h_COf5UiH5lW-PyfkoCRn91EUExGKRi2X0363gJ4TwaCULMSeRCMcLgCfqG_IrP2J_cmWsMu-OgfThlgQDeamVX2QPhrkR30uhlh5dnZVmYXPyJmHL5Febtkmg9cDt4uPxrReJ2UYfKxiUV7vJORmSCfL32HAwv_MyoQISI9IULb4MIQMljrktOwswcqS2BssxyQRWC44RdN8b6HKuwasaxypfTNC9ZdrmY8ihXgn9cjLyivwqRqkgQEFB652X-BbVqNsJIdnbcILJHYSac-ilA7rEfbZmyhKm5yaq1iX0zinwnh3KMGoBFeZTs2qdVkhja79bRj-AHKux7tadIkiJ2EnCbgoNoV2TRxNt45Hd136dR-YxbxqbTky7e-meLAbMOITcf5vs4xTotJYkKjFo0sgw2rp-7Fg-jHPtTen0XU127shcQvB3I_O3X93M6iRtoj3tvkM8dqoAXAOdtCYsgtz1LCNqJZZRqGvs96QuRLwG0pKHzLYfUC93SBbZerOUd6KY3aewl-27nDqZC0VSTm-lahJ0QzeDSaW4gY7U_1kqZqhxJ2-NLf9QAvtmcOOxMF1v9xvALNBBf28EjCIKBHZBO91HqDQFzjwbRZR1e_RfySh1-nHubeaHlmVba_nb0yjOu-HmnLv0GoNDA8bwksDgaCRyg9sjubvj-goXvInVKMIVArqGd6_jsRhWIWFpa_OxWCDNvwbxuA0MUllqoKPTPLcmavkc32Doj3pAjvcq-dX4SUtmzrvjCLYWl6_baNz7a3KxCT7fL-IVUBESxdvAsJCv-6spanbzcvXqoTOozC3WCz4DsvrTwMpP9CgK3aaRhcb3ddeTko3zLRcBr_39bw_Q7FlYi1yzDy1VrffIbeyAHWsEBKOUEbvB8XmcPiWTxngUJEyraIB_QFV4dnmZnpaJ2BHkPCxe2GQVczBo7RwkH3I7iXI0xNF3HKCB9uu52Qsc5YqMK6546X2urJjf-k4qIbra36B3wvjv2WZepyZHQBx4Al8Q2Xf0NlLmS4WO1nx97Sa6MOoSHZAiA9kknvRH7jdQAuvDVPAqmfDnbgeuI2KLP8Sn1m6tgkW4CwDD7_-3BTMXy27l3_aFVkwfLinuPDeSt5Qys14Ym71g6dVdguUawyIkzeT_0VkAxaCKDNQqMZBN_2Pehy2u8j8S9NMHFhreaqSQIUeTgzyq79C9yEpEooRv7291Voqy85fB86i0jSWevAU8nzb5z90TQXi6h1qAWnlmu9MD2XJwkOj2YxM8aRRoeUxctOMUazVLF23lYIGpwmLE5WQAm3iCL2h0XmvF9LTQTRbuPStIp5-z6zwD8QJ73j9H3u82jFYIqs6cvU2RTi2qcxC0pzjwF848-NNSGotn2AfoqlmLB2AAKUZA86RDhJh6ct6rrIoTojJLor9hGcbAXoRObAcNfm6uYIJz7rg0Gu0YT-TWFGO7X2TCpLxjrpZqDfm3Xhrz0uHw-pFEluybZHsoKE2J73OdXwPxLtHx3sDtRMIlnJ_2bd1w_59oVXsurvboXm9qbNC_KZ1MI5HlhBdNbNs2WUR5Zp0vEOzuis71KaEkh6QiSMVdh39WkDowRKez8E0fKxj13ZXUBHXqlas1YbeJ1MupCOzobxiAQDYy1QX7w2h0OKt4tp71qEFRPuyNDQuSgn5AxLJhdK3QHb5HGN1MngpJjLt2xTRBjOKByy8T59Lg6rL7NctcavLdwh_4czlUu_bG19KbX5XUcbZfPey8q7iNuPhbO7o1_TAGWdADsoTyALbbFR9JRhD09E9C4LdisBnmVqrtwRLuohvgk_yWEPTISuoGOYk5eTcV8utNKFe6c8pInbJF4tLdUNnj4yQtNnU2xNbEWj_Jqx_MlCetC4en76IiG73lldjJyCxhJZ9iWrfnSrQbMnRqPT-oyNtMYNFjC5amixnEX0NPhYlmOZi5YZ1cEIfVXKGBaFBIW8a4X_mKV4D-21mfx3rBf6msia4WelTWE2zesFDtHbEK2YanyESFCMRHKRAT7SX-b1dEL1blyO4A&cid=CAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
3b564c321b69cb9ea6ba3750cb07306f6f92862cb23682be0eb0fc7b4b3af660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6182
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aki-cHJDetjk1WWJ9FWY3Vku2tZbZ0JQWf9yY5dbF01LJXGV5Jn-CMOkflO754Y0tRnPyPK3D1PFez5EUAQTLsLtK1u1Gh3zTol_yfPMR6yiCOfo4
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6182
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 15:03:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
33209
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 15:03:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6182
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
28571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 16:21:12 GMT
l
www.google.com/ads/measurement/ Frame 6182
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZoG3HKPp4hsXUK-q43j8s0Muxj_d82YAFVYcFhOuklT0f1p24QCy9jig_T1DVUFNEVpWKRAV3XagCIonxcesmWpP57g
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6182
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 00:17:23 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 814B
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIzeRBCm8U8YlImP2gEwAQ&v=APEucNUW4VDXYSSky7--orhyhW6Qs4DR3rPrbnOugeex2icBKyocPireEY-slXsshvStNvdsYaLy34iLJTkB1r6UnBMV_QM0Jw
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame F4D5
79 KB
34 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Auljd8E3vRP5KY0nom3xedCf8NnVbawzRL6k24Psf0hZ40mXIkQVO_HjG9SHVDb2M9uclSaOeCrn6brLe1wTDo6sSZzw&cry=1&dbm_d=AKAmf-AZ79bnuy-Lv34M_QjlTTrSq2fUWSI35H9yYLH-kOSo2UmRylsblvsMoQPZLzXrDBfEOPJ7ODDcNEMH661lIzlNXO1eb_3Impa1j-rACab_hkwEFYml23WGq9SKcRoqNYGh3ITSGuzVxjjYjrUz5PFeeOTm79gNIaYscBnSnnr92OWQauUlhZMi390wlwxFr7ZHC1l3Ou4HTJ6_JdghRt5lgDT7ACXGF_9Bwf8SIKzQR8Cm4k3rBag5b12lpsx11BEbzO_fSHEoTamamo8WqDEPyWGf9fnKKlnT-LtEG9cUjMJ3e9US71y1r63I5YIubWqjMZbffkZ8L-YUyZfE0X9W5HL_C4NDcZ5xFjw83MMVsZUHRBUBuX75qu3IUtFxk_4SuzZdR2gxOdeN2DhIG2TrAy2OIVofX_7Lj81usMT8-w3l0Ky8W1w12V6C1R5rE3BaXZEu9soDJan-8dq3-AnlQyGDGAIG7UQsg-C_kR5cBYeD8xD4Srw7hARmufsL6V3XtqDAdBBvonMAXFGQ6j3P4VkOBJHFN3QX13RJc-BvnpmP41Rp3evQ16O4GKvrz4UNUBWDygFtAT3iFrMK13srA_bMgbBTOeTZvdP6vfIRaT4X95n8gspB34JiZxFPmyGzZx30rhBxBy83sFy6_IsTmyEc4dEk6lOAGspYtiOSLUv8rFjr6yGyLvpGCRHP5_6A_nIfKFCuXYblY6w-KEt2Uql46wXQQAeU9YI-L0DZIpILtDpFk7j5vhsrAIaqweuij4r4BLVhKcuQ-vzjmqpnr3EhMNio-ubXdsaPaybtp-s2H157XvYd1kwUX297mL8jyl9gKtdXJaXPE6rE8eAMhfqn2ah0ci3FzjOkQfNMmNA0J-7YkrSQxEyQLL54Ei-BmvnSKPUXZMGL2AhUpcmQrEaT1HuNdCjRFctXKcnbtojxZ4B-EFEB2q8SnxC96OrpfwVKKcw4SFf-sisD2ybr0qa3NWKsZaizfkKbWJJJnNG_Ty087wH8PLdel-FOkOX8YssjRa13gARcOE_Icm6t2cU3mpp_B9shx-CvTYDaZ7LQvOOhGC7KqxmjivMu3IcXhRv3rnkadH-Wd7Ms_QxO57mtulCMk5N54beBQVCjOXf8hbeMz2DIZetl2YTZUiNRy0do9qIf2cXncLDIVrpsuBvV1nqhqgqekCkwxz1ZXGYHglU3Uce4gLCuQ_O3cAuyBJB-bqeKBiNuquz767-yv_1LarTIPJSofAisqvcS8p85Wp034C8E5gAJJIP9_eMFC_nTAb1gc8OKBcCgqTGr58eAXbw9NfKgSyQZtGzh2deftv-tH41NxEwLNfWHAiUJw7-ayNJCww-kLkJVQUg0PGN95PdwnTWIRSng3UIBDTM_TYtJrjBLHCbAs2ylyK9B-ToZ5vBM87figViWFyVGw_nWYkp41UsgTGonmj4eNm-ssgo7ZOO35LMRNVQ47O7pfJWHzKQ_8uaYfGCvJ5ZBNAwXxCKPqs41X__D3tpf2iwnTPMbP9Qf5-Cjy5yEjpfhIQJpUsPwgwTaSpFEDreAZZEHIuBMkMqkQWv_5ARMny6S35_NqZPlofK5VPNscC3jVRELfe4IkjoeBWTHH2C766MQfhpZPFUJmieBEjPWar58cEpL3gHMRC3yRxrztXePbXpX2dLyMEGrmSigufmwEqJ-1LpIeCEqiEbqxIxr5LeIyjb9M7k02XaiUktuYQObMFIzbUDBqpqZBFnoCZSn3MjdI8Zr2GGDQhuoufSQaBu81eMcmo3GiwxR350zK--zampI5qFvSEcrlCQlPTrnsjdB7IwYUItAlGDQ0khyQ8FtGl-eoUvT4EbLXVpnFY11IalO2mM84N8t1bRlBo3Q7hpW2nxvTyBeJw7fAEg73YDZDv-W3mFa9NQkzvJtNmlq63pNwbsWLkpJdIO4btGdpW_YEKGo4vuEguc8QsHbMYASJuEksArkib26i_QxxWy-9MuXHpmo0JQt5FNcG1-3m-I4jaPo22pdZhBKAqk3j0fg_Vto5flrKfmYFzQV16zRruJqmZ0oHtWrTEPR-iXNOnRa7ZQuV_ZLLeZDR8wzGM1LtykwUqQOrlFp00gVR4agGsXrvnE8eAzu1sUHGV58O_xr9Mb9Dft2UBBbxSn0HNVnqp6XLVuFMUeTxkvWpDGGbT7q3ErUvNLKTWc_N16n7FqveqFZX5eOd_rMFRV5vWoqc-X_789OjJGEh7swjUAnXJ6CIcEF54_scBd1H76Fe6mjou1XliPQI5Mw2e4_e_U2bsrtPq0YQWXGd0yBC_hVCDav8bOm4a8ii3uL-1qgqbUqx264QZnVnIMf47Y6BUdyaRHFlA7lvRmYMSWu2ybQE9cVRf6Vjuom5T-QvbG5HU7iX0Z_vcJichOL4v4UjJfy4NGjCoYOUzoHyiDFX4LdW42WAqo9K3fhpKB1unGJz2h5_LJpVLpqFfRg6GxMIUtUB_pkbnsTV6oxprryqdM-q2Gcs4aBk1qLn1tXvslW0I93tvxE1cXPxGQVW6XAcDh5VrFoSEoImipzXtwY7YpcYx2242BVpWW5gbM0xvYqK2IaVtGNW68TyANowB1kfUkpAY_dmQ1UrbKh5XBuPUDJM-gKHELiC9mlQJdNqPlRdHIFYfH4xZ76f--yKkaXptvnxdgPYsffP4sLB7pPQIzVE9q7lM0jUa_q2-tRGdMBv0u5gZVG_INrra8-rH70trylMbkqIfcWvmgF4JaBdDZ23mr0ZpmCd52I8xJ72gnRRh8EHCVjkBj7k_973ycTosivprVSLDc1Mwh3Q2yOLYd9qJ_799XcO5-iIs0TQ2zhrqUHG4qe_K8hQtLpzn7nqVj29_1TLoGfvngjf62knJCVH_ha-XutgMMhxwF5bFle_KiprRsM0o7-02daQh34VJgxrSiLTmZcZnrpk7o61JdszYrHL1023xjcIT6zZFhQKRXz3VdDvE-5zrYgz3gdlbjWVe5r-6YY0z1hiOaKU-VaX18PeLboQrzOuVido8Y-3XFNK1K98jzn3mSs_OWQ19KumzZTr2ffdIkUmMUmGf5U2TyW9HkZDvP3HKl2bchcuwv0OkiYHURfe3WYP1k5SWWMSDGWdbwuoBugw2yX7m9_FxaOBybGwCqyRPleLatZg-2lnYCVabeTEl5LSJSXaOqHmHEC-r2kn9EHfl6UIcVRi41bG91IiabUnU9a4ruTMA9KR2JMt-tGGa4EJl6UfwcGuzV0tTl_uIspKYMI5985OOOfjnjg-1FApFTLyyMW5IGxNtnObDWrkK-zd240-MzaaihiF_8MNDhhtX9m7E_iiuy6JHXx-5AXBFfjsZLkCdfMAjXmKd3IQUltOuypUKyLZWnLCugylFBVciBaFTzKvH5z2BwCgWXgQEFbaePnkS8b2utMn_es5iR1WH5RE54RtCOnZWZMZ6bt5sAvYNpaApohLgPpMFXHWqQVImLUPK_EhtEK6DP2EZltltY5DD6Y7j9eITpTAEENJq-N-r3-ElqMihtxry3uTGrfQDTpMm-Bdk_Wrf1kubp8VxzoZy3GsB0&cid=CAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
8c5cf7aa391ad3090dc7d0dec9faddff86a1661efca6a9fa1a7cb951a07a1942
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34410
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4D5
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dv1mGWvLXvx7lwhBKhoTCM5rRec71516IN4dJMK0NXaWZy566m4lIPUl_9EBciL8YP-NV-_j9hsHg1CxtJ0kyzD_EKTiYJ5APJvPIzJrI9-UEIX2A
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F4D5
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 15:03:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
33209
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 15:03:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F4D5
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
28571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 16:21:12 GMT
l
www.google.com/ads/measurement/ Frame F4D5
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXhTp2QCaAYVIoI83WJkU3U9o3-F1KiMINWYtkrpUNi3V7V98_-9_aMfp3pW8X6W19NAetx3qTOoVc3_K4pkarVPAvzA
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F4D5
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 00:17:23 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E9EE
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGIbTltoBMAE&v=APEucNVNL6xJwzOm4J49-zCx9j4YLwnAr5exbPLk9hzmNQh720f03nuMJIz9CH-Y0ev0qJLMcLVtztaVHoryOfJaGR80ISgTTw
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 97D6
67 KB
32 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BkhyY-mcMgx7ZPX80yMe5PxmYhnXiQWV8BfI4wgZlyPp8nfXsAGvZJ4KSSUwa6VXJ5IVwSOy-jC1MN0ABCnZnmpHJ7jA&cry=1&dbm_d=AKAmf-CzBnNE_KnGJIRW5A58SBSPM0r8t7tPLNlW6dY1GwJXcsqKDAgnztWC198JaY80ZtnbwaEYdFqFu0s6XSy1k-eE9ZbgeZrJeVQwdMyN-lK8d7oVMDEJQfP19b2qw-NcLWFenCijaTm5DPGQBzETWSi3SETMv7sQKv2eUJ4DeybzOtGJNcfREG120V_G6TKa5IKx2hJFivaK1BLRp11-LjYBK7gL3vTUjVtnT5r0oceT39MLhoaBGJrL3PerGKeJF8rxaGBUjGl-oLKA-hGxmHp4rINZ2zWKtzA9PETjiRRhAv4OqYYVr83Kk6LlZFcaAGx2as9ovLKwZzKkTXZNEG8BmuSoVejvi_kyzSi_lc_DNvxVWJ2mpvhEuViV_ZPcFhW9QNLVVsVCvl3VxX0HS6Cn9q0msYeBUNA-3Z8DXVM5eCtZDArJgc1jAGnGdk2QGOPx9Ca_Hf31Fw2NzTYRHG_M75I98Ppf0rm97MTPMWm5KzNSzT7HpFxqfTnjUGoVae7USAwST9VOJldFj1Z_3toudb-JVn7u7Q5YhNOasfCmGd4W5MxbJ08MHJkJtUVMH1w7FAzCfAo87LgF0ZfG-yDHmKIFHSwDMEAz_4ztKig2Cqm4A0avbdPdmD9c3fy3wat047xOZ2Er6jMePhSH3h5KsT33-wHINBzFuQLqTL4ZkNmOoLDCumGgq-wmUeb5F0d6rRdgIX7lScE6Eg933hGHdTOSELBDllQfSS6ahIKLObv_gfmRmbNRfJrBbtTSDisTwmwUF4j0hGNpPzzy6K-LZr1YZ_xOLmSJzIl93kQZcXxM6IXS__hZU7cocxsouM6N4KEmP9My_6lokG52uF1m9eMmaCqLAwy2Zjmp9VsClGU0XjTGPjTkSdG8r95nTOATQC3XcrxpjmbAhtthhiwLPb7BhjaxkO_QZ-lnvpjZ3B6ki7wiFvjMEeEznsAW6Y3-xdEPpoio4sFlHDJDnbnV3tCh6V5XevDuvuygK8QqSjXmrSOTDAR78y6-QM8O53illAyoWDCTNL-7bqar6ztU9bMJVFBMoidgQ1GkXfu3RCcDakFhAwN_mQKhzuxa8bHohy1GOcj7bAClOJtmuWM29lHKbNpzxivRlEdBCm7Sz8eqUT0D23QMb8BUQ1k0g6EMx4-UU990m6MrSRGVUaXMCu5TpzFaAXYGcjBD-GnGc9gG9lnKfzoGZrB8Cxr69zhKmEjUbjvaj8o7vyeXKlF-gd7chbVAt1pIu0ScASgdOgmnTsh_-0jWiXZXkaF0MUXom1dyoMGfSsTwD5GG-RoCCKMkcWA7-ycXHQVRp9R7JfG_FH-5FYbBOjHSa9msarxIo-u3kC3gM1dtLu7ZUe3ZEuZZYUVhK5k2KgwSjAb1xREtC4QwTr74yWkcSv3fDwmxYsmrbxlSerHEz1v63YwI8GJ1pspU1Dd7IxYHGkr6Gmfdi6lr0Em2legpzD58rVNwdvseb-PDfndOQTMEVv1pepoVfhTVCF_SIEJaQwF1rHT0COrUCCrxpbc2sek21t9dBZiTzCLACMhN6jTKRdiuiS3bQsXy_w3meKaduqAIphRWGGxiP1BGvGfZUBIXBCtnR8OGUNRkMrrAtE2JLdYxnI_VT6t89PShk0UarOS_CkIgpNN2yQp0C--Ud6GI2U1ve-PFAKwmu8_23dpRa840-PNv4EvdOZpw_GVk3iEU667h0log_wOP4uCHHHBQ5T2h1C9jU155e4KGFelaQHNByRvemerZf-nZh4aIbqCSwWo5iIpa6vOUQa1Ef33VK09b-pfqaQUMmlVM1NneECk3YPeGOkO5ktaKZRcbHDWGobCeMRLXwxNYCf792Ki85QfB-Suucy8NOqUtvocLkOr6mqielIR6Yo8WJY1XgixuvFr61H9SCLLzQLKrhINKAZvsIs7x64HkUyJeSJhkJQXZTpI5WKZxjVNyj5lO8YHfain7HrCnH8DBJIMq5ulimsp5vbbfYlLnYZIPkk9FYbUWeSp1rl5s2uoYNmUKHArUnW0DwTQM38tmrYDKfoCzKKje90TTRfI4TWHXBIShsI4EOJpStCwG1LmdGRXSfK1M9gqZ0pci3Rdh_rRkLkXQ5acPI3N46d_LfTyhp7dy9KyUzyM18VHRrUZtHzemkr5eP7uATGe3KPo8d0shcUYFAa01XyL8mS5JEopAJs_Dl0exQj1nOohv_f0RFlrrNPKxR4pLwtkUKHJa8sdCl12TvAvchUkfk_RbfFQ2wDi_1wnpOi20Q-xUfFmvXvNvn4F1WKC94ll3BGG4RXa8GKs7zwkziddUwnQGM8-eNECGmzQIxs5ny7dFuf-13LolIar0jYvi5goF6_80LQPXU9B5vtyeF6XBSDWVtXq_fXV1jJwrMpZtmkOKUlbDY74HTEQEAfbSZc-jAJgFLr8mNYjVKteXtrWkTl13US0L24FycQTURDs_f0CeSEeCJ02FZhWpxPBFfzaOukG5BKjxSmZ5cxp9XhtJ8hgwo_OKnPjBbifVcBTQbD49x6NjFLUb5kAewoGFDoCVoh2BwUMHKIa1L5ODoSk9s6rwN6wl6TWcrYVVY9mb3n8D58s1GYFJFoZ8UmLc9TAI0WBm2z71cIyw_iq73PejPfuSzYswDg0X5hMds5l5YQCXKCqahZ6NuA0ZUhOZiYvREu3A2b2TCuvp3b8Ndzc2uKCDgwGx4m4OUTUEu9pwip7PIEop5n56ZnW_dk2yk9yfRw4S0ypVlY9Ihx4qOWp_DvrvuNWoa8TMxNFA8m0sNxXLzT5FCo0KBnx6TY0k8Zw_QplTAQgmsoDrqrRQHSLebBYOfMQIQcplAXis119884Hekizny7oCZscHrXm_SDbSN1IcAuXnXvxcUWJeKfwPTSFijLhEeYgl0uJYC9xLIxHj7ujzgNGb4AcG7XAZso1f684T9M-QMs3hAA8_ag2IrLlnvr2hCuOEAD-jlu48arUR4FLlHANC3ULLEYdP0NCqvsAQ6lAFTMPPMDoyUBL3wv4d-nfQu1hrR5EUpMZkHAuzg3pUWyf_5XVBxpn5Nt4DY1aLLX_N_g_LLg12NcvYxxuNSUfWtThBp_NyRMWJ6t62ZBDUIKBA-MHCj94l4DAqy6dTOkr4UMqF7pCjGUtwebV-Jiihn_e8N1B_Zgh__ahO0KGgDtgGWs3SSs_teq4LkbMa_EmLT9hPOSyr8bBkwwO122ZMWgW2irdf0mdgF6Ouohep6D5gPYtcayzD8CFZtIMHNHMLgoN90itr9cIm7jXVlb8p8rwjeLZB0JjKjBZuUhffNfdRh44nuFOhX-iHEAFLI8ilY-XUfKAAj2m2NGqk7JnhDiEigfHIv5jdaG9VGDmCShuPABpUUkHSv75HhBz4YwVocYBhYBMm6pU2&cid=CAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a54bd6cd6bb3a2cbae6bb11fa81b95ba3dd1995ebf858cea1562bef1f54b7428
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33213
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 97D6
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CgncDi5Q90fgbTPezqi0tk1njXDmoQfa109YjoIks-ZwEUVEFdXBbSl6cZX8dW7jHWTn3uC1xuu17k8DxaY_gx3ocWb4Ziz1fUDgog9k6228m4X60
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 97D6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 15:03:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
33209
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 15:03:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 97D6
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
28571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 16:21:12 GMT
l
www.google.com/ads/measurement/ Frame 97D6
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7IuCp5qe1LGLvdx2_QHXAPXI0Ubp6WJW05aByAO5wV-Q6auP7YGlTEamx3LgB4pp8c-WIZ5o_ZaNGjSs8hmL7o25A8A
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 97D6
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 00:17:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B0B1
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
120258
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Nov 2022 14:53:05 GMT
expires
Sat, 25 Nov 2023 14:53:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A6D2
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
GSE /
Resource Hash
fc004a5916548471a7f8e72506f6176aa47886490cae8daa0c26bf99250c9b35
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mwNalM2-u_RA1iy-W4G4_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-mwNalM2-u_RA1iy-W4G4_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:23 GMT
expires
Sun, 27 Nov 2022 00:17:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 11DE
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
120258
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Nov 2022 14:53:05 GMT
expires
Sat, 25 Nov 2023 14:53:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FA15
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f99.1e100.net
Software
GSE /
Resource Hash
75c392ae6fbb1f49b5ef9cfdeb490f4f63cb55dd47f800dd4ff5ed9180a45fc1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QBpITaoFx5YKaPdqSW2jRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-QBpITaoFx5YKaPdqSW2jRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:23 GMT
expires
Sun, 27 Nov 2022 00:17:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame A16F
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?y54DIQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 1460
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1&C=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICELGQ6u0CGOeI-9UBMAE&v=APEucNX0RMkMtwkmDbJ5Ba8XZbOMmja_qJSkg2Z4lbPIZifVBxabVyF-kYHAGoZ-XrwHoAXB7wV4-qJ7f_VtLMcHPMpd8iL_dQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 1460
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4KslJo57fvSpcYSHxVRTQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICELGQ6u0CGOeI-9UBMAE&v=APEucNX0RMkMtwkmDbJ5Ba8XZbOMmja_qJSkg2Z4lbPIZifVBxabVyF-kYHAGoZ-XrwHoAXB7wV4-qJ7f_VtLMcHPMpd8iL_dQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1460
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPEJpc56QolU-uP7jI6sKeY&google_cver=1
43 B
1016 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPEJpc56QolU-uP7jI6sKeY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICELGQ6u0CGOeI-9UBMAE&v=APEucNX0RMkMtwkmDbJ5Ba8XZbOMmja_qJSkg2Z4lbPIZifVBxabVyF-kYHAGoZ-XrwHoAXB7wV4-qJ7f_VtLMcHPMpd8iL_dQ
Protocol
HTTP/1.1
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:23 GMT
AN-X-Request-Uuid
e6b00a1c-b54a-4d7d-b36d-f08137c7442f
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.208; 116.90.74.208; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPEJpc56QolU-uP7jI6sKeY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1460
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyODU5ODU1Mzk5MzU4Nzg5Mw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyODU5ODU1Mzk5MzU4Nzg5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICELGQ6u0CGOeI-9UBMAE&v=APEucNX0RMkMtwkmDbJ5Ba8XZbOMmja_qJSkg2Z4lbPIZifVBxabVyF-kYHAGoZ-XrwHoAXB7wV4-qJ7f_VtLMcHPMpd8iL_dQ
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:23 GMT
AN-X-Request-Uuid
10e01a28-6058-4ca0-9c27-6d3191d9db0e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyODU5ODU1Mzk5MzU4Nzg5Mw%3D%3D
Connection
keep-alive
X-Proxy-Origin
116.90.74.208; 116.90.74.208; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 814B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1&C=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIzeRBCm8U8YlImP2gEwAQ&v=APEucNUW4VDXYSSky7--orhyhW6Qs4DR3rPrbnOugeex2icBKyocPireEY-slXsshvStNvdsYaLy34iLJTkB1r6UnBMV_QM0Jw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 814B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4KslJo57fvSpcYSHxVRTQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIzeRBCm8U8YlImP2gEwAQ&v=APEucNUW4VDXYSSky7--orhyhW6Qs4DR3rPrbnOugeex2icBKyocPireEY-slXsshvStNvdsYaLy34iLJTkB1r6UnBMV_QM0Jw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 814B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPEJpc56QolU-uP7jI6sKeY&google_cver=1
43 B
1016 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPEJpc56QolU-uP7jI6sKeY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIzeRBCm8U8YlImP2gEwAQ&v=APEucNUW4VDXYSSky7--orhyhW6Qs4DR3rPrbnOugeex2icBKyocPireEY-slXsshvStNvdsYaLy34iLJTkB1r6UnBMV_QM0Jw
Protocol
HTTP/1.1
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:24 GMT
AN-X-Request-Uuid
2e0b2b8c-464b-42e8-bd06-4bfcc77a6d2c
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.208; 116.90.74.208; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPEJpc56QolU-uP7jI6sKeY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 814B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyODU5ODU1Mzk5MzU4Nzg5Mw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyODU5ODU1Mzk5MzU4Nzg5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIzeRBCm8U8YlImP2gEwAQ&v=APEucNUW4VDXYSSky7--orhyhW6Qs4DR3rPrbnOugeex2icBKyocPireEY-slXsshvStNvdsYaLy34iLJTkB1r6UnBMV_QM0Jw
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:23 GMT
AN-X-Request-Uuid
e9fbfba1-2723-4b85-8fc1-d550a163a8aa
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyODU5ODU1Mzk5MzU4Nzg5Mw%3D%3D
Connection
keep-alive
X-Proxy-Origin
116.90.74.208; 116.90.74.208; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E9EE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1&C=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGIbTltoBMAE&v=APEucNVNL6xJwzOm4J49-zCx9j4YLwnAr5exbPLk9hzmNQh720f03nuMJIz9CH-Y0ev0qJLMcLVtztaVHoryOfJaGR80ISgTTw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame E9EE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4KslBanxDG98KxwJHjnKQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGIbTltoBMAE&v=APEucNVNL6xJwzOm4J49-zCx9j4YLwnAr5exbPLk9hzmNQh720f03nuMJIz9CH-Y0ev0qJLMcLVtztaVHoryOfJaGR80ISgTTw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhwzb7hze_CDMRTILM8Aa8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E9EE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPEJpc56QolU-uP7jI6sKeY&google_cver=1
43 B
1016 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPEJpc56QolU-uP7jI6sKeY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGIbTltoBMAE&v=APEucNVNL6xJwzOm4J49-zCx9j4YLwnAr5exbPLk9hzmNQh720f03nuMJIz9CH-Y0ev0qJLMcLVtztaVHoryOfJaGR80ISgTTw
Protocol
HTTP/1.1
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:24 GMT
AN-X-Request-Uuid
9593c367-2296-4d82-8608-fdeb07b5c2d8
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.208; 116.90.74.208; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPEJpc56QolU-uP7jI6sKeY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E9EE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyODU5ODU1Mzk5MzU4Nzg5Mw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyODU5ODU1Mzk5MzU4Nzg5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGIbTltoBMAE&v=APEucNVNL6xJwzOm4J49-zCx9j4YLwnAr5exbPLk9hzmNQh720f03nuMJIz9CH-Y0ev0qJLMcLVtztaVHoryOfJaGR80ISgTTw
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:23 GMT
AN-X-Request-Uuid
cc1d1c06-1c41-4ea9-a7e7-4045a4d59f12
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAyODU5ODU1Mzk5MzU4Nzg5Mw%3D%3D
Connection
keep-alive
X-Proxy-Origin
116.90.74.208; 116.90.74.208; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6182
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bw84vlMq67cdsDN4boZUHXbq0LZGSoelHl2tJEtAx3HyuV1O1ENpad3PPGDJvdc1UmlV5ZX4eJvhqah1ZmpPLacoR33iERsFglqfyHX2u3ut9hMfg7iaPfReYftn4L4VraObEI00UT-g1QhnHvX93rLL1BTE71brJ0o5gUHLN2L-O7c3U&cry=1&dbm_d=AKAmf-CCJtM5b0Skx_76r3xHIiFiqy32xUDDHjmtK11mlx0hY_xBGkdvDVMTTl2PhhrZT8GyzCq-351IMxjHOueUPyhsbnuBhtFZ3jyRJCPunBIEHw92h8yTMKX8WImyJCFuSQQ50VcEjBOdqXPeRtXk0x-Yka1IwTBdygINOzYnL_b2vb-8Rafhlym9QztOOyByYrqLxQ31kPeD1pGqvniUntzyhtirF2rxbYvp9ExAXUJl0L26KlAQxw--MhM7sJ9sS6qqZ7ipxYhfbIL5Keha1SpHs4cemtJxA73FwMBSUwEPJbDdSMVA3NlKl1X0UODCgD6J9kQ0LIT6RTIRbB1k16NJfjp8wWQ-SqaHQwXlkk5-dtj8B8sqK4LVN5pU40woLEI051ZPhskBIq2OqhXh7pMUMeM3rB5WnrP_9-VryZul2RACRcxIJ8RtY5Gx_0MUbYTNimqOGp6yZoZKcChZCGf4FPWxrygdNITUA1LgpbLG2H_vTn4kKV1pImWtxomVKzAkjNjGdpdsLw6idQE2x_vcSVHfKfAUKPyBnS9LAXVuiXVpzoGNP9N1oVeyyQEXMJZJS6AA9ysiA7E40HK3xyqDOHA4iqa9yxmSg-Wod4_hOstDfcN7RSR1kND75lbA7dvpLILU6porf3EZf1Uaci6_Ut7WNBoQcqyj-EwNcRsVSqsVaSCbluMy-TzCYGkWEXH6UBpExHVC57mZdenjKEnG6YQIntEsQ_KxnCuH4BIR4lcw_V6DvaIYaqHMqKr6xkH-ooUomyVVBv8UvvWs0eL06HoJZHAI0Pqml7iRq-tZp8UhEo23dzVvMm93fZSXc18oi3DvxEvQy2b2jCwHMIfpLCXozmbx7zoka1PxETkxDl8C77EKC5Cwg2-jm28tBFE6JOeNN1zkw4afDjBkeCSFv08iYsgjc5YNurLM_Xfn108HviqLM7aECUFD1QLc30y4N1OCA5Nl_UVBMHhWuFOwEbHkB8KIlp7YM5ZBw-izRsmUe8PHg8SPLgZrQtzlWmXSErieCgJbVsDjfS-l8yfMFaiympoyVbSJOG04blScivJW1y4K3cU5AG9dJjvSB1H8ZygEflEy68kBfSzlVGF95wAAt_dHYr3lV4tMwFaQyncs6204Dh7-TyRfyAEhc2pH93p9BJFnZ3uqQk9DnG1wNZp3a7xaYe2PSEikE8WcRJyhE-4n1uHkulIKGmTyXVwRTuQLK6VJNncDQGV2CdBl5Q4zBknG0V1UkqDhvsUVzDJO5Ek6ezGD4T2YnVmrkyIRLNdBlBOF1sqWcOEKjAMFVMyk-vq3hDEFS6cR4U7bzNxxzlEH0zct-pJvR-e_R3mwXhBwFpLc8eGtnIlVU0KJshVENWNsL95heDSrJEmRsfeKvC6Z59IFK2T6h5S7-bZLUuWY5hXWo1PNtUQf1vjNglnruOUDEL1oCl6IL-lIB3Xs5o1ZKZ-Soos0H_LUzgEiO77bOoTlzDNhXY2xrh4TlwWga7PE-jBvN-ACVnUUCT-YoHE51oMiKhd4Ff4ZtUDRvtEP7oxIIG0ACq3BHoY74IHObWFcomUlKQI_MHjjseR8AjRJcUX80h_COf5UiH5lW-PyfkoCRn91EUExGKRi2X0363gJ4TwaCULMSeRCMcLgCfqG_IrP2J_cmWsMu-OgfThlgQDeamVX2QPhrkR30uhlh5dnZVmYXPyJmHL5Febtkmg9cDt4uPxrReJ2UYfKxiUV7vJORmSCfL32HAwv_MyoQISI9IULb4MIQMljrktOwswcqS2BssxyQRWC44RdN8b6HKuwasaxypfTNC9ZdrmY8ihXgn9cjLyivwqRqkgQEFB652X-BbVqNsJIdnbcILJHYSac-ilA7rEfbZmyhKm5yaq1iX0zinwnh3KMGoBFeZTs2qdVkhja79bRj-AHKux7tadIkiJ2EnCbgoNoV2TRxNt45Hd136dR-YxbxqbTky7e-meLAbMOITcf5vs4xTotJYkKjFo0sgw2rp-7Fg-jHPtTen0XU127shcQvB3I_O3X93M6iRtoj3tvkM8dqoAXAOdtCYsgtz1LCNqJZZRqGvs96QuRLwG0pKHzLYfUC93SBbZerOUd6KY3aewl-27nDqZC0VSTm-lahJ0QzeDSaW4gY7U_1kqZqhxJ2-NLf9QAvtmcOOxMF1v9xvALNBBf28EjCIKBHZBO91HqDQFzjwbRZR1e_RfySh1-nHubeaHlmVba_nb0yjOu-HmnLv0GoNDA8bwksDgaCRyg9sjubvj-goXvInVKMIVArqGd6_jsRhWIWFpa_OxWCDNvwbxuA0MUllqoKPTPLcmavkc32Doj3pAjvcq-dX4SUtmzrvjCLYWl6_baNz7a3KxCT7fL-IVUBESxdvAsJCv-6spanbzcvXqoTOozC3WCz4DsvrTwMpP9CgK3aaRhcb3ddeTko3zLRcBr_39bw_Q7FlYi1yzDy1VrffIbeyAHWsEBKOUEbvB8XmcPiWTxngUJEyraIB_QFV4dnmZnpaJ2BHkPCxe2GQVczBo7RwkH3I7iXI0xNF3HKCB9uu52Qsc5YqMK6546X2urJjf-k4qIbra36B3wvjv2WZepyZHQBx4Al8Q2Xf0NlLmS4WO1nx97Sa6MOoSHZAiA9kknvRH7jdQAuvDVPAqmfDnbgeuI2KLP8Sn1m6tgkW4CwDD7_-3BTMXy27l3_aFVkwfLinuPDeSt5Qys14Ym71g6dVdguUawyIkzeT_0VkAxaCKDNQqMZBN_2Pehy2u8j8S9NMHFhreaqSQIUeTgzyq79C9yEpEooRv7291Voqy85fB86i0jSWevAU8nzb5z90TQXi6h1qAWnlmu9MD2XJwkOj2YxM8aRRoeUxctOMUazVLF23lYIGpwmLE5WQAm3iCL2h0XmvF9LTQTRbuPStIp5-z6zwD8QJ73j9H3u82jFYIqs6cvU2RTi2qcxC0pzjwF848-NNSGotn2AfoqlmLB2AAKUZA86RDhJh6ct6rrIoTojJLor9hGcbAXoRObAcNfm6uYIJz7rg0Gu0YT-TWFGO7X2TCpLxjrpZqDfm3Xhrz0uHw-pFEluybZHsoKE2J73OdXwPxLtHx3sDtRMIlnJ_2bd1w_59oVXsurvboXm9qbNC_KZ1MI5HlhBdNbNs2WUR5Zp0vEOzuis71KaEkh6QiSMVdh39WkDowRKez8E0fKxj13ZXUBHXqlas1YbeJ1MupCOzobxiAQDYy1QX7w2h0OKt4tp71qEFRPuyNDQuSgn5AxLJhdK3QHb5HGN1MngpJjLt2xTRBjOKByy8T59Lg6rL7NctcavLdwh_4czlUu_bG19KbX5XUcbZfPey8q7iNuPhbO7o1_TAGWdADsoTyALbbFR9JRhD09E9C4LdisBnmVqrtwRLuohvgk_yWEPTISuoGOYk5eTcV8utNKFe6c8pInbJF4tLdUNnj4yQtNnU2xNbEWj_Jqx_MlCetC4en76IiG73lldjJyCxhJZ9iWrfnSrQbMnRqPT-oyNtMYNFjC5amixnEX0NPhYlmOZi5YZ1cEIfVXKGBaFBIW8a4X_mKV4D-21mfx3rBf6msia4WelTWE2zesFDtHbEK2YanyESFCMRHKRAT7SX-b1dEL1blyO4A&cid=CAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 22:07:48 GMT
frm
www.adtrek.co/adserver/ Frame F2BD
16 KB
16 KB
Document
General
Full URL
https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCEy9ckayCY-THONCavQSa9rKwDdKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKqlijH2_WkPqgDAaoE7gFP0NAGsffWgUgIjFgPbdpxz_yNvnYmqO5Hz3Yokpd1P3_qe7eBNz4Mq2tbotg2z1sgeeUnugm1YZLcgFXNyQy9JjTb5QQV-xug5AkEde0v3vE9ungVlFlsbowaMWkr_zeNJE4zS7HKaQ23b7-P6PFLphAE9KtDqKlq-ssK6khGcdsPvpRXciGsB8tbC-mRFEyLi-CjR2I3tSXW4Ajek7-zCYwP1d_dyxwHLTyEY9-6ZXYzCO2XgLAd2MBvjP1uO47dt-2BAASjIkfQCp2HMf0DoQUwSi2X0JVZuBKN3Jq2q_7U3Ne2LANpTiAUBA65wATN78nshgTgBAOQBgGgBk2AB7j91OwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT2-nxEMgTt4yk4QPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw%26sig%3DAOD64_1aiBbSRAyggsJyvx2IZyxq334Avw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-AElV9YGv8kHlif74yCOcwRkTSIs7qkSZJjbwmrm8Wrfxqi4-n9_PlTY3_XnBpsOQDpwozIB8nQTS6HBorQabr2Sfot9D9BE0WAISr-pkd71aDaoYm25MWTnZlq1Jm1-Jl-BV83tgQPljgmyE_rszhY6Rfp02I7dVY0T3RquA2spw5SfIQ%26cry%3D1%26dbm_d%3DAKAmf-C3OQYz_P6yRZFSWsbBGXqV_E9Tcmq2-_FUyh21wq73O2n52RqWB3-pocqftHOxh7WfIPSWbjD07cHJOdntE9DEmNQYkOGpSe32Pn8KxaujUbcKgNAEZegZHBlt-RAbwFdNyCRSqcgaL2MgAUVl22vN80BPg5Jfr8XiiQrauFriuchvjpkv0Y31dufVklMK14dbzw4NQg9gOJucvynfh8bVY5GyAdie11B3BWcBaHX12oP03Wz8a8hYoIdThU6GY0U6G6gLjGzX54hfT3YLpUHblSER7-vDYvUqWXz47W12jXbwj2RjYvpt_GtKfb2cimqB3iLLuAmhDabczx0RH4J5wm0_Z-yLD6RYpX8O7bLlBkhOWmN0nBpbC4jH6z0cq_y0sXUtKcj318bS26V1PMcUWG5BvEZ42iyAOtzgons5lWD7ST7VecFHFSyx4_Ul_1EaVYO5NlaR46lawiWs6MLtIBXJNuTQrAQgkECopB6_PTMMWQnAGAHK6r6v9IwdoNZKz3YVcC1mWTBBJBDygeGkx71pG4TS8oNVfSzLYbsmKvdfq_7ZFsn4vd68vnZUJCenbjvpg5AljkAj8DurHXNXLwX_gXL9-u0Yy6a7fzbVFkvvWvIJIHj7kE2plrmhWOTPCJDxqEQAWpSbF_MtfbWmuQOnxSf9P0nDBaoFJ133pk7je-s%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1669508241926692
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.150.39 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-150-39.ap-southeast-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3391b1408e32d7885e15a2066477358b90842435c829ad7c2cf059c35b6bbfd6

Request headers

Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
16075
Content-Type
text/html; charset=utf-8
Date
Sun, 27 Nov 2022 00:17:21 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 44BE
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
71302
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 04:29:01 GMT
etag
48472445140208031
expires
Sun, 27 Nov 2022 04:29:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6182
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
061fa2bc31c5c7095afb6db1da7aaa79ec69951abb0865c37c94e26be87275c2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame A6D2
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=663942046339342&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame B0B1
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 23:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 23:01:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FA15
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=506911142357986&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 11DE
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 23:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 23:01:25 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 44BE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1&google_push=ASkJ3FamkYe8VwGy-SGB0ZNPTrVrqZfWBs2icaHleofPTQkGvqbPiS2xPbnpXRsW-7kbORan0QEsJHgPfH5tzs6iWxwebbVY7-w33...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE1MzA5MzQ1NDMzMzE2MjE3Mw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 44BE
35 B
362 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMxjY1bPZj3Hh1on1Mk1Hx4&google_cver=1&google_push=ASkJ3FYrvd8_HJIA1x9nM-yHh99CeuuW8JGIUNy-pHiohdTLF0d2LOeeVQVNEWO-8tDVKPIMfKaQa6mSLOKVAqDA-m-qMiUFkZeM9ubH0LahYerTerfQCQSLMGBLHl7OoZq0zK5YEmXJduz8
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 44BE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECtYGHc_6IHYsI20YiLFk60&google_cver=1&google_push=ASkJ3FZE_KbvQO6wysoTM4N1E3ZoT82s2zTAt2QOyp7aVazkpXckg21yehQ8h8sgfe69KDXc1THCjer8dGhEhx24...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=iIdjgqySQwCpW-i_Dm46mw&google_push=ASkJ3FZE_KbvQO6wysoTM4N1E3ZoT82s2zTAt2QOyp7aVazkpXckg21yehQ8h8sgfe69KDXc1THCjer8dGhEhx24oW__kUbA...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=iIdjgqySQwCpW-i_Dm46mw&google_push=ASkJ3FZE_KbvQO6wysoTM4N1E3ZoT82s2zTAt2QOyp7aVazkpXckg21yehQ8h8sgfe69KDXc1THCjer8dGhEhx24oW__kUbABr5LUEfs4DzthSxs3GDCo3EC_k-mijN3gdsbpiytiUWX-BuC
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 27 Nov 2022 00:17:23 GMT
Server
MT3 169 32252b7 master hkg-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=iIdjgqySQwCpW-i_Dm46mw&google_push=ASkJ3FZE_KbvQO6wysoTM4N1E3ZoT82s2zTAt2QOyp7aVazkpXckg21yehQ8h8sgfe69KDXc1THCjer8dGhEhx24oW__kUbABr5LUEfs4DzthSxs3GDCo3EC_k-mijN3gdsbpiytiUWX-BuC
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 27 Nov 2022 00:17:22 GMT
i.match
s.tribalfusion.com/z/ Frame 44BE
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEC9n_7K2DO3DRZAbzjuUToo&google_cver=1&google_push=ASkJ3FbzT7m712KewbWA7R-4Dma5S2AJw08wWMszrl3Eh20Lw9ZVp6rLF8_3bnLUmUkTY_8oHoB3wuR7yL4yE2Bo0eCCgGLp7HzUR...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC9n_7K2DO3DRZAbzjuUToo&google_cver=1&google_push=ASkJ3FbzT7m712KewbWA7R-4Dma5S2AJw08wWMszrl3Eh20Lw9ZVp6rLF8_3bnLUmUkTY_8oHoB3wuR7yL4yE2Bo0eCCgGLp7Hz...
43 B
425 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC9n_7K2DO3DRZAbzjuUToo&google_cver=1&google_push=ASkJ3FbzT7m712KewbWA7R-4Dma5S2AJw08wWMszrl3Eh20Lw9ZVp6rLF8_3bnLUmUkTY_8oHoB3wuR7yL4yE2Bo0eCCgGLp7HzURK7QiwD4vCO8NxIuLlSekSz5pcnAIUoZd5M2ds8N5qY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FbzT7m712KewbWA7R-4Dma5S2AJw08wWMszrl3Eh20Lw9ZVp6rLF8_3bnLUmUkTY_8oHoB3wuR7yL4yE2Bo0eCCgGLp7HzURK7QiwD4vCO8NxIuLlSekSz5pcnAIUoZd5M2ds8N5qY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7706ae3e49e41c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
4707
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC9n_7K2DO3DRZAbzjuUToo&google_cver=1&google_push=ASkJ3FbzT7m712KewbWA7R-4Dma5S2AJw08wWMszrl3Eh20Lw9ZVp6rLF8_3bnLUmUkTY_8oHoB3wuR7yL4yE2Bo0eCCgGLp7HzURK7QiwD4vCO8NxIuLlSekSz5pcnAIUoZd5M2ds8N5qY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FbzT7m712KewbWA7R-4Dma5S2AJw08wWMszrl3Eh20Lw9ZVp6rLF8_3bnLUmUkTY_8oHoB3wuR7yL4yE2Bo0eCCgGLp7HzURK7QiwD4vCO8NxIuLlSekSz5pcnAIUoZd5M2ds8N5qY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7706ae3c885b1c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 44BE
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEB7TxgM6e_zilxjcmi7UpLg&google_cver=1&google_push=ASkJ3FZXs903WV-aLQ5WFlTz89bXJNxl68129cRgcvS2abaRaFz4eKSvQhFovF5040i6BJ-ls9akukC...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FZXs903WV-aLQ5WFlTz89bXJNxl68129cRgcvS2abaRaFz4eKSvQhFovF5040i6BJ-ls9akukCnbw5BlAtGL51oJkVGzy1nRut6qsVIHxuoIFcLVsL6YYwcpThO...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FZXs903WV-aLQ5WFlTz89bXJNxl68129cRgcvS2abaRaFz4eKSvQhFovF5040i6BJ-ls9akukCnbw5BlAtGL51oJkVGzy1nRut6qsVIHxuoIFcLVsL6YYwcpThOBYWT5d29pMP-hGc&google_hm=3mLovL-3QSqP9jWXgFr0OdA
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FZXs903WV-aLQ5WFlTz89bXJNxl68129cRgcvS2abaRaFz4eKSvQhFovF5040i6BJ-ls9akukCnbw5BlAtGL51oJkVGzy1nRut6qsVIHxuoIFcLVsL6YYwcpThOBYWT5d29pMP-hGc&google_hm=3mLovL-3QSqP9jWXgFr0OdA
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 44BE
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEInWfTGwXEmipSHJKZ3gwV8&google_cver=1&google_push=ASkJ3FbfMUpu2D0RL8_vRGMmeB7zBMNlZwSxar0DAnna-xj0HQ9fix8DV1UnZQVSkFHsGf-9V-J2nRzQ-EOUM5...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FbfMUpu2D0RL8_vRGMmeB7zBMNlZwSxar0DAnna-xj0HQ9fix8DV1UnZQVSkFHsGf-9V-J2nRzQ-EOUM5Dv1q9NhOd5k8kv5jkCRfRP4FoYbo18vZRAy_1u4s5K...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FbfMUpu2D0RL8_vRGMmeB7zBMNlZwSxar0DAnna-xj0HQ9fix8DV1UnZQVSkFHsGf-9V-J2nRzQ-EOUM5Dv1q9NhOd5k8kv5jkCRfRP4FoYbo18vZRAy_1u4s5KjllH2WA59lQDOUxP&google_hm=hmOCrJFvqI6kCRGi8g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6382AC916FA88EA40911A2F2BLIS
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FbfMUpu2D0RL8_vRGMmeB7zBMNlZwSxar0DAnna-xj0HQ9fix8DV1UnZQVSkFHsGf-9V-J2nRzQ-EOUM5Dv1q9NhOd5k8kv5jkCRfRP4FoYbo18vZRAy_1u4s5KjllH2WA59lQDOUxP&google_hm=hmOCrJFvqI6kCRGi8g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6382AC916FA88EA40911A2F2BLIS
date
Sun, 27 Nov 2022 00:17:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 44BE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN1hL2FgaCQYh9ralHjbiRY&google_cver=1&google_push=ASkJ3FaykTM6Pc0lk6_jIqK0WOVPhxnnlBpTsVizUFJOQPG_heJY3cb1YyxT3KJfYx61Xoe_B5EW2Qsa...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIwODc3NjY2ODExMjA5MDA0NA&google_push=ASkJ3FaykTM6Pc0lk6_jIqK0WOVPhxnnlBpTsVizUFJOQPG_heJY3cb1YyxT3KJfYx61Xoe_B5EW2Q...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIwODc3NjY2ODExMjA5MDA0NA&google_push=ASkJ3FaykTM6Pc0lk6_jIqK0WOVPhxnnlBpTsVizUFJOQPG_heJY3cb1YyxT3KJfYx61Xoe_B5EW2QsaUTnIQTzifhJvVNybSbSRTOqrD-G_4i5Hq7mXkO-QUCtqar4yU3PvsyLNpkFO90U
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIwODc3NjY2ODExMjA5MDA0NA&google_push=ASkJ3FaykTM6Pc0lk6_jIqK0WOVPhxnnlBpTsVizUFJOQPG_heJY3cb1YyxT3KJfYx61Xoe_B5EW2QsaUTnIQTzifhJvVNybSbSRTOqrD-G_4i5Hq7mXkO-QUCtqar4yU3PvsyLNpkFO90U
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 44BE
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0mZdwFWv2WsEX5Y7cEy7afejKh8Xzco2kvaVsLGDgQePd7Jy7YLfP3wnbubzwfOkY_CJd
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1334
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
347836
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 23:40:07 GMT
expires
Wed, 22 Nov 2023 23:40:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 97D6
29 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BkhyY-mcMgx7ZPX80yMe5PxmYhnXiQWV8BfI4wgZlyPp8nfXsAGvZJ4KSSUwa6VXJ5IVwSOy-jC1MN0ABCnZnmpHJ7jA&cry=1&dbm_d=AKAmf-CzBnNE_KnGJIRW5A58SBSPM0r8t7tPLNlW6dY1GwJXcsqKDAgnztWC198JaY80ZtnbwaEYdFqFu0s6XSy1k-eE9ZbgeZrJeVQwdMyN-lK8d7oVMDEJQfP19b2qw-NcLWFenCijaTm5DPGQBzETWSi3SETMv7sQKv2eUJ4DeybzOtGJNcfREG120V_G6TKa5IKx2hJFivaK1BLRp11-LjYBK7gL3vTUjVtnT5r0oceT39MLhoaBGJrL3PerGKeJF8rxaGBUjGl-oLKA-hGxmHp4rINZ2zWKtzA9PETjiRRhAv4OqYYVr83Kk6LlZFcaAGx2as9ovLKwZzKkTXZNEG8BmuSoVejvi_kyzSi_lc_DNvxVWJ2mpvhEuViV_ZPcFhW9QNLVVsVCvl3VxX0HS6Cn9q0msYeBUNA-3Z8DXVM5eCtZDArJgc1jAGnGdk2QGOPx9Ca_Hf31Fw2NzTYRHG_M75I98Ppf0rm97MTPMWm5KzNSzT7HpFxqfTnjUGoVae7USAwST9VOJldFj1Z_3toudb-JVn7u7Q5YhNOasfCmGd4W5MxbJ08MHJkJtUVMH1w7FAzCfAo87LgF0ZfG-yDHmKIFHSwDMEAz_4ztKig2Cqm4A0avbdPdmD9c3fy3wat047xOZ2Er6jMePhSH3h5KsT33-wHINBzFuQLqTL4ZkNmOoLDCumGgq-wmUeb5F0d6rRdgIX7lScE6Eg933hGHdTOSELBDllQfSS6ahIKLObv_gfmRmbNRfJrBbtTSDisTwmwUF4j0hGNpPzzy6K-LZr1YZ_xOLmSJzIl93kQZcXxM6IXS__hZU7cocxsouM6N4KEmP9My_6lokG52uF1m9eMmaCqLAwy2Zjmp9VsClGU0XjTGPjTkSdG8r95nTOATQC3XcrxpjmbAhtthhiwLPb7BhjaxkO_QZ-lnvpjZ3B6ki7wiFvjMEeEznsAW6Y3-xdEPpoio4sFlHDJDnbnV3tCh6V5XevDuvuygK8QqSjXmrSOTDAR78y6-QM8O53illAyoWDCTNL-7bqar6ztU9bMJVFBMoidgQ1GkXfu3RCcDakFhAwN_mQKhzuxa8bHohy1GOcj7bAClOJtmuWM29lHKbNpzxivRlEdBCm7Sz8eqUT0D23QMb8BUQ1k0g6EMx4-UU990m6MrSRGVUaXMCu5TpzFaAXYGcjBD-GnGc9gG9lnKfzoGZrB8Cxr69zhKmEjUbjvaj8o7vyeXKlF-gd7chbVAt1pIu0ScASgdOgmnTsh_-0jWiXZXkaF0MUXom1dyoMGfSsTwD5GG-RoCCKMkcWA7-ycXHQVRp9R7JfG_FH-5FYbBOjHSa9msarxIo-u3kC3gM1dtLu7ZUe3ZEuZZYUVhK5k2KgwSjAb1xREtC4QwTr74yWkcSv3fDwmxYsmrbxlSerHEz1v63YwI8GJ1pspU1Dd7IxYHGkr6Gmfdi6lr0Em2legpzD58rVNwdvseb-PDfndOQTMEVv1pepoVfhTVCF_SIEJaQwF1rHT0COrUCCrxpbc2sek21t9dBZiTzCLACMhN6jTKRdiuiS3bQsXy_w3meKaduqAIphRWGGxiP1BGvGfZUBIXBCtnR8OGUNRkMrrAtE2JLdYxnI_VT6t89PShk0UarOS_CkIgpNN2yQp0C--Ud6GI2U1ve-PFAKwmu8_23dpRa840-PNv4EvdOZpw_GVk3iEU667h0log_wOP4uCHHHBQ5T2h1C9jU155e4KGFelaQHNByRvemerZf-nZh4aIbqCSwWo5iIpa6vOUQa1Ef33VK09b-pfqaQUMmlVM1NneECk3YPeGOkO5ktaKZRcbHDWGobCeMRLXwxNYCf792Ki85QfB-Suucy8NOqUtvocLkOr6mqielIR6Yo8WJY1XgixuvFr61H9SCLLzQLKrhINKAZvsIs7x64HkUyJeSJhkJQXZTpI5WKZxjVNyj5lO8YHfain7HrCnH8DBJIMq5ulimsp5vbbfYlLnYZIPkk9FYbUWeSp1rl5s2uoYNmUKHArUnW0DwTQM38tmrYDKfoCzKKje90TTRfI4TWHXBIShsI4EOJpStCwG1LmdGRXSfK1M9gqZ0pci3Rdh_rRkLkXQ5acPI3N46d_LfTyhp7dy9KyUzyM18VHRrUZtHzemkr5eP7uATGe3KPo8d0shcUYFAa01XyL8mS5JEopAJs_Dl0exQj1nOohv_f0RFlrrNPKxR4pLwtkUKHJa8sdCl12TvAvchUkfk_RbfFQ2wDi_1wnpOi20Q-xUfFmvXvNvn4F1WKC94ll3BGG4RXa8GKs7zwkziddUwnQGM8-eNECGmzQIxs5ny7dFuf-13LolIar0jYvi5goF6_80LQPXU9B5vtyeF6XBSDWVtXq_fXV1jJwrMpZtmkOKUlbDY74HTEQEAfbSZc-jAJgFLr8mNYjVKteXtrWkTl13US0L24FycQTURDs_f0CeSEeCJ02FZhWpxPBFfzaOukG5BKjxSmZ5cxp9XhtJ8hgwo_OKnPjBbifVcBTQbD49x6NjFLUb5kAewoGFDoCVoh2BwUMHKIa1L5ODoSk9s6rwN6wl6TWcrYVVY9mb3n8D58s1GYFJFoZ8UmLc9TAI0WBm2z71cIyw_iq73PejPfuSzYswDg0X5hMds5l5YQCXKCqahZ6NuA0ZUhOZiYvREu3A2b2TCuvp3b8Ndzc2uKCDgwGx4m4OUTUEu9pwip7PIEop5n56ZnW_dk2yk9yfRw4S0ypVlY9Ihx4qOWp_DvrvuNWoa8TMxNFA8m0sNxXLzT5FCo0KBnx6TY0k8Zw_QplTAQgmsoDrqrRQHSLebBYOfMQIQcplAXis119884Hekizny7oCZscHrXm_SDbSN1IcAuXnXvxcUWJeKfwPTSFijLhEeYgl0uJYC9xLIxHj7ujzgNGb4AcG7XAZso1f684T9M-QMs3hAA8_ag2IrLlnvr2hCuOEAD-jlu48arUR4FLlHANC3ULLEYdP0NCqvsAQ6lAFTMPPMDoyUBL3wv4d-nfQu1hrR5EUpMZkHAuzg3pUWyf_5XVBxpn5Nt4DY1aLLX_N_g_LLg12NcvYxxuNSUfWtThBp_NyRMWJ6t62ZBDUIKBA-MHCj94l4DAqy6dTOkr4UMqF7pCjGUtwebV-Jiihn_e8N1B_Zgh__ahO0KGgDtgGWs3SSs_teq4LkbMa_EmLT9hPOSyr8bBkwwO122ZMWgW2irdf0mdgF6Ouohep6D5gPYtcayzD8CFZtIMHNHMLgoN90itr9cIm7jXVlb8p8rwjeLZB0JjKjBZuUhffNfdRh44nuFOhX-iHEAFLI8ilY-XUfKAAj2m2NGqk7JnhDiEigfHIv5jdaG9VGDmCShuPABpUUkHSv75HhBz4YwVocYBhYBMm6pU2&cid=CAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
29758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 16:01:25 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 97D6
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BkhyY-mcMgx7ZPX80yMe5PxmYhnXiQWV8BfI4wgZlyPp8nfXsAGvZJ4KSSUwa6VXJ5IVwSOy-jC1MN0ABCnZnmpHJ7jA&cry=1&dbm_d=AKAmf-CzBnNE_KnGJIRW5A58SBSPM0r8t7tPLNlW6dY1GwJXcsqKDAgnztWC198JaY80ZtnbwaEYdFqFu0s6XSy1k-eE9ZbgeZrJeVQwdMyN-lK8d7oVMDEJQfP19b2qw-NcLWFenCijaTm5DPGQBzETWSi3SETMv7sQKv2eUJ4DeybzOtGJNcfREG120V_G6TKa5IKx2hJFivaK1BLRp11-LjYBK7gL3vTUjVtnT5r0oceT39MLhoaBGJrL3PerGKeJF8rxaGBUjGl-oLKA-hGxmHp4rINZ2zWKtzA9PETjiRRhAv4OqYYVr83Kk6LlZFcaAGx2as9ovLKwZzKkTXZNEG8BmuSoVejvi_kyzSi_lc_DNvxVWJ2mpvhEuViV_ZPcFhW9QNLVVsVCvl3VxX0HS6Cn9q0msYeBUNA-3Z8DXVM5eCtZDArJgc1jAGnGdk2QGOPx9Ca_Hf31Fw2NzTYRHG_M75I98Ppf0rm97MTPMWm5KzNSzT7HpFxqfTnjUGoVae7USAwST9VOJldFj1Z_3toudb-JVn7u7Q5YhNOasfCmGd4W5MxbJ08MHJkJtUVMH1w7FAzCfAo87LgF0ZfG-yDHmKIFHSwDMEAz_4ztKig2Cqm4A0avbdPdmD9c3fy3wat047xOZ2Er6jMePhSH3h5KsT33-wHINBzFuQLqTL4ZkNmOoLDCumGgq-wmUeb5F0d6rRdgIX7lScE6Eg933hGHdTOSELBDllQfSS6ahIKLObv_gfmRmbNRfJrBbtTSDisTwmwUF4j0hGNpPzzy6K-LZr1YZ_xOLmSJzIl93kQZcXxM6IXS__hZU7cocxsouM6N4KEmP9My_6lokG52uF1m9eMmaCqLAwy2Zjmp9VsClGU0XjTGPjTkSdG8r95nTOATQC3XcrxpjmbAhtthhiwLPb7BhjaxkO_QZ-lnvpjZ3B6ki7wiFvjMEeEznsAW6Y3-xdEPpoio4sFlHDJDnbnV3tCh6V5XevDuvuygK8QqSjXmrSOTDAR78y6-QM8O53illAyoWDCTNL-7bqar6ztU9bMJVFBMoidgQ1GkXfu3RCcDakFhAwN_mQKhzuxa8bHohy1GOcj7bAClOJtmuWM29lHKbNpzxivRlEdBCm7Sz8eqUT0D23QMb8BUQ1k0g6EMx4-UU990m6MrSRGVUaXMCu5TpzFaAXYGcjBD-GnGc9gG9lnKfzoGZrB8Cxr69zhKmEjUbjvaj8o7vyeXKlF-gd7chbVAt1pIu0ScASgdOgmnTsh_-0jWiXZXkaF0MUXom1dyoMGfSsTwD5GG-RoCCKMkcWA7-ycXHQVRp9R7JfG_FH-5FYbBOjHSa9msarxIo-u3kC3gM1dtLu7ZUe3ZEuZZYUVhK5k2KgwSjAb1xREtC4QwTr74yWkcSv3fDwmxYsmrbxlSerHEz1v63YwI8GJ1pspU1Dd7IxYHGkr6Gmfdi6lr0Em2legpzD58rVNwdvseb-PDfndOQTMEVv1pepoVfhTVCF_SIEJaQwF1rHT0COrUCCrxpbc2sek21t9dBZiTzCLACMhN6jTKRdiuiS3bQsXy_w3meKaduqAIphRWGGxiP1BGvGfZUBIXBCtnR8OGUNRkMrrAtE2JLdYxnI_VT6t89PShk0UarOS_CkIgpNN2yQp0C--Ud6GI2U1ve-PFAKwmu8_23dpRa840-PNv4EvdOZpw_GVk3iEU667h0log_wOP4uCHHHBQ5T2h1C9jU155e4KGFelaQHNByRvemerZf-nZh4aIbqCSwWo5iIpa6vOUQa1Ef33VK09b-pfqaQUMmlVM1NneECk3YPeGOkO5ktaKZRcbHDWGobCeMRLXwxNYCf792Ki85QfB-Suucy8NOqUtvocLkOr6mqielIR6Yo8WJY1XgixuvFr61H9SCLLzQLKrhINKAZvsIs7x64HkUyJeSJhkJQXZTpI5WKZxjVNyj5lO8YHfain7HrCnH8DBJIMq5ulimsp5vbbfYlLnYZIPkk9FYbUWeSp1rl5s2uoYNmUKHArUnW0DwTQM38tmrYDKfoCzKKje90TTRfI4TWHXBIShsI4EOJpStCwG1LmdGRXSfK1M9gqZ0pci3Rdh_rRkLkXQ5acPI3N46d_LfTyhp7dy9KyUzyM18VHRrUZtHzemkr5eP7uATGe3KPo8d0shcUYFAa01XyL8mS5JEopAJs_Dl0exQj1nOohv_f0RFlrrNPKxR4pLwtkUKHJa8sdCl12TvAvchUkfk_RbfFQ2wDi_1wnpOi20Q-xUfFmvXvNvn4F1WKC94ll3BGG4RXa8GKs7zwkziddUwnQGM8-eNECGmzQIxs5ny7dFuf-13LolIar0jYvi5goF6_80LQPXU9B5vtyeF6XBSDWVtXq_fXV1jJwrMpZtmkOKUlbDY74HTEQEAfbSZc-jAJgFLr8mNYjVKteXtrWkTl13US0L24FycQTURDs_f0CeSEeCJ02FZhWpxPBFfzaOukG5BKjxSmZ5cxp9XhtJ8hgwo_OKnPjBbifVcBTQbD49x6NjFLUb5kAewoGFDoCVoh2BwUMHKIa1L5ODoSk9s6rwN6wl6TWcrYVVY9mb3n8D58s1GYFJFoZ8UmLc9TAI0WBm2z71cIyw_iq73PejPfuSzYswDg0X5hMds5l5YQCXKCqahZ6NuA0ZUhOZiYvREu3A2b2TCuvp3b8Ndzc2uKCDgwGx4m4OUTUEu9pwip7PIEop5n56ZnW_dk2yk9yfRw4S0ypVlY9Ihx4qOWp_DvrvuNWoa8TMxNFA8m0sNxXLzT5FCo0KBnx6TY0k8Zw_QplTAQgmsoDrqrRQHSLebBYOfMQIQcplAXis119884Hekizny7oCZscHrXm_SDbSN1IcAuXnXvxcUWJeKfwPTSFijLhEeYgl0uJYC9xLIxHj7ujzgNGb4AcG7XAZso1f684T9M-QMs3hAA8_ag2IrLlnvr2hCuOEAD-jlu48arUR4FLlHANC3ULLEYdP0NCqvsAQ6lAFTMPPMDoyUBL3wv4d-nfQu1hrR5EUpMZkHAuzg3pUWyf_5XVBxpn5Nt4DY1aLLX_N_g_LLg12NcvYxxuNSUfWtThBp_NyRMWJ6t62ZBDUIKBA-MHCj94l4DAqy6dTOkr4UMqF7pCjGUtwebV-Jiihn_e8N1B_Zgh__ahO0KGgDtgGWs3SSs_teq4LkbMa_EmLT9hPOSyr8bBkwwO122ZMWgW2irdf0mdgF6Ouohep6D5gPYtcayzD8CFZtIMHNHMLgoN90itr9cIm7jXVlb8p8rwjeLZB0JjKjBZuUhffNfdRh44nuFOhX-iHEAFLI8ilY-XUfKAAj2m2NGqk7JnhDiEigfHIv5jdaG9VGDmCShuPABpUUkHSv75HhBz4YwVocYBhYBMm6pU2&cid=CAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 04:42:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
70472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 04:42:51 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 97D6
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthkcisQD1DtUVSj4LI4F7KvxSqX5Tzv33LHlfeqthoQaSJgbbPgYRF3s_TY4mPgseJeZw5vnJKwJoEQjN9AUU9qERiwGVOVUVZK7krYgeq3YfWESz4njz4xBGIKcEEpEa5qKNjDx-zmsmCdnbg6hMg-wEpV4h0ISGaeyIGP5lDb1aCqI_SEiGK5KSmAc3fG3-PvnFI5FGNsPowXeEeZumGSBj00vSDvukJ8SNGxtDYlKMPDTUBfw-hg4DgBEY58PNv7n5klxcVNqsaNiThFpcL4Yno7MflEsfyJ0uwT0MWg6mLs99w5iH9d7RjreMUUyiPiBf0BMI4B_nu7w-pxn5xqDvmx1GfENrAPt3dAHSDindPfen8BpUenmS1XnvDFXbZc8TdY6wnGezcaPG3wu-FIbsUeLQ3Z1_OHNGlxBoYL6CijfGCrbgqkYZLiVTt3lgaje44HjIGoC7eTWhepN5XYcF3gpWjlsGrQlF94WoITcAbpDdAhUN03zqhAp5_EScv6W2zGFoEGvWpgIgcrCC544Bi9guNvlbxjG0mMPWVk7a6dsx4-9hkCShbQVRK3VHm4-3mNd6PhBZRplQBr7J1AVkGqIA1ip34ODsVnf01NlQQ_gU6yE-1AN7yBk7PwVpN5-gTTob8tj6c5EBbI83KHDL7_gCDawbQj_J_pgSAsYOH8aiuA95reWeJqQ1ahGSlv_ZhUlVYpcd_vSEEBWZDzHjS-YzlMVXpGRU3j8U5WOjDP473qRd49PSTk0afP3WSjwHDrOZWPzMSEEUWVVj4SmyZiGvo_DkqfpwM7bXy7Vb9HkPnO36Tzxz0L1aSLa_kSo1U7t8qNYeWJEXBGT6-6HizErN0UjpbGnKcGAIl_U11eprOf-YdZLBAohpSIDGUAvEL7aAAdES6wxeh29aK0dxzNZGYoNlnBgKe1ibZTDjrDlHMdZuAlNhxSeG75H8VgO14eKUsOtj1Z8UJOYx_E9W4WlyWEPT-9_L6sO8r2Bo7oa8K2I4AoNHNhI1zWDw4wsbzSbb17bAlvUmhjRrCdzrnQfQJhSNe2Uc8kljbOrdpbq8cUCWA-E6Kh76qMEjD7Bz4mHkkue5mzzpBWlTffvGME_j6MjxNgPWGfXAt2b0V8l6ZR9piOIOsbHsqrH3gnKrRbqpIXfM1pA7ItGe6yZVn0xCQkM1hnRcR2c35IiA2cxVWiojVOmXzJkOjQNgvM3esW-B_2bOaWefUEzrNuiHzuOajAIX_A1BuwV7EOPiQ95_z8aZzfFQ-&sai=AMfl-YTyXRxWWuD5LdD9NmN7IiDv6rw7z08xjIAPVKr1OEC-HGxWYXqtjRvwRcqhGQrY01aUByYK5U8Y8DgR0xYLmsUo-bByfszrGHxypN4JHoLSzOGdd8qcwSU0saXOqU5UY1nW_HPyLofNAS25a9CnbeKm5Jb-8I3IemqSeHfx_dmHW99u6mCZVBEeWxpzo-brCF3h5tshv0ChMMVekmc_zhSuojJikiKAv-rwysHKuMQL9gfKckTgE5rUz3hiMkd6vrFtLXnbinQ&sig=Cg0ArKJSzLpEi2WqtZqIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.08734&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BkhyY-mcMgx7ZPX80yMe5PxmYhnXiQWV8BfI4wgZlyPp8nfXsAGvZJ4KSSUwa6VXJ5IVwSOy-jC1MN0ABCnZnmpHJ7jA&cry=1&dbm_d=AKAmf-CzBnNE_KnGJIRW5A58SBSPM0r8t7tPLNlW6dY1GwJXcsqKDAgnztWC198JaY80ZtnbwaEYdFqFu0s6XSy1k-eE9ZbgeZrJeVQwdMyN-lK8d7oVMDEJQfP19b2qw-NcLWFenCijaTm5DPGQBzETWSi3SETMv7sQKv2eUJ4DeybzOtGJNcfREG120V_G6TKa5IKx2hJFivaK1BLRp11-LjYBK7gL3vTUjVtnT5r0oceT39MLhoaBGJrL3PerGKeJF8rxaGBUjGl-oLKA-hGxmHp4rINZ2zWKtzA9PETjiRRhAv4OqYYVr83Kk6LlZFcaAGx2as9ovLKwZzKkTXZNEG8BmuSoVejvi_kyzSi_lc_DNvxVWJ2mpvhEuViV_ZPcFhW9QNLVVsVCvl3VxX0HS6Cn9q0msYeBUNA-3Z8DXVM5eCtZDArJgc1jAGnGdk2QGOPx9Ca_Hf31Fw2NzTYRHG_M75I98Ppf0rm97MTPMWm5KzNSzT7HpFxqfTnjUGoVae7USAwST9VOJldFj1Z_3toudb-JVn7u7Q5YhNOasfCmGd4W5MxbJ08MHJkJtUVMH1w7FAzCfAo87LgF0ZfG-yDHmKIFHSwDMEAz_4ztKig2Cqm4A0avbdPdmD9c3fy3wat047xOZ2Er6jMePhSH3h5KsT33-wHINBzFuQLqTL4ZkNmOoLDCumGgq-wmUeb5F0d6rRdgIX7lScE6Eg933hGHdTOSELBDllQfSS6ahIKLObv_gfmRmbNRfJrBbtTSDisTwmwUF4j0hGNpPzzy6K-LZr1YZ_xOLmSJzIl93kQZcXxM6IXS__hZU7cocxsouM6N4KEmP9My_6lokG52uF1m9eMmaCqLAwy2Zjmp9VsClGU0XjTGPjTkSdG8r95nTOATQC3XcrxpjmbAhtthhiwLPb7BhjaxkO_QZ-lnvpjZ3B6ki7wiFvjMEeEznsAW6Y3-xdEPpoio4sFlHDJDnbnV3tCh6V5XevDuvuygK8QqSjXmrSOTDAR78y6-QM8O53illAyoWDCTNL-7bqar6ztU9bMJVFBMoidgQ1GkXfu3RCcDakFhAwN_mQKhzuxa8bHohy1GOcj7bAClOJtmuWM29lHKbNpzxivRlEdBCm7Sz8eqUT0D23QMb8BUQ1k0g6EMx4-UU990m6MrSRGVUaXMCu5TpzFaAXYGcjBD-GnGc9gG9lnKfzoGZrB8Cxr69zhKmEjUbjvaj8o7vyeXKlF-gd7chbVAt1pIu0ScASgdOgmnTsh_-0jWiXZXkaF0MUXom1dyoMGfSsTwD5GG-RoCCKMkcWA7-ycXHQVRp9R7JfG_FH-5FYbBOjHSa9msarxIo-u3kC3gM1dtLu7ZUe3ZEuZZYUVhK5k2KgwSjAb1xREtC4QwTr74yWkcSv3fDwmxYsmrbxlSerHEz1v63YwI8GJ1pspU1Dd7IxYHGkr6Gmfdi6lr0Em2legpzD58rVNwdvseb-PDfndOQTMEVv1pepoVfhTVCF_SIEJaQwF1rHT0COrUCCrxpbc2sek21t9dBZiTzCLACMhN6jTKRdiuiS3bQsXy_w3meKaduqAIphRWGGxiP1BGvGfZUBIXBCtnR8OGUNRkMrrAtE2JLdYxnI_VT6t89PShk0UarOS_CkIgpNN2yQp0C--Ud6GI2U1ve-PFAKwmu8_23dpRa840-PNv4EvdOZpw_GVk3iEU667h0log_wOP4uCHHHBQ5T2h1C9jU155e4KGFelaQHNByRvemerZf-nZh4aIbqCSwWo5iIpa6vOUQa1Ef33VK09b-pfqaQUMmlVM1NneECk3YPeGOkO5ktaKZRcbHDWGobCeMRLXwxNYCf792Ki85QfB-Suucy8NOqUtvocLkOr6mqielIR6Yo8WJY1XgixuvFr61H9SCLLzQLKrhINKAZvsIs7x64HkUyJeSJhkJQXZTpI5WKZxjVNyj5lO8YHfain7HrCnH8DBJIMq5ulimsp5vbbfYlLnYZIPkk9FYbUWeSp1rl5s2uoYNmUKHArUnW0DwTQM38tmrYDKfoCzKKje90TTRfI4TWHXBIShsI4EOJpStCwG1LmdGRXSfK1M9gqZ0pci3Rdh_rRkLkXQ5acPI3N46d_LfTyhp7dy9KyUzyM18VHRrUZtHzemkr5eP7uATGe3KPo8d0shcUYFAa01XyL8mS5JEopAJs_Dl0exQj1nOohv_f0RFlrrNPKxR4pLwtkUKHJa8sdCl12TvAvchUkfk_RbfFQ2wDi_1wnpOi20Q-xUfFmvXvNvn4F1WKC94ll3BGG4RXa8GKs7zwkziddUwnQGM8-eNECGmzQIxs5ny7dFuf-13LolIar0jYvi5goF6_80LQPXU9B5vtyeF6XBSDWVtXq_fXV1jJwrMpZtmkOKUlbDY74HTEQEAfbSZc-jAJgFLr8mNYjVKteXtrWkTl13US0L24FycQTURDs_f0CeSEeCJ02FZhWpxPBFfzaOukG5BKjxSmZ5cxp9XhtJ8hgwo_OKnPjBbifVcBTQbD49x6NjFLUb5kAewoGFDoCVoh2BwUMHKIa1L5ODoSk9s6rwN6wl6TWcrYVVY9mb3n8D58s1GYFJFoZ8UmLc9TAI0WBm2z71cIyw_iq73PejPfuSzYswDg0X5hMds5l5YQCXKCqahZ6NuA0ZUhOZiYvREu3A2b2TCuvp3b8Ndzc2uKCDgwGx4m4OUTUEu9pwip7PIEop5n56ZnW_dk2yk9yfRw4S0ypVlY9Ihx4qOWp_DvrvuNWoa8TMxNFA8m0sNxXLzT5FCo0KBnx6TY0k8Zw_QplTAQgmsoDrqrRQHSLebBYOfMQIQcplAXis119884Hekizny7oCZscHrXm_SDbSN1IcAuXnXvxcUWJeKfwPTSFijLhEeYgl0uJYC9xLIxHj7ujzgNGb4AcG7XAZso1f684T9M-QMs3hAA8_ag2IrLlnvr2hCuOEAD-jlu48arUR4FLlHANC3ULLEYdP0NCqvsAQ6lAFTMPPMDoyUBL3wv4d-nfQu1hrR5EUpMZkHAuzg3pUWyf_5XVBxpn5Nt4DY1aLLX_N_g_LLg12NcvYxxuNSUfWtThBp_NyRMWJ6t62ZBDUIKBA-MHCj94l4DAqy6dTOkr4UMqF7pCjGUtwebV-Jiihn_e8N1B_Zgh__ahO0KGgDtgGWs3SSs_teq4LkbMa_EmLT9hPOSyr8bBkwwO122ZMWgW2irdf0mdgF6Ouohep6D5gPYtcayzD8CFZtIMHNHMLgoN90itr9cIm7jXVlb8p8rwjeLZB0JjKjBZuUhffNfdRh44nuFOhX-iHEAFLI8ilY-XUfKAAj2m2NGqk7JnhDiEigfHIv5jdaG9VGDmCShuPABpUUkHSv75HhBz4YwVocYBhYBMm6pU2&cid=CAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 27 Nov 2022 00:17:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 27 Nov 2022 00:17:24 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 97D6
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BkhyY-mcMgx7ZPX80yMe5PxmYhnXiQWV8BfI4wgZlyPp8nfXsAGvZJ4KSSUwa6VXJ5IVwSOy-jC1MN0ABCnZnmpHJ7jA&cry=1&dbm_d=AKAmf-CzBnNE_KnGJIRW5A58SBSPM0r8t7tPLNlW6dY1GwJXcsqKDAgnztWC198JaY80ZtnbwaEYdFqFu0s6XSy1k-eE9ZbgeZrJeVQwdMyN-lK8d7oVMDEJQfP19b2qw-NcLWFenCijaTm5DPGQBzETWSi3SETMv7sQKv2eUJ4DeybzOtGJNcfREG120V_G6TKa5IKx2hJFivaK1BLRp11-LjYBK7gL3vTUjVtnT5r0oceT39MLhoaBGJrL3PerGKeJF8rxaGBUjGl-oLKA-hGxmHp4rINZ2zWKtzA9PETjiRRhAv4OqYYVr83Kk6LlZFcaAGx2as9ovLKwZzKkTXZNEG8BmuSoVejvi_kyzSi_lc_DNvxVWJ2mpvhEuViV_ZPcFhW9QNLVVsVCvl3VxX0HS6Cn9q0msYeBUNA-3Z8DXVM5eCtZDArJgc1jAGnGdk2QGOPx9Ca_Hf31Fw2NzTYRHG_M75I98Ppf0rm97MTPMWm5KzNSzT7HpFxqfTnjUGoVae7USAwST9VOJldFj1Z_3toudb-JVn7u7Q5YhNOasfCmGd4W5MxbJ08MHJkJtUVMH1w7FAzCfAo87LgF0ZfG-yDHmKIFHSwDMEAz_4ztKig2Cqm4A0avbdPdmD9c3fy3wat047xOZ2Er6jMePhSH3h5KsT33-wHINBzFuQLqTL4ZkNmOoLDCumGgq-wmUeb5F0d6rRdgIX7lScE6Eg933hGHdTOSELBDllQfSS6ahIKLObv_gfmRmbNRfJrBbtTSDisTwmwUF4j0hGNpPzzy6K-LZr1YZ_xOLmSJzIl93kQZcXxM6IXS__hZU7cocxsouM6N4KEmP9My_6lokG52uF1m9eMmaCqLAwy2Zjmp9VsClGU0XjTGPjTkSdG8r95nTOATQC3XcrxpjmbAhtthhiwLPb7BhjaxkO_QZ-lnvpjZ3B6ki7wiFvjMEeEznsAW6Y3-xdEPpoio4sFlHDJDnbnV3tCh6V5XevDuvuygK8QqSjXmrSOTDAR78y6-QM8O53illAyoWDCTNL-7bqar6ztU9bMJVFBMoidgQ1GkXfu3RCcDakFhAwN_mQKhzuxa8bHohy1GOcj7bAClOJtmuWM29lHKbNpzxivRlEdBCm7Sz8eqUT0D23QMb8BUQ1k0g6EMx4-UU990m6MrSRGVUaXMCu5TpzFaAXYGcjBD-GnGc9gG9lnKfzoGZrB8Cxr69zhKmEjUbjvaj8o7vyeXKlF-gd7chbVAt1pIu0ScASgdOgmnTsh_-0jWiXZXkaF0MUXom1dyoMGfSsTwD5GG-RoCCKMkcWA7-ycXHQVRp9R7JfG_FH-5FYbBOjHSa9msarxIo-u3kC3gM1dtLu7ZUe3ZEuZZYUVhK5k2KgwSjAb1xREtC4QwTr74yWkcSv3fDwmxYsmrbxlSerHEz1v63YwI8GJ1pspU1Dd7IxYHGkr6Gmfdi6lr0Em2legpzD58rVNwdvseb-PDfndOQTMEVv1pepoVfhTVCF_SIEJaQwF1rHT0COrUCCrxpbc2sek21t9dBZiTzCLACMhN6jTKRdiuiS3bQsXy_w3meKaduqAIphRWGGxiP1BGvGfZUBIXBCtnR8OGUNRkMrrAtE2JLdYxnI_VT6t89PShk0UarOS_CkIgpNN2yQp0C--Ud6GI2U1ve-PFAKwmu8_23dpRa840-PNv4EvdOZpw_GVk3iEU667h0log_wOP4uCHHHBQ5T2h1C9jU155e4KGFelaQHNByRvemerZf-nZh4aIbqCSwWo5iIpa6vOUQa1Ef33VK09b-pfqaQUMmlVM1NneECk3YPeGOkO5ktaKZRcbHDWGobCeMRLXwxNYCf792Ki85QfB-Suucy8NOqUtvocLkOr6mqielIR6Yo8WJY1XgixuvFr61H9SCLLzQLKrhINKAZvsIs7x64HkUyJeSJhkJQXZTpI5WKZxjVNyj5lO8YHfain7HrCnH8DBJIMq5ulimsp5vbbfYlLnYZIPkk9FYbUWeSp1rl5s2uoYNmUKHArUnW0DwTQM38tmrYDKfoCzKKje90TTRfI4TWHXBIShsI4EOJpStCwG1LmdGRXSfK1M9gqZ0pci3Rdh_rRkLkXQ5acPI3N46d_LfTyhp7dy9KyUzyM18VHRrUZtHzemkr5eP7uATGe3KPo8d0shcUYFAa01XyL8mS5JEopAJs_Dl0exQj1nOohv_f0RFlrrNPKxR4pLwtkUKHJa8sdCl12TvAvchUkfk_RbfFQ2wDi_1wnpOi20Q-xUfFmvXvNvn4F1WKC94ll3BGG4RXa8GKs7zwkziddUwnQGM8-eNECGmzQIxs5ny7dFuf-13LolIar0jYvi5goF6_80LQPXU9B5vtyeF6XBSDWVtXq_fXV1jJwrMpZtmkOKUlbDY74HTEQEAfbSZc-jAJgFLr8mNYjVKteXtrWkTl13US0L24FycQTURDs_f0CeSEeCJ02FZhWpxPBFfzaOukG5BKjxSmZ5cxp9XhtJ8hgwo_OKnPjBbifVcBTQbD49x6NjFLUb5kAewoGFDoCVoh2BwUMHKIa1L5ODoSk9s6rwN6wl6TWcrYVVY9mb3n8D58s1GYFJFoZ8UmLc9TAI0WBm2z71cIyw_iq73PejPfuSzYswDg0X5hMds5l5YQCXKCqahZ6NuA0ZUhOZiYvREu3A2b2TCuvp3b8Ndzc2uKCDgwGx4m4OUTUEu9pwip7PIEop5n56ZnW_dk2yk9yfRw4S0ypVlY9Ihx4qOWp_DvrvuNWoa8TMxNFA8m0sNxXLzT5FCo0KBnx6TY0k8Zw_QplTAQgmsoDrqrRQHSLebBYOfMQIQcplAXis119884Hekizny7oCZscHrXm_SDbSN1IcAuXnXvxcUWJeKfwPTSFijLhEeYgl0uJYC9xLIxHj7ujzgNGb4AcG7XAZso1f684T9M-QMs3hAA8_ag2IrLlnvr2hCuOEAD-jlu48arUR4FLlHANC3ULLEYdP0NCqvsAQ6lAFTMPPMDoyUBL3wv4d-nfQu1hrR5EUpMZkHAuzg3pUWyf_5XVBxpn5Nt4DY1aLLX_N_g_LLg12NcvYxxuNSUfWtThBp_NyRMWJ6t62ZBDUIKBA-MHCj94l4DAqy6dTOkr4UMqF7pCjGUtwebV-Jiihn_e8N1B_Zgh__ahO0KGgDtgGWs3SSs_teq4LkbMa_EmLT9hPOSyr8bBkwwO122ZMWgW2irdf0mdgF6Ouohep6D5gPYtcayzD8CFZtIMHNHMLgoN90itr9cIm7jXVlb8p8rwjeLZB0JjKjBZuUhffNfdRh44nuFOhX-iHEAFLI8ilY-XUfKAAj2m2NGqk7JnhDiEigfHIv5jdaG9VGDmCShuPABpUUkHSv75HhBz4YwVocYBhYBMm6pU2&cid=CAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 22:07:48 GMT
7028997706535683305
s0.2mdn.net/simgad/ Frame 97D6
79 KB
79 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/7028997706535683305
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
e77cc4874d6292405e71d9f40cda49f223ecc8885a81f1c29f09677fdc4479e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:23 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80539
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 11:18:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Nov 2023 00:17:23 GMT
generate_204
tpc.googlesyndication.com/ Frame B0B1
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?1ybodg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame F4D5
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
Origin
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 05:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68863
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 27 Nov 2022 05:09:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame F4D5
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Auljd8E3vRP5KY0nom3xedCf8NnVbawzRL6k24Psf0hZ40mXIkQVO_HjG9SHVDb2M9uclSaOeCrn6brLe1wTDo6sSZzw&cry=1&dbm_d=AKAmf-AZ79bnuy-Lv34M_QjlTTrSq2fUWSI35H9yYLH-kOSo2UmRylsblvsMoQPZLzXrDBfEOPJ7ODDcNEMH661lIzlNXO1eb_3Impa1j-rACab_hkwEFYml23WGq9SKcRoqNYGh3ITSGuzVxjjYjrUz5PFeeOTm79gNIaYscBnSnnr92OWQauUlhZMi390wlwxFr7ZHC1l3Ou4HTJ6_JdghRt5lgDT7ACXGF_9Bwf8SIKzQR8Cm4k3rBag5b12lpsx11BEbzO_fSHEoTamamo8WqDEPyWGf9fnKKlnT-LtEG9cUjMJ3e9US71y1r63I5YIubWqjMZbffkZ8L-YUyZfE0X9W5HL_C4NDcZ5xFjw83MMVsZUHRBUBuX75qu3IUtFxk_4SuzZdR2gxOdeN2DhIG2TrAy2OIVofX_7Lj81usMT8-w3l0Ky8W1w12V6C1R5rE3BaXZEu9soDJan-8dq3-AnlQyGDGAIG7UQsg-C_kR5cBYeD8xD4Srw7hARmufsL6V3XtqDAdBBvonMAXFGQ6j3P4VkOBJHFN3QX13RJc-BvnpmP41Rp3evQ16O4GKvrz4UNUBWDygFtAT3iFrMK13srA_bMgbBTOeTZvdP6vfIRaT4X95n8gspB34JiZxFPmyGzZx30rhBxBy83sFy6_IsTmyEc4dEk6lOAGspYtiOSLUv8rFjr6yGyLvpGCRHP5_6A_nIfKFCuXYblY6w-KEt2Uql46wXQQAeU9YI-L0DZIpILtDpFk7j5vhsrAIaqweuij4r4BLVhKcuQ-vzjmqpnr3EhMNio-ubXdsaPaybtp-s2H157XvYd1kwUX297mL8jyl9gKtdXJaXPE6rE8eAMhfqn2ah0ci3FzjOkQfNMmNA0J-7YkrSQxEyQLL54Ei-BmvnSKPUXZMGL2AhUpcmQrEaT1HuNdCjRFctXKcnbtojxZ4B-EFEB2q8SnxC96OrpfwVKKcw4SFf-sisD2ybr0qa3NWKsZaizfkKbWJJJnNG_Ty087wH8PLdel-FOkOX8YssjRa13gARcOE_Icm6t2cU3mpp_B9shx-CvTYDaZ7LQvOOhGC7KqxmjivMu3IcXhRv3rnkadH-Wd7Ms_QxO57mtulCMk5N54beBQVCjOXf8hbeMz2DIZetl2YTZUiNRy0do9qIf2cXncLDIVrpsuBvV1nqhqgqekCkwxz1ZXGYHglU3Uce4gLCuQ_O3cAuyBJB-bqeKBiNuquz767-yv_1LarTIPJSofAisqvcS8p85Wp034C8E5gAJJIP9_eMFC_nTAb1gc8OKBcCgqTGr58eAXbw9NfKgSyQZtGzh2deftv-tH41NxEwLNfWHAiUJw7-ayNJCww-kLkJVQUg0PGN95PdwnTWIRSng3UIBDTM_TYtJrjBLHCbAs2ylyK9B-ToZ5vBM87figViWFyVGw_nWYkp41UsgTGonmj4eNm-ssgo7ZOO35LMRNVQ47O7pfJWHzKQ_8uaYfGCvJ5ZBNAwXxCKPqs41X__D3tpf2iwnTPMbP9Qf5-Cjy5yEjpfhIQJpUsPwgwTaSpFEDreAZZEHIuBMkMqkQWv_5ARMny6S35_NqZPlofK5VPNscC3jVRELfe4IkjoeBWTHH2C766MQfhpZPFUJmieBEjPWar58cEpL3gHMRC3yRxrztXePbXpX2dLyMEGrmSigufmwEqJ-1LpIeCEqiEbqxIxr5LeIyjb9M7k02XaiUktuYQObMFIzbUDBqpqZBFnoCZSn3MjdI8Zr2GGDQhuoufSQaBu81eMcmo3GiwxR350zK--zampI5qFvSEcrlCQlPTrnsjdB7IwYUItAlGDQ0khyQ8FtGl-eoUvT4EbLXVpnFY11IalO2mM84N8t1bRlBo3Q7hpW2nxvTyBeJw7fAEg73YDZDv-W3mFa9NQkzvJtNmlq63pNwbsWLkpJdIO4btGdpW_YEKGo4vuEguc8QsHbMYASJuEksArkib26i_QxxWy-9MuXHpmo0JQt5FNcG1-3m-I4jaPo22pdZhBKAqk3j0fg_Vto5flrKfmYFzQV16zRruJqmZ0oHtWrTEPR-iXNOnRa7ZQuV_ZLLeZDR8wzGM1LtykwUqQOrlFp00gVR4agGsXrvnE8eAzu1sUHGV58O_xr9Mb9Dft2UBBbxSn0HNVnqp6XLVuFMUeTxkvWpDGGbT7q3ErUvNLKTWc_N16n7FqveqFZX5eOd_rMFRV5vWoqc-X_789OjJGEh7swjUAnXJ6CIcEF54_scBd1H76Fe6mjou1XliPQI5Mw2e4_e_U2bsrtPq0YQWXGd0yBC_hVCDav8bOm4a8ii3uL-1qgqbUqx264QZnVnIMf47Y6BUdyaRHFlA7lvRmYMSWu2ybQE9cVRf6Vjuom5T-QvbG5HU7iX0Z_vcJichOL4v4UjJfy4NGjCoYOUzoHyiDFX4LdW42WAqo9K3fhpKB1unGJz2h5_LJpVLpqFfRg6GxMIUtUB_pkbnsTV6oxprryqdM-q2Gcs4aBk1qLn1tXvslW0I93tvxE1cXPxGQVW6XAcDh5VrFoSEoImipzXtwY7YpcYx2242BVpWW5gbM0xvYqK2IaVtGNW68TyANowB1kfUkpAY_dmQ1UrbKh5XBuPUDJM-gKHELiC9mlQJdNqPlRdHIFYfH4xZ76f--yKkaXptvnxdgPYsffP4sLB7pPQIzVE9q7lM0jUa_q2-tRGdMBv0u5gZVG_INrra8-rH70trylMbkqIfcWvmgF4JaBdDZ23mr0ZpmCd52I8xJ72gnRRh8EHCVjkBj7k_973ycTosivprVSLDc1Mwh3Q2yOLYd9qJ_799XcO5-iIs0TQ2zhrqUHG4qe_K8hQtLpzn7nqVj29_1TLoGfvngjf62knJCVH_ha-XutgMMhxwF5bFle_KiprRsM0o7-02daQh34VJgxrSiLTmZcZnrpk7o61JdszYrHL1023xjcIT6zZFhQKRXz3VdDvE-5zrYgz3gdlbjWVe5r-6YY0z1hiOaKU-VaX18PeLboQrzOuVido8Y-3XFNK1K98jzn3mSs_OWQ19KumzZTr2ffdIkUmMUmGf5U2TyW9HkZDvP3HKl2bchcuwv0OkiYHURfe3WYP1k5SWWMSDGWdbwuoBugw2yX7m9_FxaOBybGwCqyRPleLatZg-2lnYCVabeTEl5LSJSXaOqHmHEC-r2kn9EHfl6UIcVRi41bG91IiabUnU9a4ruTMA9KR2JMt-tGGa4EJl6UfwcGuzV0tTl_uIspKYMI5985OOOfjnjg-1FApFTLyyMW5IGxNtnObDWrkK-zd240-MzaaihiF_8MNDhhtX9m7E_iiuy6JHXx-5AXBFfjsZLkCdfMAjXmKd3IQUltOuypUKyLZWnLCugylFBVciBaFTzKvH5z2BwCgWXgQEFbaePnkS8b2utMn_es5iR1WH5RE54RtCOnZWZMZ6bt5sAvYNpaApohLgPpMFXHWqQVImLUPK_EhtEK6DP2EZltltY5DD6Y7j9eITpTAEENJq-N-r3-ElqMihtxry3uTGrfQDTpMm-Bdk_Wrf1kubp8VxzoZy3GsB0&cid=CAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 04:42:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
70472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 04:42:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame F4D5
29 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Auljd8E3vRP5KY0nom3xedCf8NnVbawzRL6k24Psf0hZ40mXIkQVO_HjG9SHVDb2M9uclSaOeCrn6brLe1wTDo6sSZzw&cry=1&dbm_d=AKAmf-AZ79bnuy-Lv34M_QjlTTrSq2fUWSI35H9yYLH-kOSo2UmRylsblvsMoQPZLzXrDBfEOPJ7ODDcNEMH661lIzlNXO1eb_3Impa1j-rACab_hkwEFYml23WGq9SKcRoqNYGh3ITSGuzVxjjYjrUz5PFeeOTm79gNIaYscBnSnnr92OWQauUlhZMi390wlwxFr7ZHC1l3Ou4HTJ6_JdghRt5lgDT7ACXGF_9Bwf8SIKzQR8Cm4k3rBag5b12lpsx11BEbzO_fSHEoTamamo8WqDEPyWGf9fnKKlnT-LtEG9cUjMJ3e9US71y1r63I5YIubWqjMZbffkZ8L-YUyZfE0X9W5HL_C4NDcZ5xFjw83MMVsZUHRBUBuX75qu3IUtFxk_4SuzZdR2gxOdeN2DhIG2TrAy2OIVofX_7Lj81usMT8-w3l0Ky8W1w12V6C1R5rE3BaXZEu9soDJan-8dq3-AnlQyGDGAIG7UQsg-C_kR5cBYeD8xD4Srw7hARmufsL6V3XtqDAdBBvonMAXFGQ6j3P4VkOBJHFN3QX13RJc-BvnpmP41Rp3evQ16O4GKvrz4UNUBWDygFtAT3iFrMK13srA_bMgbBTOeTZvdP6vfIRaT4X95n8gspB34JiZxFPmyGzZx30rhBxBy83sFy6_IsTmyEc4dEk6lOAGspYtiOSLUv8rFjr6yGyLvpGCRHP5_6A_nIfKFCuXYblY6w-KEt2Uql46wXQQAeU9YI-L0DZIpILtDpFk7j5vhsrAIaqweuij4r4BLVhKcuQ-vzjmqpnr3EhMNio-ubXdsaPaybtp-s2H157XvYd1kwUX297mL8jyl9gKtdXJaXPE6rE8eAMhfqn2ah0ci3FzjOkQfNMmNA0J-7YkrSQxEyQLL54Ei-BmvnSKPUXZMGL2AhUpcmQrEaT1HuNdCjRFctXKcnbtojxZ4B-EFEB2q8SnxC96OrpfwVKKcw4SFf-sisD2ybr0qa3NWKsZaizfkKbWJJJnNG_Ty087wH8PLdel-FOkOX8YssjRa13gARcOE_Icm6t2cU3mpp_B9shx-CvTYDaZ7LQvOOhGC7KqxmjivMu3IcXhRv3rnkadH-Wd7Ms_QxO57mtulCMk5N54beBQVCjOXf8hbeMz2DIZetl2YTZUiNRy0do9qIf2cXncLDIVrpsuBvV1nqhqgqekCkwxz1ZXGYHglU3Uce4gLCuQ_O3cAuyBJB-bqeKBiNuquz767-yv_1LarTIPJSofAisqvcS8p85Wp034C8E5gAJJIP9_eMFC_nTAb1gc8OKBcCgqTGr58eAXbw9NfKgSyQZtGzh2deftv-tH41NxEwLNfWHAiUJw7-ayNJCww-kLkJVQUg0PGN95PdwnTWIRSng3UIBDTM_TYtJrjBLHCbAs2ylyK9B-ToZ5vBM87figViWFyVGw_nWYkp41UsgTGonmj4eNm-ssgo7ZOO35LMRNVQ47O7pfJWHzKQ_8uaYfGCvJ5ZBNAwXxCKPqs41X__D3tpf2iwnTPMbP9Qf5-Cjy5yEjpfhIQJpUsPwgwTaSpFEDreAZZEHIuBMkMqkQWv_5ARMny6S35_NqZPlofK5VPNscC3jVRELfe4IkjoeBWTHH2C766MQfhpZPFUJmieBEjPWar58cEpL3gHMRC3yRxrztXePbXpX2dLyMEGrmSigufmwEqJ-1LpIeCEqiEbqxIxr5LeIyjb9M7k02XaiUktuYQObMFIzbUDBqpqZBFnoCZSn3MjdI8Zr2GGDQhuoufSQaBu81eMcmo3GiwxR350zK--zampI5qFvSEcrlCQlPTrnsjdB7IwYUItAlGDQ0khyQ8FtGl-eoUvT4EbLXVpnFY11IalO2mM84N8t1bRlBo3Q7hpW2nxvTyBeJw7fAEg73YDZDv-W3mFa9NQkzvJtNmlq63pNwbsWLkpJdIO4btGdpW_YEKGo4vuEguc8QsHbMYASJuEksArkib26i_QxxWy-9MuXHpmo0JQt5FNcG1-3m-I4jaPo22pdZhBKAqk3j0fg_Vto5flrKfmYFzQV16zRruJqmZ0oHtWrTEPR-iXNOnRa7ZQuV_ZLLeZDR8wzGM1LtykwUqQOrlFp00gVR4agGsXrvnE8eAzu1sUHGV58O_xr9Mb9Dft2UBBbxSn0HNVnqp6XLVuFMUeTxkvWpDGGbT7q3ErUvNLKTWc_N16n7FqveqFZX5eOd_rMFRV5vWoqc-X_789OjJGEh7swjUAnXJ6CIcEF54_scBd1H76Fe6mjou1XliPQI5Mw2e4_e_U2bsrtPq0YQWXGd0yBC_hVCDav8bOm4a8ii3uL-1qgqbUqx264QZnVnIMf47Y6BUdyaRHFlA7lvRmYMSWu2ybQE9cVRf6Vjuom5T-QvbG5HU7iX0Z_vcJichOL4v4UjJfy4NGjCoYOUzoHyiDFX4LdW42WAqo9K3fhpKB1unGJz2h5_LJpVLpqFfRg6GxMIUtUB_pkbnsTV6oxprryqdM-q2Gcs4aBk1qLn1tXvslW0I93tvxE1cXPxGQVW6XAcDh5VrFoSEoImipzXtwY7YpcYx2242BVpWW5gbM0xvYqK2IaVtGNW68TyANowB1kfUkpAY_dmQ1UrbKh5XBuPUDJM-gKHELiC9mlQJdNqPlRdHIFYfH4xZ76f--yKkaXptvnxdgPYsffP4sLB7pPQIzVE9q7lM0jUa_q2-tRGdMBv0u5gZVG_INrra8-rH70trylMbkqIfcWvmgF4JaBdDZ23mr0ZpmCd52I8xJ72gnRRh8EHCVjkBj7k_973ycTosivprVSLDc1Mwh3Q2yOLYd9qJ_799XcO5-iIs0TQ2zhrqUHG4qe_K8hQtLpzn7nqVj29_1TLoGfvngjf62knJCVH_ha-XutgMMhxwF5bFle_KiprRsM0o7-02daQh34VJgxrSiLTmZcZnrpk7o61JdszYrHL1023xjcIT6zZFhQKRXz3VdDvE-5zrYgz3gdlbjWVe5r-6YY0z1hiOaKU-VaX18PeLboQrzOuVido8Y-3XFNK1K98jzn3mSs_OWQ19KumzZTr2ffdIkUmMUmGf5U2TyW9HkZDvP3HKl2bchcuwv0OkiYHURfe3WYP1k5SWWMSDGWdbwuoBugw2yX7m9_FxaOBybGwCqyRPleLatZg-2lnYCVabeTEl5LSJSXaOqHmHEC-r2kn9EHfl6UIcVRi41bG91IiabUnU9a4ruTMA9KR2JMt-tGGa4EJl6UfwcGuzV0tTl_uIspKYMI5985OOOfjnjg-1FApFTLyyMW5IGxNtnObDWrkK-zd240-MzaaihiF_8MNDhhtX9m7E_iiuy6JHXx-5AXBFfjsZLkCdfMAjXmKd3IQUltOuypUKyLZWnLCugylFBVciBaFTzKvH5z2BwCgWXgQEFbaePnkS8b2utMn_es5iR1WH5RE54RtCOnZWZMZ6bt5sAvYNpaApohLgPpMFXHWqQVImLUPK_EhtEK6DP2EZltltY5DD6Y7j9eITpTAEENJq-N-r3-ElqMihtxry3uTGrfQDTpMm-Bdk_Wrf1kubp8VxzoZy3GsB0&cid=CAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
29758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 16:01:25 GMT
generate_204
tpc.googlesyndication.com/ Frame 11DE
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?-JwYjg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 1334
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 23:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 23:01:25 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E3FF
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
71303
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 04:29:01 GMT
etag
48472445140208031
expires
Sun, 27 Nov 2022 04:29:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 97D6
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c052f971528328ba855dc51d679f3e81d9f819cdcdd5c976fbc2a5ec029e754

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enabler.js
s0.2mdn.net/ads/studio/ Frame F2BD
136 KB
46 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCEy9ckayCY-THONCavQSa9rKwDdKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKqlijH2_WkPqgDAaoE7gFP0NAGsffWgUgIjFgPbdpxz_yNvnYmqO5Hz3Yokpd1P3_qe7eBNz4Mq2tbotg2z1sgeeUnugm1YZLcgFXNyQy9JjTb5QQV-xug5AkEde0v3vE9ungVlFlsbowaMWkr_zeNJE4zS7HKaQ23b7-P6PFLphAE9KtDqKlq-ssK6khGcdsPvpRXciGsB8tbC-mRFEyLi-CjR2I3tSXW4Ajek7-zCYwP1d_dyxwHLTyEY9-6ZXYzCO2XgLAd2MBvjP1uO47dt-2BAASjIkfQCp2HMf0DoQUwSi2X0JVZuBKN3Jq2q_7U3Ne2LANpTiAUBA65wATN78nshgTgBAOQBgGgBk2AB7j91OwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT2-nxEMgTt4yk4QPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw%26sig%3DAOD64_1aiBbSRAyggsJyvx2IZyxq334Avw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-AElV9YGv8kHlif74yCOcwRkTSIs7qkSZJjbwmrm8Wrfxqi4-n9_PlTY3_XnBpsOQDpwozIB8nQTS6HBorQabr2Sfot9D9BE0WAISr-pkd71aDaoYm25MWTnZlq1Jm1-Jl-BV83tgQPljgmyE_rszhY6Rfp02I7dVY0T3RquA2spw5SfIQ%26cry%3D1%26dbm_d%3DAKAmf-C3OQYz_P6yRZFSWsbBGXqV_E9Tcmq2-_FUyh21wq73O2n52RqWB3-pocqftHOxh7WfIPSWbjD07cHJOdntE9DEmNQYkOGpSe32Pn8KxaujUbcKgNAEZegZHBlt-RAbwFdNyCRSqcgaL2MgAUVl22vN80BPg5Jfr8XiiQrauFriuchvjpkv0Y31dufVklMK14dbzw4NQg9gOJucvynfh8bVY5GyAdie11B3BWcBaHX12oP03Wz8a8hYoIdThU6GY0U6G6gLjGzX54hfT3YLpUHblSER7-vDYvUqWXz47W12jXbwj2RjYvpt_GtKfb2cimqB3iLLuAmhDabczx0RH4J5wm0_Z-yLD6RYpX8O7bLlBkhOWmN0nBpbC4jH6z0cq_y0sXUtKcj318bS26V1PMcUWG5BvEZ42iyAOtzgons5lWD7ST7VecFHFSyx4_Ul_1EaVYO5NlaR46lawiWs6MLtIBXJNuTQrAQgkECopB6_PTMMWQnAGAHK6r6v9IwdoNZKz3YVcC1mWTBBJBDygeGkx71pG4TS8oNVfSzLYbsmKvdfq_7ZFsn4vd68vnZUJCenbjvpg5AljkAj8DurHXNXLwX_gXL9-u0Yy6a7fzbVFkvvWvIJIHj7kE2plrmhWOTPCJDxqEQAWpSbF_MtfbWmuQOnxSf9P0nDBaoFJ133pk7je-s%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1669508241926692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 27 Nov 2022 00:20:00 GMT
dyn-hype-multiitem.js
www.adtrek.co/Scripts/Inserts/ Frame F2BD
11 KB
3 KB
Script
General
Full URL
https://www.adtrek.co/Scripts/Inserts/dyn-hype-multiitem.js?v=1-4
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCEy9ckayCY-THONCavQSa9rKwDdKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKqlijH2_WkPqgDAaoE7gFP0NAGsffWgUgIjFgPbdpxz_yNvnYmqO5Hz3Yokpd1P3_qe7eBNz4Mq2tbotg2z1sgeeUnugm1YZLcgFXNyQy9JjTb5QQV-xug5AkEde0v3vE9ungVlFlsbowaMWkr_zeNJE4zS7HKaQ23b7-P6PFLphAE9KtDqKlq-ssK6khGcdsPvpRXciGsB8tbC-mRFEyLi-CjR2I3tSXW4Ajek7-zCYwP1d_dyxwHLTyEY9-6ZXYzCO2XgLAd2MBvjP1uO47dt-2BAASjIkfQCp2HMf0DoQUwSi2X0JVZuBKN3Jq2q_7U3Ne2LANpTiAUBA65wATN78nshgTgBAOQBgGgBk2AB7j91OwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT2-nxEMgTt4yk4QPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw%26sig%3DAOD64_1aiBbSRAyggsJyvx2IZyxq334Avw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-AElV9YGv8kHlif74yCOcwRkTSIs7qkSZJjbwmrm8Wrfxqi4-n9_PlTY3_XnBpsOQDpwozIB8nQTS6HBorQabr2Sfot9D9BE0WAISr-pkd71aDaoYm25MWTnZlq1Jm1-Jl-BV83tgQPljgmyE_rszhY6Rfp02I7dVY0T3RquA2spw5SfIQ%26cry%3D1%26dbm_d%3DAKAmf-C3OQYz_P6yRZFSWsbBGXqV_E9Tcmq2-_FUyh21wq73O2n52RqWB3-pocqftHOxh7WfIPSWbjD07cHJOdntE9DEmNQYkOGpSe32Pn8KxaujUbcKgNAEZegZHBlt-RAbwFdNyCRSqcgaL2MgAUVl22vN80BPg5Jfr8XiiQrauFriuchvjpkv0Y31dufVklMK14dbzw4NQg9gOJucvynfh8bVY5GyAdie11B3BWcBaHX12oP03Wz8a8hYoIdThU6GY0U6G6gLjGzX54hfT3YLpUHblSER7-vDYvUqWXz47W12jXbwj2RjYvpt_GtKfb2cimqB3iLLuAmhDabczx0RH4J5wm0_Z-yLD6RYpX8O7bLlBkhOWmN0nBpbC4jH6z0cq_y0sXUtKcj318bS26V1PMcUWG5BvEZ42iyAOtzgons5lWD7ST7VecFHFSyx4_Ul_1EaVYO5NlaR46lawiWs6MLtIBXJNuTQrAQgkECopB6_PTMMWQnAGAHK6r6v9IwdoNZKz3YVcC1mWTBBJBDygeGkx71pG4TS8oNVfSzLYbsmKvdfq_7ZFsn4vd68vnZUJCenbjvpg5AljkAj8DurHXNXLwX_gXL9-u0Yy6a7fzbVFkvvWvIJIHj7kE2plrmhWOTPCJDxqEQAWpSbF_MtfbWmuQOnxSf9P0nDBaoFJ133pk7je-s%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1669508241926692
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.150.39 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-150-39.ap-southeast-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f824af6240aaa57ba4104f1969365afa9b6904544545284db4a7469e6a94768a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCEy9ckayCY-THONCavQSa9rKwDdKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKqlijH2_WkPqgDAaoE7gFP0NAGsffWgUgIjFgPbdpxz_yNvnYmqO5Hz3Yokpd1P3_qe7eBNz4Mq2tbotg2z1sgeeUnugm1YZLcgFXNyQy9JjTb5QQV-xug5AkEde0v3vE9ungVlFlsbowaMWkr_zeNJE4zS7HKaQ23b7-P6PFLphAE9KtDqKlq-ssK6khGcdsPvpRXciGsB8tbC-mRFEyLi-CjR2I3tSXW4Ajek7-zCYwP1d_dyxwHLTyEY9-6ZXYzCO2XgLAd2MBvjP1uO47dt-2BAASjIkfQCp2HMf0DoQUwSi2X0JVZuBKN3Jq2q_7U3Ne2LANpTiAUBA65wATN78nshgTgBAOQBgGgBk2AB7j91OwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT2-nxEMgTt4yk4QPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw%26sig%3DAOD64_1aiBbSRAyggsJyvx2IZyxq334Avw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-AElV9YGv8kHlif74yCOcwRkTSIs7qkSZJjbwmrm8Wrfxqi4-n9_PlTY3_XnBpsOQDpwozIB8nQTS6HBorQabr2Sfot9D9BE0WAISr-pkd71aDaoYm25MWTnZlq1Jm1-Jl-BV83tgQPljgmyE_rszhY6Rfp02I7dVY0T3RquA2spw5SfIQ%26cry%3D1%26dbm_d%3DAKAmf-C3OQYz_P6yRZFSWsbBGXqV_E9Tcmq2-_FUyh21wq73O2n52RqWB3-pocqftHOxh7WfIPSWbjD07cHJOdntE9DEmNQYkOGpSe32Pn8KxaujUbcKgNAEZegZHBlt-RAbwFdNyCRSqcgaL2MgAUVl22vN80BPg5Jfr8XiiQrauFriuchvjpkv0Y31dufVklMK14dbzw4NQg9gOJucvynfh8bVY5GyAdie11B3BWcBaHX12oP03Wz8a8hYoIdThU6GY0U6G6gLjGzX54hfT3YLpUHblSER7-vDYvUqWXz47W12jXbwj2RjYvpt_GtKfb2cimqB3iLLuAmhDabczx0RH4J5wm0_Z-yLD6RYpX8O7bLlBkhOWmN0nBpbC4jH6z0cq_y0sXUtKcj318bS26V1PMcUWG5BvEZ42iyAOtzgons5lWD7ST7VecFHFSyx4_Ul_1EaVYO5NlaR46lawiWs6MLtIBXJNuTQrAQgkECopB6_PTMMWQnAGAHK6r6v9IwdoNZKz3YVcC1mWTBBJBDygeGkx71pG4TS8oNVfSzLYbsmKvdfq_7ZFsn4vd68vnZUJCenbjvpg5AljkAj8DurHXNXLwX_gXL9-u0Yy6a7fzbVFkvvWvIJIHj7kE2plrmhWOTPCJDxqEQAWpSbF_MtfbWmuQOnxSf9P0nDBaoFJ133pk7je-s%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1669508241926692
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Apr 2022 14:29:24 GMT
Server
Microsoft-IIS/8.5
ETag
"0fa1131435ad81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2968
pol.jpg
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame F2BD
4 KB
2 KB
Image
General
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/pol.jpg
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCEy9ckayCY-THONCavQSa9rKwDdKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKqlijH2_WkPqgDAaoE7gFP0NAGsffWgUgIjFgPbdpxz_yNvnYmqO5Hz3Yokpd1P3_qe7eBNz4Mq2tbotg2z1sgeeUnugm1YZLcgFXNyQy9JjTb5QQV-xug5AkEde0v3vE9ungVlFlsbowaMWkr_zeNJE4zS7HKaQ23b7-P6PFLphAE9KtDqKlq-ssK6khGcdsPvpRXciGsB8tbC-mRFEyLi-CjR2I3tSXW4Ajek7-zCYwP1d_dyxwHLTyEY9-6ZXYzCO2XgLAd2MBvjP1uO47dt-2BAASjIkfQCp2HMf0DoQUwSi2X0JVZuBKN3Jq2q_7U3Ne2LANpTiAUBA65wATN78nshgTgBAOQBgGgBk2AB7j91OwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT2-nxEMgTt4yk4QPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw%26sig%3DAOD64_1aiBbSRAyggsJyvx2IZyxq334Avw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-AElV9YGv8kHlif74yCOcwRkTSIs7qkSZJjbwmrm8Wrfxqi4-n9_PlTY3_XnBpsOQDpwozIB8nQTS6HBorQabr2Sfot9D9BE0WAISr-pkd71aDaoYm25MWTnZlq1Jm1-Jl-BV83tgQPljgmyE_rszhY6Rfp02I7dVY0T3RquA2spw5SfIQ%26cry%3D1%26dbm_d%3DAKAmf-C3OQYz_P6yRZFSWsbBGXqV_E9Tcmq2-_FUyh21wq73O2n52RqWB3-pocqftHOxh7WfIPSWbjD07cHJOdntE9DEmNQYkOGpSe32Pn8KxaujUbcKgNAEZegZHBlt-RAbwFdNyCRSqcgaL2MgAUVl22vN80BPg5Jfr8XiiQrauFriuchvjpkv0Y31dufVklMK14dbzw4NQg9gOJucvynfh8bVY5GyAdie11B3BWcBaHX12oP03Wz8a8hYoIdThU6GY0U6G6gLjGzX54hfT3YLpUHblSER7-vDYvUqWXz47W12jXbwj2RjYvpt_GtKfb2cimqB3iLLuAmhDabczx0RH4J5wm0_Z-yLD6RYpX8O7bLlBkhOWmN0nBpbC4jH6z0cq_y0sXUtKcj318bS26V1PMcUWG5BvEZ42iyAOtzgons5lWD7ST7VecFHFSyx4_Ul_1EaVYO5NlaR46lawiWs6MLtIBXJNuTQrAQgkECopB6_PTMMWQnAGAHK6r6v9IwdoNZKz3YVcC1mWTBBJBDygeGkx71pG4TS8oNVfSzLYbsmKvdfq_7ZFsn4vd68vnZUJCenbjvpg5AljkAj8DurHXNXLwX_gXL9-u0Yy6a7fzbVFkvvWvIJIHj7kE2plrmhWOTPCJDxqEQAWpSbF_MtfbWmuQOnxSf9P0nDBaoFJ133pk7je-s%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1669508241926692
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.11 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
04af379c37398603077d9d44bfccfb4f4fa3cddcd33a3f1629f25c22031a09a6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:24 GMT
Server
AmazonS3
x-amz-request-id
1KWP73MCPREWWKF6
ETag
"51725432a390bdc2beb9923ad23d567f"
x-amz-meta-info
polite loading image
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1569
x-amz-id-2
c6EU10dC/j6rgDUC0c3Edu7WjIjeUfO23VBbf/ppNCgE+Vm8PXeoW29Utx8RddEafAmoJtV19fA=
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F4D5
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 22:07:48 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 20E2
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
71303
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 04:29:01 GMT
etag
48472445140208031
expires
Sun, 27 Nov 2022 04:29:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F4D5
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6df83660fc9af4e487bffd1e923170ce7ab3135aece79a6a5b329bff4e72c6be

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E3FF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1&google_push=ASkJ3FaT_NDn32pUAB8XfV1rmuhGkTDQPdDQmDLO3KkTgWlOT_CM0Nh3zw1-Q314BF1A2capa9yFBklm5uWYyP2ErvQa-acdvM8
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkwMjkwMzA5NDA3MjUyMTQwNQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E3FF
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMxjY1bPZj3Hh1on1Mk1Hx4&google_cver=1&google_push=ASkJ3FZrepsTAraMGygH5CRGBxzP44LVA9gjZFXKZhKG5kVswo6LuCP_Ke...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZrepsTAraMGygH5CRGBxzP44LVA9gjZFXKZhKG5kVswo6LuCP_KeiaCKNUM7MXZIfPQTou-t41pACsXNhPUB4sFY0n7so&google_hm=8Fn3ZZH...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZrepsTAraMGygH5CRGBxzP44LVA9gjZFXKZhKG5kVswo6LuCP_KeiaCKNUM7MXZIfPQTou-t41pACsXNhPUB4sFY0n7so&google_hm=8Fn3ZZHkEC-swn2AwXAQKQ
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FZrepsTAraMGygH5CRGBxzP44LVA9gjZFXKZhKG5kVswo6LuCP_KeiaCKNUM7MXZIfPQTou-t41pACsXNhPUB4sFY0n7so&google_hm=8Fn3ZZHkEC-swn2AwXAQKQ
pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
a.tribalfusion.com/ Frame E3FF
43 B
612 B
Image
General
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEC9n_7K2DO3DRZAbzjuUToo&google_cver=1&google_push=ASkJ3Fa3xnzhPuw4lIcV_fosqrSG73ggH_ZboOrLsz1kwJZ-3XnT9ADOlJFdFht3idcnKkS8al5zrBUMlOF1tNUyL3L-uuugSqho&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fa3xnzhPuw4lIcV_fosqrSG73ggH_ZboOrLsz1kwJZ-3XnT9ADOlJFdFht3idcnKkS8al5zrBUMlOF1tNUyL3L-uuugSqho%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7706ae3ff8781c58-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E3FF
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEB7TxgM6e_zilxjcmi7UpLg&google_cver=1&google_push=ASkJ3FbWODUFgX_Inc5PR9Z7bWUajT2diqzkQRDemxI_CvNmGA5aqbllNzd8cXk7VZjBQKgrJsiBbeG...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FbWODUFgX_Inc5PR9Z7bWUajT2diqzkQRDemxI_CvNmGA5aqbllNzd8cXk7VZjBQKgrJsiBbeG5_riz7NH91sTvhB3hKY8&google_hm=3mLovL-3QSqP9jWXgF...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FbWODUFgX_Inc5PR9Z7bWUajT2diqzkQRDemxI_CvNmGA5aqbllNzd8cXk7VZjBQKgrJsiBbeG5_riz7NH91sTvhB3hKY8&google_hm=3mLovL-3QSqP9jWXgFr0OdA
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FbWODUFgX_Inc5PR9Z7bWUajT2diqzkQRDemxI_CvNmGA5aqbllNzd8cXk7VZjBQKgrJsiBbeG5_riz7NH91sTvhB3hKY8&google_hm=3mLovL-3QSqP9jWXgFr0OdA
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E3FF
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEInWfTGwXEmipSHJKZ3gwV8&google_cver=1&google_push=ASkJ3FYvAmpwXCqyMyDJlTPgteaLvGXQDSa3_Z_xoE4PXyZOUz4mPgKRD60O4iIArpe_iORL65AVdSS10Z0HeA...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FYvAmpwXCqyMyDJlTPgteaLvGXQDSa3_Z_xoE4PXyZOUz4mPgKRD60O4iIArpe_iORL65AVdSS10Z0HeAeFZWxQNjxiRzP2&google_hm=hmOCrJFvqI6kCRGi8...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FYvAmpwXCqyMyDJlTPgteaLvGXQDSa3_Z_xoE4PXyZOUz4mPgKRD60O4iIArpe_iORL65AVdSS10Z0HeAeFZWxQNjxiRzP2&google_hm=hmOCrJFvqI6kCRGi8g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6382AC916FA88EA40911A2F2BLIS
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FYvAmpwXCqyMyDJlTPgteaLvGXQDSa3_Z_xoE4PXyZOUz4mPgKRD60O4iIArpe_iORL65AVdSS10Z0HeAeFZWxQNjxiRzP2&google_hm=hmOCrJFvqI6kCRGi8g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6382AC916FA88EA40911A2F2BLIS
date
Sun, 27 Nov 2022 00:17:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
google_sync_status
x.bidswitch.net/ Frame E3FF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOx08EgLItsFKYD4ctIZHH8&google_cver=1&google_push=ASkJ3Fbh3xFuRlg8lv7zeZKAbkdZ31ZaUV1hYsXTiIvsPFX66jC7xtRAq7o07bqUENBWPUVXhXaBE4_vEiwFtqApN3ec...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=12d9ff6d-e790-4973-804e-ab42b3396025&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=dmp4glmXSE2v0J9xCFmQMg==
  • https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEOx08EgLItsFKYD4ctIZHH8&google_cver=1
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEOx08EgLItsFKYD4ctIZHH8&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEOx08EgLItsFKYD4ctIZHH8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame E3FF
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEP8a5uwyyxVZPXzB7t_hn84?ext-param=ASkJ3FYxGJoo27g5aCQKDr7M-r9atsFonHxogPA70-qYnBLGo2uzCRFKOLgNYC5EY3rU5EBqmzUdT3OGOegUZLG0ZD3CxvhIIHkYpw&partner-tag=yandex_ag...
  • https://an.yandex.ru/mapuid/google/CAESEP8a5uwyyxVZPXzB7t_hn84?redir-setuniq=1&ext-param=ASkJ3FYxGJoo27g5aCQKDr7M-r9atsFonHxogPA70-qYnBLGo2uzCRFKOLgNYC5EY3rU5EBqmzUdT3OGOegUZLG0ZD3CxvhIIHkYpw&partn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEP8a5uwyyxVZPXzB7t_hn84&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B
Image
General
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Server
77.88.21.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 12 Nov 2023 00:17:26 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E3FF
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1Y7yhrv8-z4njm9zZArriYaAEi3bUOqGZpy6VaXkZg8ewoY7-_XyGx0ro1enqjdf7CXLnlw
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 700A
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
347837
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 23:40:07 GMT
expires
Wed, 22 Nov 2023 23:40:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1334
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwPsyk6yCY8SLBs7cogOj3L-YDQAAAAA4AeAEAg&bg=!yMuly4_NAAbvMpMzzzI7ACkAdvg8WloJGhSOw96TktYq4FaA7RpUhgqrI0xm4UP_Er0hmlJ9nDdivgIAAABUUgAAAAJoAQeZAuk_S1d7nj4tj7vLvy_qj1w5TQdCN2irLN9u1fROxm4kicuB4mVxCJUAmiNYYvoXiLMtuvEiNLtq5WVR1SdcrJn0-ISF8Cg6gzOS_ORbxCKoOolntBRT14-7odqsQa1IRyFmXW8IO1PwSXrG6w6tLjUAAN-hEhK9NcgFxoxamzRru6zEBC8vURcxQUg5oTNPow-ginKmECZG82UAT3ErlbiSo9ZKoPf8JXaqMkIA7bhGrU908TZq-PRLzIDZ3MZHk4R3g52hE5li914QB0s3oFiP9yRrQLXNjFKA9IezfOJjPt9Ohtdy_s2b2pcomgv1U_aM_q6Kn-TaOqPXu3MFFpo_axQbRIB1Evkc8P4xB01_zrLTLx7TQMfcmZCtp13Y4unFYYZSRz2JHg0mMRyGI4pcXA4CQDLkJnqppgKQKoHciMYHZ3M1gi-KuWSQzq2AomJr7ibWgzCRv48t5tGyeqCEfmRdp7BRyCZu0Tmt3iYkgJc3bdarl2wCj8PvkQy5SirhGRUfSDg6gu42R_KPNzLpSFfOvfNWI-TWp_MCqIY_pRfXCqg5uMrUA037-JmzHNBsS3ZoeBJ1Wup9Rk2Ya4JIEKoyrslG_eVGBwD3F3IkZ0mpSZ82hLkY1Cv7EfDHf6ugQOpxJRIeKbkFaLVvSsXOC6jFCXYjcOgwzSuiIAE3tHcjHIN38U9IsT3hULWa2wcnEmLQNyn0tu1DBvIV7f4xM4XNEGUniOm05O3fMYOMTr2LMc8Nhf3BjvDm2YA5eO1sRg9FIe8FXXoM7Jpo7IiHgoYk-x-zzrSfd3qJM9ZZN8kW9-RolMEYmRD0W2mHBBozLJm6o-JHlFWNLBNjY1UiJsBYsw3kx8K9Z_Wb3v28tmGq72tQilB7l1AL4_Wt4gt2aJrlMSM4IEfKFt5vV8cpB0EnStKnBFZnOpFCXq1AYwnsMIy5_np78wljV2cmTPW7JBxMowsISifoV4furUMfSVttJeb6aXUH
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 20E2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1&google_push=ASkJ3FbE9VQ36bS-M3tQyHLbQCUCDnFtZA-jmVr5Ha3fC6qzzYJO9D-PMPtdyOh0UrrSeyXfMG1Kh0CImh1DhAWCL8mf9h57WYP09...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUzNzAyNTMyMjU2NjQ5Njk1Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOehgu4luJiAQ__Z8dP6-qU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 20E2
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMxjY1bPZj3Hh1on1Mk1Hx4&google_cver=1&google_push=ASkJ3FYfFKzNYIsmCM_flY4Ed1yFWiNljms7kyEO_tOEmlDa2vdLq7PC_w...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FYfFKzNYIsmCM_flY4Ed1yFWiNljms7kyEO_tOEmlDa2vdLq7PC_wESETSK6_aMcjF3Q_GnHUk6UDfRpWVa-MCLpEQuHaBgN9qHORGPfYDjMJvJJ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FYfFKzNYIsmCM_flY4Ed1yFWiNljms7kyEO_tOEmlDa2vdLq7PC_wESETSK6_aMcjF3Q_GnHUk6UDfRpWVa-MCLpEQuHaBgN9qHORGPfYDjMJvJJbsCF8WANV9n6-7wYiUcjP9xfSmy&google_hm=8Fn3ZZHkEC-swn2AwXAQKQ
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FYfFKzNYIsmCM_flY4Ed1yFWiNljms7kyEO_tOEmlDa2vdLq7PC_wESETSK6_aMcjF3Q_GnHUk6UDfRpWVa-MCLpEQuHaBgN9qHORGPfYDjMJvJJbsCF8WANV9n6-7wYiUcjP9xfSmy&google_hm=8Fn3ZZHkEC-swn2AwXAQKQ
pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 20E2
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEB7TxgM6e_zilxjcmi7UpLg&google_cver=1&google_push=ASkJ3Fbu3C1lThvaoXhYDqDZvLRUPdBfBgSVT_qmTKArDuBWxNip1HDaYYSKPXeRGUjXuNhUoX_C2Yd...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3Fbu3C1lThvaoXhYDqDZvLRUPdBfBgSVT_qmTKArDuBWxNip1HDaYYSKPXeRGUjXuNhUoX_C2Yd-JB7Xf9DZDZsVOkkQVaq6ytoLu2lhrChiaatdP5FKufrR0y-N...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3Fbu3C1lThvaoXhYDqDZvLRUPdBfBgSVT_qmTKArDuBWxNip1HDaYYSKPXeRGUjXuNhUoX_C2Yd-JB7Xf9DZDZsVOkkQVaq6ytoLu2lhrChiaatdP5FKufrR0y-NnFp3dPbMb0KzGN8Q&google_hm=3mLovL-3QSqP9jWXgFr0OdA
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3Fbu3C1lThvaoXhYDqDZvLRUPdBfBgSVT_qmTKArDuBWxNip1HDaYYSKPXeRGUjXuNhUoX_C2Yd-JB7Xf9DZDZsVOkkQVaq6ytoLu2lhrChiaatdP5FKufrR0y-NnFp3dPbMb0KzGN8Q&google_hm=3mLovL-3QSqP9jWXgFr0OdA
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 20E2
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEInWfTGwXEmipSHJKZ3gwV8&google_cver=1&google_push=ASkJ3FY5Go0LIcoUH0a4yOCCjZEQn07g6GobPvXbYauMgJW2MzP2jglOzVj8mwRh2WvsxNgj8admd6IHCtUObt...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FY5Go0LIcoUH0a4yOCCjZEQn07g6GobPvXbYauMgJW2MzP2jglOzVj8mwRh2WvsxNgj8admd6IHCtUObteh6fCWBvyUu9QqlSJfjFtfyMeeh3IJy9A1vyLcdffp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FY5Go0LIcoUH0a4yOCCjZEQn07g6GobPvXbYauMgJW2MzP2jglOzVj8mwRh2WvsxNgj8admd6IHCtUObteh6fCWBvyUu9QqlSJfjFtfyMeeh3IJy9A1vyLcdffpmTGYHomHfeYM0WA&google_hm=hmOCrJFvqI6kCRGi8g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6382AC916FA88EA40911A2F2BLIS
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ASkJ3FY5Go0LIcoUH0a4yOCCjZEQn07g6GobPvXbYauMgJW2MzP2jglOzVj8mwRh2WvsxNgj8admd6IHCtUObteh6fCWBvyUu9QqlSJfjFtfyMeeh3IJy9A1vyLcdffpmTGYHomHfeYM0WA&google_hm=hmOCrJFvqI6kCRGi8g&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6382AC916FA88EA40911A2F2BLIS
date
Sun, 27 Nov 2022 00:17:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 20E2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOx08EgLItsFKYD4ctIZHH8&google_cver=1&google_push=ASkJ3FYBL8o6KggpQ7txKvsUXXCbHd9xW5ZCbM12PfK7MrK8qhqLMoVr7JeFBAeTwWadCZfZknE2Jta32QppEm54Gm7O...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=0&user_id=&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYBL8o6KggpQ7txKvsUXXCbHd9xW5ZCbM12PfK7MrK8qhqLMoVr7JeFBAeTwWadCZfZknE2Jta32QppEm54Gm7OrHopuwb3UW5jHNLtVTlElO_XiL64P-kP7PG24MA-5Y...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYBL8o6KggpQ7txKvsUXXCbHd9xW5ZCbM12PfK7MrK8qhqLMoVr7JeFBAeTwWadCZfZknE2Jta32QppEm54Gm7OrHopuwb3UW5jHNLtVTlElO_XiL64P-kP7PG24MA-5Y9A4w5ePko&google_hm=dmp4glmXSE2v0J9xCFmQMg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYBL8o6KggpQ7txKvsUXXCbHd9xW5ZCbM12PfK7MrK8qhqLMoVr7JeFBAeTwWadCZfZknE2Jta32QppEm54Gm7OrHopuwb3UW5jHNLtVTlElO_XiL64P-kP7PG24MA-5Y9A4w5ePko&google_hm=dmp4glmXSE2v0J9xCFmQMg==
Date
Sun, 27 Nov 2022 00:17:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 20E2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN1hL2FgaCQYh9ralHjbiRY&google_cver=1&google_push=ASkJ3FbtTNdTXjeURPaq5CJ1JEvzakcBPDLgkrreywKeZcfrvVRrB7PxejGGtls-T0pSeAsTYtofLlH_...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIwODc3NjY2ODExMjA5MDA0NA&google_push=ASkJ3FbtTNdTXjeURPaq5CJ1JEvzakcBPDLgkrreywKeZcfrvVRrB7PxejGGtls-T0pSeAsTYtofLl...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIwODc3NjY2ODExMjA5MDA0NA&google_push=ASkJ3FbtTNdTXjeURPaq5CJ1JEvzakcBPDLgkrreywKeZcfrvVRrB7PxejGGtls-T0pSeAsTYtofLlH_e7AedmpEocspTMGwD87r10290XkTkuxAVhbtXSRf3Zh0GrNtnV7xHKnJWD7oN9Yr
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODIwODc3NjY2ODExMjA5MDA0NA&google_push=ASkJ3FbtTNdTXjeURPaq5CJ1JEvzakcBPDLgkrreywKeZcfrvVRrB7PxejGGtls-T0pSeAsTYtofLlH_e7AedmpEocspTMGwD87r10290XkTkuxAVhbtXSRf3Zh0GrNtnV7xHKnJWD7oN9Yr
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 20E2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDRG44y_20IXy_kjl1h2i_U&google_cver=1&google_push=ASkJ3FYS1AangmDInC73T2_CZq2-EzFphKqnVyj1pg_h3yU6EBteWwrm4yf-6pfcsVWyG4xeiLHqGsJTEh9Xms2...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dKsCa37UT3F9I8wiSYczX3RaStA&google_push=ASkJ3FYS1AangmDInC73T2_CZq2-EzFphKqnVyj1pg_h3yU6EBteWwrm4yf-6pfcsVWyG4xeiLHqGsJTEh9Xms...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dKsCa37UT3F9I8wiSYczX3RaStA&google_push=ASkJ3FYS1AangmDInC73T2_CZq2-EzFphKqnVyj1pg_h3yU6EBteWwrm4yf-6pfcsVWyG4xeiLHqGsJTEh9Xms2fHbAVY5ENL-WTak54uUlFP6MXt7jj2SjSWFc-H-JZQ1GgWCAeRqjONBox
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dKsCa37UT3F9I8wiSYczX3RaStA&google_push=ASkJ3FYS1AangmDInC73T2_CZq2-EzFphKqnVyj1pg_h3yU6EBteWwrm4yf-6pfcsVWyG4xeiLHqGsJTEh9Xms2fHbAVY5ENL-WTak54uUlFP6MXt7jj2SjSWFc-H-JZQ1GgWCAeRqjONBox
Date
Sun, 27 Nov 2022 00:17:24 GMT
Connection
keep-alive
Content-Length
286
Content-Type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 20E2
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LdpYiqRDostYhO9MJP36wSBcNZW3YvCcDczJf6WagvYuzXYwgP4O19njPr3_Ra4jhHLA6u
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7D2B
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
347837
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 23:40:07 GMT
expires
Wed, 22 Nov 2023 23:40:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 97D6
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthkcisQD1DtUVSj4LI4F7KvxSqX5Tzv33LHlfeqthoQaSJgbbPgYRF3s_TY4mPgseJeZw5vnJKwJoEQjN9AUU9qERiwGVOVUVZK7krYgeq3YfWESz4njz4xBGIKcEEpEa5qKNjDx-zmsmCdnbg6hMg-wEpV4h0ISGaeyIGP5lDb1aCqI_SEiGK5KSmAc3fG3-PvnFI5FGNsPowXeEeZumGSBj00vSDvukJ8SNGxtDYlKMPDTUBfw-hg4DgBEY58PNv7n5klxcVNqsaNiThFpcL4Yno7MflEsfyJ0uwT0MWg6mLs99w5iH9d7RjreMUUyiPiBf0BMI4B_nu7w-pxn5xqDvmx1GfENrAPt3dAHSDindPfen8BpUenmS1XnvDFXbZc8TdY6wnGezcaPG3wu-FIbsUeLQ3Z1_OHNGlxBoYL6CijfGCrbgqkYZLiVTt3lgaje44HjIGoC7eTWhepN5XYcF3gpWjlsGrQlF94WoITcAbpDdAhUN03zqhAp5_EScv6W2zGFoEGvWpgIgcrCC544Bi9guNvlbxjG0mMPWVk7a6dsx4-9hkCShbQVRK3VHm4-3mNd6PhBZRplQBr7J1AVkGqIA1ip34ODsVnf01NlQQ_gU6yE-1AN7yBk7PwVpN5-gTTob8tj6c5EBbI83KHDL7_gCDawbQj_J_pgSAsYOH8aiuA95reWeJqQ1ahGSlv_ZhUlVYpcd_vSEEBWZDzHjS-YzlMVXpGRU3j8U5WOjDP473qRd49PSTk0afP3WSjwHDrOZWPzMSEEUWVVj4SmyZiGvo_DkqfpwM7bXy7Vb9HkPnO36Tzxz0L1aSLa_kSo1U7t8qNYeWJEXBGT6-6HizErN0UjpbGnKcGAIl_U11eprOf-YdZLBAohpSIDGUAvEL7aAAdES6wxeh29aK0dxzNZGYoNlnBgKe1ibZTDjrDlHMdZuAlNhxSeG75H8VgO14eKUsOtj1Z8UJOYx_E9W4WlyWEPT-9_L6sO8r2Bo7oa8K2I4AoNHNhI1zWDw4wsbzSbb17bAlvUmhjRrCdzrnQfQJhSNe2Uc8kljbOrdpbq8cUCWA-E6Kh76qMEjD7Bz4mHkkue5mzzpBWlTffvGME_j6MjxNgPWGfXAt2b0V8l6ZR9piOIOsbHsqrH3gnKrRbqpIXfM1pA7ItGe6yZVn0xCQkM1hnRcR2c35IiA2cxVWiojVOmXzJkOjQNgvM3esW-B_2bOaWefUEzrNuiHzuOajAIX_A1BuwV7EOPiQ95_z8aZzfFQ-&sai=AMfl-YTyXRxWWuD5LdD9NmN7IiDv6rw7z08xjIAPVKr1OEC-HGxWYXqtjRvwRcqhGQrY01aUByYK5U8Y8DgR0xYLmsUo-bByfszrGHxypN4JHoLSzOGdd8qcwSU0saXOqU5UY1nW_HPyLofNAS25a9CnbeKm5Jb-8I3IemqSeHfx_dmHW99u6mCZVBEeWxpzo-brCF3h5tshv0ChMMVekmc_zhSuojJikiKAv-rwysHKuMQL9gfKckTgE5rUz3hiMkd6vrFtLXnbinQ&sig=Cg0ArKJSzLpEi2WqtZqIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=796&vt=11&dtpt=795&dett=2&cstd=0&cisv=r20221110.08734&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BkhyY-mcMgx7ZPX80yMe5PxmYhnXiQWV8BfI4wgZlyPp8nfXsAGvZJ4KSSUwa6VXJ5IVwSOy-jC1MN0ABCnZnmpHJ7jA&cry=1&dbm_d=AKAmf-CzBnNE_KnGJIRW5A58SBSPM0r8t7tPLNlW6dY1GwJXcsqKDAgnztWC198JaY80ZtnbwaEYdFqFu0s6XSy1k-eE9ZbgeZrJeVQwdMyN-lK8d7oVMDEJQfP19b2qw-NcLWFenCijaTm5DPGQBzETWSi3SETMv7sQKv2eUJ4DeybzOtGJNcfREG120V_G6TKa5IKx2hJFivaK1BLRp11-LjYBK7gL3vTUjVtnT5r0oceT39MLhoaBGJrL3PerGKeJF8rxaGBUjGl-oLKA-hGxmHp4rINZ2zWKtzA9PETjiRRhAv4OqYYVr83Kk6LlZFcaAGx2as9ovLKwZzKkTXZNEG8BmuSoVejvi_kyzSi_lc_DNvxVWJ2mpvhEuViV_ZPcFhW9QNLVVsVCvl3VxX0HS6Cn9q0msYeBUNA-3Z8DXVM5eCtZDArJgc1jAGnGdk2QGOPx9Ca_Hf31Fw2NzTYRHG_M75I98Ppf0rm97MTPMWm5KzNSzT7HpFxqfTnjUGoVae7USAwST9VOJldFj1Z_3toudb-JVn7u7Q5YhNOasfCmGd4W5MxbJ08MHJkJtUVMH1w7FAzCfAo87LgF0ZfG-yDHmKIFHSwDMEAz_4ztKig2Cqm4A0avbdPdmD9c3fy3wat047xOZ2Er6jMePhSH3h5KsT33-wHINBzFuQLqTL4ZkNmOoLDCumGgq-wmUeb5F0d6rRdgIX7lScE6Eg933hGHdTOSELBDllQfSS6ahIKLObv_gfmRmbNRfJrBbtTSDisTwmwUF4j0hGNpPzzy6K-LZr1YZ_xOLmSJzIl93kQZcXxM6IXS__hZU7cocxsouM6N4KEmP9My_6lokG52uF1m9eMmaCqLAwy2Zjmp9VsClGU0XjTGPjTkSdG8r95nTOATQC3XcrxpjmbAhtthhiwLPb7BhjaxkO_QZ-lnvpjZ3B6ki7wiFvjMEeEznsAW6Y3-xdEPpoio4sFlHDJDnbnV3tCh6V5XevDuvuygK8QqSjXmrSOTDAR78y6-QM8O53illAyoWDCTNL-7bqar6ztU9bMJVFBMoidgQ1GkXfu3RCcDakFhAwN_mQKhzuxa8bHohy1GOcj7bAClOJtmuWM29lHKbNpzxivRlEdBCm7Sz8eqUT0D23QMb8BUQ1k0g6EMx4-UU990m6MrSRGVUaXMCu5TpzFaAXYGcjBD-GnGc9gG9lnKfzoGZrB8Cxr69zhKmEjUbjvaj8o7vyeXKlF-gd7chbVAt1pIu0ScASgdOgmnTsh_-0jWiXZXkaF0MUXom1dyoMGfSsTwD5GG-RoCCKMkcWA7-ycXHQVRp9R7JfG_FH-5FYbBOjHSa9msarxIo-u3kC3gM1dtLu7ZUe3ZEuZZYUVhK5k2KgwSjAb1xREtC4QwTr74yWkcSv3fDwmxYsmrbxlSerHEz1v63YwI8GJ1pspU1Dd7IxYHGkr6Gmfdi6lr0Em2legpzD58rVNwdvseb-PDfndOQTMEVv1pepoVfhTVCF_SIEJaQwF1rHT0COrUCCrxpbc2sek21t9dBZiTzCLACMhN6jTKRdiuiS3bQsXy_w3meKaduqAIphRWGGxiP1BGvGfZUBIXBCtnR8OGUNRkMrrAtE2JLdYxnI_VT6t89PShk0UarOS_CkIgpNN2yQp0C--Ud6GI2U1ve-PFAKwmu8_23dpRa840-PNv4EvdOZpw_GVk3iEU667h0log_wOP4uCHHHBQ5T2h1C9jU155e4KGFelaQHNByRvemerZf-nZh4aIbqCSwWo5iIpa6vOUQa1Ef33VK09b-pfqaQUMmlVM1NneECk3YPeGOkO5ktaKZRcbHDWGobCeMRLXwxNYCf792Ki85QfB-Suucy8NOqUtvocLkOr6mqielIR6Yo8WJY1XgixuvFr61H9SCLLzQLKrhINKAZvsIs7x64HkUyJeSJhkJQXZTpI5WKZxjVNyj5lO8YHfain7HrCnH8DBJIMq5ulimsp5vbbfYlLnYZIPkk9FYbUWeSp1rl5s2uoYNmUKHArUnW0DwTQM38tmrYDKfoCzKKje90TTRfI4TWHXBIShsI4EOJpStCwG1LmdGRXSfK1M9gqZ0pci3Rdh_rRkLkXQ5acPI3N46d_LfTyhp7dy9KyUzyM18VHRrUZtHzemkr5eP7uATGe3KPo8d0shcUYFAa01XyL8mS5JEopAJs_Dl0exQj1nOohv_f0RFlrrNPKxR4pLwtkUKHJa8sdCl12TvAvchUkfk_RbfFQ2wDi_1wnpOi20Q-xUfFmvXvNvn4F1WKC94ll3BGG4RXa8GKs7zwkziddUwnQGM8-eNECGmzQIxs5ny7dFuf-13LolIar0jYvi5goF6_80LQPXU9B5vtyeF6XBSDWVtXq_fXV1jJwrMpZtmkOKUlbDY74HTEQEAfbSZc-jAJgFLr8mNYjVKteXtrWkTl13US0L24FycQTURDs_f0CeSEeCJ02FZhWpxPBFfzaOukG5BKjxSmZ5cxp9XhtJ8hgwo_OKnPjBbifVcBTQbD49x6NjFLUb5kAewoGFDoCVoh2BwUMHKIa1L5ODoSk9s6rwN6wl6TWcrYVVY9mb3n8D58s1GYFJFoZ8UmLc9TAI0WBm2z71cIyw_iq73PejPfuSzYswDg0X5hMds5l5YQCXKCqahZ6NuA0ZUhOZiYvREu3A2b2TCuvp3b8Ndzc2uKCDgwGx4m4OUTUEu9pwip7PIEop5n56ZnW_dk2yk9yfRw4S0ypVlY9Ihx4qOWp_DvrvuNWoa8TMxNFA8m0sNxXLzT5FCo0KBnx6TY0k8Zw_QplTAQgmsoDrqrRQHSLebBYOfMQIQcplAXis119884Hekizny7oCZscHrXm_SDbSN1IcAuXnXvxcUWJeKfwPTSFijLhEeYgl0uJYC9xLIxHj7ujzgNGb4AcG7XAZso1f684T9M-QMs3hAA8_ag2IrLlnvr2hCuOEAD-jlu48arUR4FLlHANC3ULLEYdP0NCqvsAQ6lAFTMPPMDoyUBL3wv4d-nfQu1hrR5EUpMZkHAuzg3pUWyf_5XVBxpn5Nt4DY1aLLX_N_g_LLg12NcvYxxuNSUfWtThBp_NyRMWJ6t62ZBDUIKBA-MHCj94l4DAqy6dTOkr4UMqF7pCjGUtwebV-Jiihn_e8N1B_Zgh__ahO0KGgDtgGWs3SSs_teq4LkbMa_EmLT9hPOSyr8bBkwwO122ZMWgW2irdf0mdgF6Ouohep6D5gPYtcayzD8CFZtIMHNHMLgoN90itr9cIm7jXVlb8p8rwjeLZB0JjKjBZuUhffNfdRh44nuFOhX-iHEAFLI8ilY-XUfKAAj2m2NGqk7JnhDiEigfHIv5jdaG9VGDmCShuPABpUUkHSv75HhBz4YwVocYBhYBMm6pU2&cid=CAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 27 Nov 2022 00:17:24 GMT
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 700A
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 23:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 23:01:25 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6182
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtlrvF4ZU6va4zUy0eT60dQQuzwWzFouKCuHJBjGk5EoLoNx-2rabpow6eE5bnvuGSmvY34kw75S77VF8o5l93XNJv_nAZ7rdcqYcFr-qNDvSwdq9E4O0S3_inYOW1TRa5wWo&sai=AMfl-YSpnXKUe9PJ4Pepx-YGJr4UoG8SLQPqBWEPWofwzJgCBOxWEbL6YqM1vDPQsUNBsyHfRsiOSppUkKRsM5cMlVubju3P_TYZCY2EZmjAGd2GI1zHWDtl8t_iN2GOCA&sig=Cg0ArKJSzNh6qsDEtAZQEAE&cid=CAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw&id=lidar2&mcvt=1002&p=60,450,314,750&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669508242375&rpt=1274&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 7D2B
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 23:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 23:01:25 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 27 Nov 2022 00:17:24 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
294170
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/
338 B
645 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0005f19af8a197e861a836aa2d92ba2ff628d5b1d1eadc047215492eca7ad0f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1396985
expires
0
rid
match.adsrvr.org/track/
109 B
541 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
a6a64f6952ceae68d5eadd1daeee70c618f34cde778e5f2c6ce33926d60bfd97

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 27 Nov 2022 00:17:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 27 Dec 2022 00:17:25 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame D7BA
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.199 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 27 Nov 2022 00:17:25 GMT
ETag
"623de86a-cf34"
Expires
Mon, 28 Nov 2022 00:17:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5101
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 27 Nov 2022 00:17:25 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 0A46
9 KB
4 KB
Document
General
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-7.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55240e190af93c329c339c44aef4e37701f7cac83c65df0afb7e801b7eead39f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
28078
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 26 Nov 2022 16:29:28 GMT
etag
W/"02a59c9399d935f64b331e61178d2c9f"
last-modified
Mon, 14 Nov 2022 16:28:27 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 57f18a988739f5feaf34dc974846ac6c.cloudfront.net (CloudFront)
x-amz-cf-id
hRyyNjp3XCQUH2rkPDDR30lTIHfj2JUO76aJNS5BHZexctwf076QJg==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:9114884f-60db-4078-afb1-cde242f68696
x-amz-meta-codebuild-content-md5
3d437d58b8bd54e8a0e378e97cd0e39f
x-amz-meta-codebuild-content-sha256
85fe75fc3aebfc86893a7760fc0ac12e3ff269743874600311aae7eb8917fccd
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 9C15
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
851
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7706ae43ac9b1c5c-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 27 Nov 2022 00:17:25 GMT
expires
Sun, 27 Nov 2022 04:17:25 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame C092
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB
Document
General
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
d061b3b81dbcb2be444ef17d47ee82a283d5c5333cd82ffc2685bfb4907e2d34

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Sun, 27 Nov 2022 00:17:25 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 27 Nov 2022 00:17:25 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
checksync.php
contextual.media.net/ Frame AB53
36 KB
12 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f5261e6b5b77b5291e0122f9f72c8be1e4d805eefb45bfc7d0f526315dc29ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11836
content-type
text/html; charset=UTF-8
date
Sun, 27 Nov 2022 00:17:25 GMT
expires
Tue, 29 Nov 2022 00:17:25 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame 56B4
533 B
636 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0eccebb7415d5c917a70a6b4326f5a32b22c1eebf205c3859fcbd28844930f92

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
323
content-type
text/html
date
Sun, 27 Nov 2022 00:17:24 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 0F10
2 KB
814 B
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1669508239788
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
index.html
s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/ Frame 2D04
88 KB
21 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
f4c3d2ae0aa42ca94a4dc0e1640116bf41f42653d66db64fed3ff327703816a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
68818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21102
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 05:10:27 GMT
expires
Sun, 26 Nov 2023 05:10:27 GMT
last-modified
Thu, 17 Nov 2022 17:22:36 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F4D5
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQ7IjeqHhYZ2Bt11OjSrh3IQxC_ihIi-nyktN0HlfusJtVrAiVzEKd8GfbCQ5zqslqIyls8Hqn06wBeM02oy_01nKuj4QHBsi1Abm1-67hgJy7SuS1zR-VU9PEfDz70KN3414_20GElpn8WT1kWrMqTleRSkkMJRLaVYV5Rgqi9e0Dt-7shjJequl1Iqy6vQTwNQMrT9oVwRWsx9zD16E_WElwq5LcqNsc4g4X9T7WMC3KoFoVIUlhzjGh8EIxYYVEmaYy3KefDjNZsvSo0eIY56v6BdPsUusObp027ZVoJOp8HGnfhtsAgt2NsSWOZacq7RXOv_ol1NLLGi_AiwngAcEmv2uKyn2XugJ8Ljbu_JaLXoFqVeRb7habFGorZTOxvE3_4YG1nIM733Qk42kQzGmota2lm_fMUkFwaq14UfkrmxUhdXCRaA1OV8RDPZSkdg17BqjJ-BHEJZ8hyojxp_WwtRWPw4J81tb73EyyCxCV-Ulrp6HZB-1MT5keTG-qf00wL5axYPtczpZOyWPA7LSegGbGiXsp3hWvqmBcqBzeRG0IFw479h8HuUzZ0djIT_jL1wobcWPrL45ICJgjzA0QLj9m1vQpzbtWKbdFUMvhQT3FgybI7utJGwjgoRW2t9mVE7NGlN0CiSyDPRRPSTokvyDSsEFXoK8VVqFaiMpiFrAcrFv6i2_wlV586btIHBJZ3t87kbk8PoKDA-pKB7VELQG4MBtgRVPdeNO4DyumJofucNekFhTrnDXiFa36oLaonBgvy0tZIBIujDtY5gpHnG1p_r8fouAVOMf7FIkIKmqYEQQsEA4lYI5vAXmvpt_y6p4OcmCk1FrayF1VxfQc1VQxgml0-N0X8SN6pK0nqA1DALoAgBsb4VO2Xn_cPJ3AoLaKmUshXjiL3bRux74QKpJY-lQJNs7ToyEgk5t9cyHwsQlyf_Q48r6YSbznw1tABTr_EvfSpsaR1FVb6AGULFKv9uiQ5RBtcKnn1NGZjzhpLJqUF80U2yls7bXG4IQvsis35IadA8eDAyPwupVDViAkyf5CPtW6bHGE-LkdyfyxaMhmj-i_Ds93ZEUf-zCm2UhS87ur4pjCG5z9NgRUYweeSWIYk25aDQvwY_1lDaStz6pzm8T2SVLDHUdOAVxSBzNDQRKY3ClC6EdqgnbqIXcAfbMeKjkY6JWUgwuQUoSxy2yF5WoxfuImCblVmWYcsw0rUGIuJCxWQaJcUo3mDpIMSBMAmladji0uXjNjjKFSCvSKJKZYUIQAP6e5tTlyoKbfvEViP8ntia1YcjSg0kg&sai=AMfl-YSuJ1R7C0gmRTaUekNFL5XYcFaQs9VdZNJ_FTN6n7IQndOOMPKhlavi11fqjbTc3kZRrvtbBhf0k5vpWJnnxoGJgrgBHaotccma2PuQmQebmHnWgjNndakyv5Yzx-BQ31l5ttT42YyVo2gi8P0hiHK650IKF8B2EDX4gy6WYD7AA1POWbJQ62ec8SncZilcOqqnfqbacDW1kqgI6G-pilvP3qKXkhgPmRAnMUNRvxluHwTc8nmN8FmOd0dKhiuLAz3AR49imXs&sig=Cg0ArKJSzGpZvUm24DJaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1067&cbvp=1&cstd=1064&cisv=r20221110.30352&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 27 Nov 2022 00:17:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 27 Nov 2022 00:17:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 700A
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVyZmk6yCY4usCNfp9QPvpIToCAAAAAA4AeAEAg&bg=!LyylLGjNAAbvMpMzzzI7ACkAdvg8Wi2cTKfvQwwFRrpvsnw5z6Z9HyO9JsZjjwjx3Y2Hg6_OvRwCEgIAAABIUgAAAAJoAQeZAt2FctWXYwqa8vjK9vkups-13TjxRc0JOsVxR_9h-Dalecf2FJ6RxOTJBp-ZpQwuVxbBcuBgXlEC9Yn_9R5NfVL__s9wlEI0GvV3F_OXYTJOy5IEDlEDdivLnELfSFqS8Vvox12-DWIYn8LdLm3Pa06Hl5MJi5VfxnRfeh7UpqdnithBdE05w9Dy6Sbyy-n5jqCBpIMAMmfGSS6JH7zDIl0_oTMV1kZca198hlMi1N0AUnvyqBk6FgpLGm5LBNzX1JXuHcY5aGMTZFUGVm14xZp_dSXRpwAj1jP7X-_VQ_FVzjvAhtOB87IoiAMsSO1f8X62ggfXwZVGQ8428AfCmWjUbNwUr9u937smBa0tEmDZgyCPAZOwsyzNPQdDuVbervvEnOKQAWXwCpXxcMWldmgkME7N6UTI-NrHylWHidZdyGwEM1hlINysfWsf_IgCqUTJg45TckYsQFQ3_2E51dii6guVEMsuu0QznF8fSenDmREkkiHP5Qt34nmEccTb_Kn1l0NcrJKew46UTTfC3Ss3pYEBfEMoipjRhMVfiG8ee6YRSiobqAhSghBT9WQmJsRnNaWnzbXjEGtHny-DLl7KgXaKeio9wv4oMAE8_qyrKuhNCGuw7UGm6pkOKQ2zGZDQ_yVhSnfLr15qH5qk3axxxGXjNQmG5owN14pBf5u0L_bt47c9UHbZi_8RR74Zvg_XVRJd4C_chzh76e9lgR8YSEZkV4sFe1-KjUqkJNSIOVypR-NFqJ4Vf-o-wq8mcvrfHwtrRVZPK7W0_R9FgSNMvS9eBky9gX5aS13uth5ovdkbPnGsCP8bDfGFDJsMfEkWW042u1LsbKrZMlCLM7pOFnZ10J12bR1wwcOvbogElQ_NI_HuiOD1BTVWfBBO-WxNDqWqkD8z4ThONs8b1WWrrNbNWB2upFiNCs2SwVHdWY8iBRBfvT4O2ck5SCVVhoaE2bDKISIEN8EtH-zb
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 56B4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4537025322566496957&gdpr=0&gdpr_consent=&us_privacy=
43 B
122 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4537025322566496957&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4537025322566496957&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 27 Nov 2022 00:17:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 56B4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=7bd80c90-60af-79ef-d905-f8ba2697a2eb&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=7bd80c90-60af-79ef-d905-f8ba2697a2eb&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=34f39761-0016-448c-b60e-9f4dc4c42967&ttd_puid=7bd80c90-60af-79ef-d905-f8ba2697a2eb&gdpr=0&gdpr_consent=
43 B
249 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=34f39761-0016-448c-b60e-9f4dc4c42967&ttd_puid=7bd80c90-60af-79ef-d905-f8ba2697a2eb&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=34f39761-0016-448c-b60e-9f4dc4c42967&ttd_puid=7bd80c90-60af-79ef-d905-f8ba2697a2eb&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 56B4
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y4KslcCo8X8AAGbqLtAAAAAA
43 B
106 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y4KslcCo8X8AAGbqLtAAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sun, 27 Nov 2022 00:17:25 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.208","key":"Y4KslcCo8X8AAGbqLtAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad214"}
X-SO-Key
Y4KslcCo8X8AAGbqLtAAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad214
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y4KslcCo8X8AAGbqLtAAAAAA
Cache-Control
private
X-SO-HostName
m-ad214.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-IP
116.90.74.208
sd
jp-u.openx.net/w/1.0/ Frame 56B4
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbOaAJMOpLIDks8ADxwUvgT3p88AAAGEtnIpzQ
43 B
61 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbOaAJMOpLIDks8ADxwUvgT3p88AAAGEtnIpzQ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbOaAJMOpLIDks8ADxwUvgT3p88AAAGEtnIpzQ
cache-control
no-cache
content-length
0
x-amz-cf-id
Q6kTMtKFXTCNEjMyQ2OgD-d632-WvTgFVRdiVdJE2RmXWBWj3GR_8g==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 56B4
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTdiN2RmNWEtYTlkOC0yNzRiLWNjZTUtYTIwM2VjNzU2Yzhi
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 56B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEHq-THlu7XoZHrrYV7r2Ag&google_cver=1
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEHq-THlu7XoZHrrYV7r2Ag&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEHq-THlu7XoZHrrYV7r2Ag&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F2FD
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e98fd90c0adee3b439fb1de33aa982d1c9bb78abf231165337b2882cb08395

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7706ae463dec1c51-AKL
content-encoding
br
content-type
text/html
date
Sun, 27 Nov 2022 00:17:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5DkqP8BqWVq1lJvCC0bLdtF%2FNDFtTB2m8eDe44yEMeZCAb1vdejNf00hDy3kZWojeVqLQU%2BhXVl%2BymDdapBHOlAiimwFO3KfSkofJdoWqJz1%2FTLaWTVXpqBNhQB5L3Rl%2Bt0x9K4ZO%2F1eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D2B
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BaOaVk6yCY5uVB8WuwgOzoYD4CAAAAAA4AeAEAg&bg=!GxilGFzNAAbvMpMzzzI7ACkAdvg8WihaCAXk-51KhzM574MM8_-Zx6sZJRinX1Httfl65T-LP0aW2gIAAABHUgAAAApoAQcKACBPUUAXEc22yvbfDh-iKYZWsXko8qkZPDgkkRkKnIPMeZkC9FKEn5JQjwIABBkeX-CtJvuzCOhSl9lwl2jhAazu_9pRNeN1EIdBFN3gyIwJg-teoSlTIEPocxMzvjlLvpZM9Ve9SDTdf11b8pE3NMPrAIld3MwKyIHOvhf7tC0j4Ab6r2R07vVUeq79A2gHthcuBBZZRhXqxQgwlC6ARORtEsU39z3JvSf3UgJgdszwEBAH6ycd0nU35Ja-RovHYIBVdkEnTQIwrv1Ks3j5Kg6d302Tl7YkrZ8OpIfj8xwzXtiDvCHIh_YdCwJV3VCLXTWNqOwDe3-1xjcYsek4jYup2YMc2CRYnimzCqB7GSWj2QLaUahkItfdMGudgCl3neb9ewg61LbY9CK0GKa4zR3ws-0ynRat6P5AwaVQ7JSRv-qHokGtwKvhlLc23NNvnNkJtzKhqICFawdJ9Udt97opjYKA2nWGRGh7b8zw5-UytEKjqnWmoB8D0sQWfA8QSrdktm8hqKEGLjtpfa13sRLOlUF1rEkiCOY5KgIpYsQXwHL6HXPxa5M27W1ULaTJ1mq9yYYHeL_lGH5xAElHRDRz-wy_f7_jGv1pQBpoTC3Bj_njWIIRK0PQl3_mjCPR2mLuVz3s1hk2fOfTHMVeSQSp6BVqC0ZHakRSH-eOUTEO9Vm6a0pfrbv8AqDrg_XWwNWddUvv_IeQ2ySdwVuT-X5LnWNBIDv8HGD2K8jn1YpAGDJ26FsoL4yhZEN5Fcl0LgMe4-uo4MG7GUnBrIQgIIiSz_a_RuXwHvuPE_rw3w3pBkvIN6JwQqms8j669ADIl-z8f5uSYPT6A8Sl9ujAlnmN5-cBv4KfW6GuRb6SDndNC4cboTk3leqeUYCsS_n861XO5t4j_7sRRYEoctZq5x5RkcrlErFybqA3ssMY-MLNGdim2bVEpMo8LduzvzfFb11uub-EupIWUMoHW2zKGuhRtbN7jFm3dLaLstxOpGgpYorq-w4jOBFEqJ9MvpEg3JJIAsa4TK1cL15aTHBP-ckxdxLjdP0Sjw
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F4D5
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPPLqNSheGIDf6EO2V44oTrDtZQfXvCjVf59IcCf3NOpzOvAH9Lel-q95Szbqd3G6v0NghO4NKStCWXkr5TAUkMPWVX4grvCOO_I7ehBD2G_W6RQSBhGIbe3yn079zsRD6HQo&sai=AMfl-YSANNNfC3cTnf1giQl1HWYcfQX8ZQhcbaudLxcCSwoTuZiNQaHWlu-jPFiplpUebAS7JQrOGtmm8nX0rrStalaagjgKyHE2b341OKhSqeGFs2ND7TAZp6_kNX2R8A&sig=Cg0ArKJSzA0OHzdLtxqdEAE&cid=CAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw&id=lidar2&mcvt=1018&p=1110,436,1200,1164&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669508242391&rpt=1747&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 2D04
29 KB
10 KB
Script
General
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 17:33:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24211
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 27 Nov 2022 17:33:54 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A67A
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1713591695959193&bg=!OzilOHzNAAbvMpMzzzI7ACkAdvg8WkCGiQIV_BGuJfkBcW8oNLpMb1IfNLZ3cgQ5hTlPYXnxIKl4iQIAAABJUgAAAAJoAQcKABgpX3AyDHCD_ABvTFM2SYHyFxS7nH1gy3iZArAa8QeFmfjuK-Zd316v_Ob5iiJ48Uuy0uHJvOgX4e1K1wYQbqykvuF_67kr3cMYY0gvhQ8X6Wz9xIhO9COYn0BBKz6SdB5cKDB-YqcIyMzOh6MHHfZbYG1riLlpTv8jdJhxDHPvZafCcLdyfCEmBF6P4Y5IQkYZK6Cdwq15Tjm544tVhy6dauZ-wHeHTU_P7Lc-86LHC_g1z-G9pY_rS_ycCQ0CrfmR_rW7VQIW8PE_O7FMl5ZSh71lRhYkRaauptONd_ZcSO_RpZ3Ez9mpOrfWn5S2lFTfX1BIjEeS25KvCGqcSbZ60zPZyqzxq0SCAPWfH-k1gSFWXAPS7VSv0QehubDxNvZYUYURMyYHADiTB-DCLLeLbJUamOG4cumomqx3s-jyXJQysjlFN3EKypVzordUjgPJzJ-Va5sGtIs1KxATuCshRLRoCkWn1SekjsVvpYNo6zbhTMCwS0cIlgaiUxAQi2TbUkBEYHddyoXgSm0qgHsHM5PHH5OLYsh0TE9Mw2_jWauV1qlF3Gg6vXaZoi5XjoNrBTcxEtLEmSuZDJwDtkVjifOQG7Saqaf1U7agKvbvpBN3_olwzta2IDu-Wt2NB52d4mgJjZYOGcYWQTRaiyWLtr3JXyIWzjPgd9caPbf0SW8Zy7-_hnE-NUjqRQtiOrmh5ks1M4jUQb2QatWw2r2ybvBko0SWsM0l_MkR-8mYDwpLlRjcx05dw6iT-DgyTJT7TYfizBdYnobwyvBegavXZvyWxPIXZrFtSaN587zMMwwl92_aiPIGxgkE5uoLoMf5-Gmqrk8vJ43kLOv83Z6xEWgP5Rq7Bx1hcGCAMOYVeJCIJ-DYkrF4qB8roMhP00_vi7UobLUv3E8uSd2l_cRCBhWZQuv9qG0C2f1iMd2_Lp6PhRnq06peUyUj
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

view
googleads4.g.doubleclick.net/pcs/ Frame F4D5
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQ7IjeqHhYZ2Bt11OjSrh3IQxC_ihIi-nyktN0HlfusJtVrAiVzEKd8GfbCQ5zqslqIyls8Hqn06wBeM02oy_01nKuj4QHBsi1Abm1-67hgJy7SuS1zR-VU9PEfDz70KN3414_20GElpn8WT1kWrMqTleRSkkMJRLaVYV5Rgqi9e0Dt-7shjJequl1Iqy6vQTwNQMrT9oVwRWsx9zD16E_WElwq5LcqNsc4g4X9T7WMC3KoFoVIUlhzjGh8EIxYYVEmaYy3KefDjNZsvSo0eIY56v6BdPsUusObp027ZVoJOp8HGnfhtsAgt2NsSWOZacq7RXOv_ol1NLLGi_AiwngAcEmv2uKyn2XugJ8Ljbu_JaLXoFqVeRb7habFGorZTOxvE3_4YG1nIM733Qk42kQzGmota2lm_fMUkFwaq14UfkrmxUhdXCRaA1OV8RDPZSkdg17BqjJ-BHEJZ8hyojxp_WwtRWPw4J81tb73EyyCxCV-Ulrp6HZB-1MT5keTG-qf00wL5axYPtczpZOyWPA7LSegGbGiXsp3hWvqmBcqBzeRG0IFw479h8HuUzZ0djIT_jL1wobcWPrL45ICJgjzA0QLj9m1vQpzbtWKbdFUMvhQT3FgybI7utJGwjgoRW2t9mVE7NGlN0CiSyDPRRPSTokvyDSsEFXoK8VVqFaiMpiFrAcrFv6i2_wlV586btIHBJZ3t87kbk8PoKDA-pKB7VELQG4MBtgRVPdeNO4DyumJofucNekFhTrnDXiFa36oLaonBgvy0tZIBIujDtY5gpHnG1p_r8fouAVOMf7FIkIKmqYEQQsEA4lYI5vAXmvpt_y6p4OcmCk1FrayF1VxfQc1VQxgml0-N0X8SN6pK0nqA1DALoAgBsb4VO2Xn_cPJ3AoLaKmUshXjiL3bRux74QKpJY-lQJNs7ToyEgk5t9cyHwsQlyf_Q48r6YSbznw1tABTr_EvfSpsaR1FVb6AGULFKv9uiQ5RBtcKnn1NGZjzhpLJqUF80U2yls7bXG4IQvsis35IadA8eDAyPwupVDViAkyf5CPtW6bHGE-LkdyfyxaMhmj-i_Ds93ZEUf-zCm2UhS87ur4pjCG5z9NgRUYweeSWIYk25aDQvwY_1lDaStz6pzm8T2SVLDHUdOAVxSBzNDQRKY3ClC6EdqgnbqIXcAfbMeKjkY6JWUgwuQUoSxy2yF5WoxfuImCblVmWYcsw0rUGIuJCxWQaJcUo3mDpIMSBMAmladji0uXjNjjKFSCvSKJKZYUIQAP6e5tTlyoKbfvEViP8ntia1YcjSg0kg&sai=AMfl-YSuJ1R7C0gmRTaUekNFL5XYcFaQs9VdZNJ_FTN6n7IQndOOMPKhlavi11fqjbTc3kZRrvtbBhf0k5vpWJnnxoGJgrgBHaotccma2PuQmQebmHnWgjNndakyv5Yzx-BQ31l5ttT42YyVo2gi8P0hiHK650IKF8B2EDX4gy6WYD7AA1POWbJQ62ec8SncZilcOqqnfqbacDW1kqgI6G-pilvP3qKXkhgPmRAnMUNRvxluHwTc8nmN8FmOd0dKhiuLAz3AR49imXs&sig=Cg0ArKJSzGpZvUm24DJaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1646&vt=11&dtpt=579&dett=3&cstd=1064&cisv=r20221110.30352&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 27 Nov 2022 00:17:25 GMT
logos.png
s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/ Frame 2D04
6 KB
6 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/logos.png
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
b771203e1a04667924c621eee87befe31b5d2f22ee4d34a0f4c95613af11d157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 18:24:56 GMT
x-content-type-options
nosniff
age
107549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5781
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 17:22:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Nov 2023 18:24:56 GMT
precio.png
s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/ Frame 2D04
5 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/precio.png
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
a327ff5bc384f38e4ef5b88dd25812a252b6ff52b4f3a6e1b2133df16919708a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 06:07:03 GMT
x-content-type-options
nosniff
age
65422
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5065
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 17:22:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 26 Nov 2023 06:07:03 GMT
fondo1.png
s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/ Frame 2D04
12 KB
12 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/fondo1.png
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
f5547bf768c4023a796160344735f8e550d73990127162854df18f827e4ecd74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 18:24:56 GMT
x-content-type-options
nosniff
age
107549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11850
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 17:22:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Nov 2023 18:24:56 GMT
foto.png
s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/ Frame 2D04
39 KB
39 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/foto.png
Requested by
Host: 094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
URL: https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
deef0ca154571e17a9007a38261b3aefeaf393f6c28e8bd5734687020b2bf6b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9697978085941395562/CV~Checo_200_FM~BAN_728x90_FF~17112022/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 18:24:56 GMT
x-content-type-options
nosniff
age
107549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39752
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 17:22:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Nov 2023 18:24:56 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 97D6
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueasU-P8lg9J29Rld5b_T3_JnDCmSfHu1Tg-UoSKfgXvGOz25Ovu3y1MIF6DOAfZzZSXRG2vYYCebNYEjmQQDvp1mY-bXpaYtyM9lkB5kZI6s9UB1DINv_ryMc_r47aBc8-hw&sai=AMfl-YTXpw0JOlnETWicmBYqFWkuPsB7sAznHJwt_8GqSjKbZSuTfHiyKDc-WI95gDDmbrdF1vQg-8cU9VQVZQVBpfdDRDGxCEXPBWuhJZyVF3EZu8KiFL-xE4Nv-54CIA&sig=Cg0ArKJSzEhFo23zWRhnEAE&cid=CAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669508242396&rpt=2102&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gum.criteo.com/ Frame AB53
61 B
301 B
Script
General
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
279927
expires
60
usync.html
eus.rubiconproject.com/ Frame E027
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 27 Nov 2022 00:17:26 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 27 Nov 2022 00:17:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 4575
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Drkt%26refUrl%3D%26vid%3D950824560931250984574448380...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3125098457444838000V10&type=rkt&refUrl=&vid=95082456093125098457444838000V10&ovsid=1992631737882419638
0
0

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6EE4
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dpba%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=77917
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 27 Nov 2022 00:17:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 27 Nov 2022 21:56:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame AB53
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dapx%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3125098457444838000V10&type=apx&refUrl=&vid=95082456093125098457444838000V10&ovsid=6028598553993587893
45 B
453 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3125098457444838000V10&type=apx&refUrl=&vid=95082456093125098457444838000V10&ovsid=6028598553993587893
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 27 Nov 2022 00:17:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 27 Nov 2022 00:17:26 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:25 GMT
AN-X-Request-Uuid
60656747-c837-4df1-95cc-4f9d2ca59554
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3125098457444838000V10&type=apx&refUrl=&vid=95082456093125098457444838000V10&ovsid=6028598553993587893
Connection
keep-alive
X-Proxy-Origin
116.90.74.208; 116.90.74.208; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame AB53
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3125098457444838...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3125098457444838000V10&type=opx&refUrl=&vid=95082456093125098457444838000V10&ovsid=b3f4650f-cbaf-430f-ba4a-86d494783037
219 B
219 B
Image
General
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3125098457444838000V10&type=opx&refUrl=&vid=95082456093125098457444838000V10&ovsid=b3f4650f-cbaf-430f-ba4a-86d494783037
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 27 Nov 2022 00:17:26 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Sun, 27 Nov 2022 00:17:26 GMT

Redirect headers

date
Sun, 27 Nov 2022 00:17:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3125098457444838000V10&type=opx&refUrl=&vid=95082456093125098457444838000V10&ovsid=b3f4650f-cbaf-430f-ba4a-86d494783037
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame AB53
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dmma%26refUrl%3D%26vid%3D950824560931250984574448...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3125098457444838000V10&type=mma&refUrl=&vid=95082456093125098457444838000V10&ovsid=88876382-ac92-4300-a95b-e8bf0e6e3a9b
45 B
465 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3125098457444838000V10&type=mma&refUrl=&vid=95082456093125098457444838000V10&ovsid=88876382-ac92-4300-a95b-e8bf0e6e3a9b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 27 Nov 2022 00:17:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 27 Nov 2022 00:17:26 GMT

Redirect headers

Date
Sun, 27 Nov 2022 00:17:25 GMT
Server
MT3 169 32252b7 master hkg-pixel-x7 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3125098457444838000V10&type=mma&refUrl=&vid=95082456093125098457444838000V10&ovsid=88876382-ac92-4300-a95b-e8bf0e6e3a9b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 27 Nov 2022 00:17:24 GMT
RX-0a5e5534-f1b1-4030-ad23-d9af86c18b32-004
sync.targeting.unrulymedia.com/csync/ Frame AB53
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dr1%26refUrl%3D%26vid%3D95082456093125098457...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dr1%26refUrl%3D%26vid%3D95082456093125...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2991982393
  • https://sync.1rx.io/usersync/tradedesk/34f39761-0016-448c-b60e-9f4dc4c42967
  • https://sync.targeting.unrulymedia.com/csync/RX-0a5e5534-f1b1-4030-ad23-d9af86c18b32-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dr1%2...
0
0

cksync
cs.media.net/ Frame AB53
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzEyNTA5ODQ1NzQ0NDgzODAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBVW14DEv0x37uikZKCDo1k&google_cver=1
45 B
610 B
Image
General
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBVW14DEv0x37uikZKCDo1k&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
96.17.188.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:26 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Sun, 27 Nov 2022 00:17:26 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBVW14DEv0x37uikZKCDo1k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame AB53
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Ddxu%26refUrl%3D%26vid%3D95082456093125098457444...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Ddxu%26refUrl%3D%26vid%3D95082456093125098...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3125098457444838000V10&type=dxu&refUrl=&vid=95082456093125098457444838000V10&ovsid=Exll8OJB1OZ5mm5
45 B
452 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3125098457444838000V10&type=dxu&refUrl=&vid=95082456093125098457444838000V10&ovsid=Exll8OJB1OZ5mm5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 27 Nov 2022 00:17:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 27 Nov 2022 00:17:26 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:26 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0b7d7e75c35afaec7@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3125098457444838000V10&type=dxu&refUrl=&vid=95082456093125098457444838000V10&ovsid=Exll8OJB1OZ5mm5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame AB53
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=686e4297-e1e2-4509-a07f-f4d02f5b052c
45 B
614 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=686e4297-e1e2-4509-a07f-f4d02f5b052c
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.50.118.44 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-118-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 27 Nov 2022 00:17:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 27 Nov 2022 00:17:26 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=686e4297-e1e2-4509-a07f-f4d02f5b052c
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1010124
content-length
0
expires
Sun, 27 Nov 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame AB53
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D766a7882-5997-484d-afd0-9f71085990...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=88876382-ac92-4300-a95b-e8bf0e6e3a9b&expires=30&ssp=medianet&bsw_param=766a7882-5997-484d-afd0-9f7108599032&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=766a7882-5997-484d-afd0-9f7108599032&gdpr=0&gdpr_consent=&gdpr_pd=
0
0

23178
stags.bluekai.com/site/ Frame AB53
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dzem%26refUrl%3D%26vid%3D95082456093125098457444838...
  • https://stags.bluekai.com/site/23178?id=KW_4f8o0NfAuw9VHYLAV&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
0
0

sync
rtb.mfadsrvr.com/ Frame AB53
0
0

um
cs.emxdgt.com/ Frame AB53
0
66 B
Image
General
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Demx%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.4.49 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:27 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame AB53
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=34f39761-0016-448c-b60e-9f4dc4c42967
45 B
621 B
Image
General
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=34f39761-0016-448c-b60e-9f4dc4c42967
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
96.17.188.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:26 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Sun, 27 Nov 2022 00:17:26 GMT

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=34f39761-0016-448c-b60e-9f4dc4c42967
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
xuid
eb2.3lift.com/ Frame C092
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=34f39761-0016-448c-b60e-9f4dc4c42967&dongle=0cfd
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=34f39761-0016-448c-b60e-9f4dc4c42967&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 27 Nov 2022 00:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=34f39761-0016-448c-b60e-9f4dc4c42967&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame C092
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjgyNjY3MTUzNDM3MDg2NTk3NDU3OA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame C092
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEE4C4b5xasibsEgom55J6Wk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEE4C4b5xasibsEgom55J6Wk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 27 Nov 2022 00:17:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEE4C4b5xasibsEgom55J6Wk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C092
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjgyNjY3MTUzNDM3MDg2NTk3NDU3OA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjgyNjY3MTUzNDM3MDg2NTk3NDU3OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjgyNjY3MTUzNDM3MDg2NTk3NDU3OA%3D%3D
date
Sun, 27 Nov 2022 00:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame C092
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2826671534370865974578&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2826671534370865974578&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2887543e-caf6-4b8e-85d8-e39181454466&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2887543e-caf6-4b8e-85d8-e39181454466&_noobservation=1&_expected_cookie=3173b25...
43 B
141 B
Image
General
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2887543e-caf6-4b8e-85d8-e39181454466&_noobservation=1&_expected_cookie=3173b257346f719e852e9b06547be3b6
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.99.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sun, 27 Nov 2022 00:17:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7706ae51cad5a973-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=2887543e-caf6-4b8e-85d8-e39181454466&_noobservation=1&_expected_cookie=3173b257346f719e852e9b06547be3b6
date
Sun, 27 Nov 2022 00:17:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7706ae504914a973-SYD
content-length
0
xuid
eb2.3lift.com/ Frame C092
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2826671534370865974578&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtrip...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=8e054f76e85c43faa01ab42d082b97bc&ssp=triplelift&bsw_param=766a7882-5997-484d-afd0-9f7108599032&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://eb2.3lift.com/xuid?mid=2409&xuid=766a7882-5997-484d-afd0-9f7108599032&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=766a7882-5997-484d-afd0-9f7108599032&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 27 Nov 2022 00:17:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=766a7882-5997-484d-afd0-9f7108599032&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Sun, 27 Nov 2022 00:17:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame C092
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2826671534370865974578?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-2hszZpJE2oQnfQkJhVuBjM_9AqH1kY5r0tfXbTUdFQ--~A&dongle=0883
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-2hszZpJE2oQnfQkJhVuBjM_9AqH1kY5r0tfXbTUdFQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 27 Nov 2022 00:17:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 27 Nov 2022 00:17:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-2hszZpJE2oQnfQkJhVuBjM_9AqH1kY5r0tfXbTUdFQ--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame C092
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2826671534370865974578
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2826671534370865974578&dcc=t
0
0
Image
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2826671534370865974578&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B711GZW2F86Z4H679KC1
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2826671534370865974578&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame C092
42 B
667 B
Image
General
Full URL
https://c.bing.com/c.gif?xid=2826671534370865974578&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:26 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A7AF0C4B7DE24703B68C5EE254CC9643 Ref B: SYD03EDGE1708 Ref C: 2022-11-27T00:17:26Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame C092
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6028598553993587893&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6028598553993587893&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 27 Nov 2022 00:17:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:26 GMT
AN-X-Request-Uuid
29024de2-53d1-4c0c-8fa2-d6d76d551958
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=6028598553993587893&dongle=4d58&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
116.90.74.208; 116.90.74.208; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 5101
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
eaf4072a538faf5ef9905376635ccacd8cff466648f4d1a77b76b487706131af

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Nov 2022 08:11:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28462
Connection
keep-alive
Content-Length
10065
Expires
Sun, 27 Nov 2022 08:11:47 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame F2FD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH99jElH_W7YKFZnLZEzZnA&google_cver=1
43 B
840 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH99jElH_W7YKFZnLZEzZnA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woikLoaGQO4kJ8UEW2iD0NrfUqWVXZBU5drw7UoVHaXlaOfdIWR5j1Qf2Cb%2F5Zi6xBwW6hnioWsDSCqsvsww3kWXGy26sS56uJeCETQC8DyOcsJR8riFbcQkTqkCjDtnhiCpk2tTWTr%2BxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7706ae4a8fad1c54-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH99jElH_W7YKFZnLZEzZnA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F2FD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G6Q480G0CT8QPEH56XT0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7WZJY1XYQZMZ0X4K85SN
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F2FD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=34f39761-0016-448c-b60e-9f4dc4c42967&expiration=1672100245&gdpr=0&gdpr_consent=
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=34f39761-0016-448c-b60e-9f4dc4c42967&expiration=1672100245&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=34f39761-0016-448c-b60e-9f4dc4c42967&expiration=1672100245&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F2FD
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.252.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-252-98.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
/
csync.loopme.me/ Frame F2FD
0
40 B
Image
General
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.223.115 -, , ASN (),
Reverse DNS
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:26 GMT
server
_
crum
dsum-sec.casalemedia.com/ Frame F2FD
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DE657C3EC0754347B9A8AB4FAA85442D
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DE657C3EC0754347B9A8AB4FAA85442D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

date
Sun, 27 Nov 2022 00:17:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DE657C3EC0754347B9A8AB4FAA85442D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 26 Nov 2022 00:17:26 GMT
rum
dsum-sec.casalemedia.com/ Frame F2FD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=dKsCa37UT3F9I8wiSYczX3RaStA
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=dKsCa37UT3F9I8wiSYczX3RaStA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=dKsCa37UT3F9I8wiSYczX3RaStA
Date
Sun, 27 Nov 2022 00:17:25 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
tp_out
d.adroll.com/cm/index/ Frame F2FD
42 B
181 B
Image
General
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.12.96 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-12-96.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:26 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
htw-pixel.gif
cdn.indexww.com/ht/ Frame F2FD
43 B
353 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y4KslD7BCQcDcBfYYZ6kdgAA%264731
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:26 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43223
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7706ae4cbb5b1c58-AKL
content-length
43
expires
Mon, 28 Nov 2022 00:17:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4B4C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=663942046339342&bg=!k5ClkNTNAAbvMpMzzzI7ACkAdvg8Wqb4-es8n_Cjjmvuo_LlJGoCGq-MSGO19kV4WE6KqaEAHW_jlAIAAABnUgAAAANoAQeZAuEzVgbW0EuN5218P6iOtZsRAYOG1jtQhqtjGQaKZ_0rsaZUQSkAN3twYkh9_LrQFwjqpzxUwdQUIKOQLq105XwmO2hFJUsfb3O5qqtfOvx1KXNmIHkcZzXAb7U50a1_a5Yt8FvXBZk95tos62SG0NUqftx5uXqbe_6GEf8jGBXNjB-KxqRLf9DH8YeYIYUr0_9PLGYTOovT5wXFO9Hz9XAPQaHHw3FPIHxVk7FvAxTZje5nGtBQCq6mk5wm0U7cs8BtS6oZHAR4Txzs-sKB0HlRgc08MCGruARWyrv54_nO5-lPD40yGi2jVNhB21zDtSS_5W9j7XSgSwmeQdx_Wp1pMOtIxpPkZOA62Uw6fFp5l8wzROo4JyptEiWagmpQduQqF2kTFCljPFAspLaaz-16LxqiL258bhhtkk5sprvcSp5BMgtHXLntw5BeEnuX34ZgYmHJ7jZJ5vubIVQygc2Lq2gGFxtDAcu7XV9MWlR7zxRN3i7SLIv-TUTUsM3NVD2H6CQEzToQrCJelnqER4Y13YfzerQ77a0YK2tqshpK-ePiz8oobRfFh2wQagQ7yBdyv2UEW7OajiNroXMCQE2n0fvIX0Kcf1MsqH5XznyTopOy-Ba96-ckclKWCRz3M1bdJXZCUFMHDKzRBNKFP5GkPAiebtfz8HJkjm1-O8oR6fsmHQqUidbBV8B_Pn8uiGtqMGSviXGCgC7x6m1bSvvK_2Ncgk2XMvTivgG3WUD4lRZ4Z8M2Zy2bFujjGKiSVh60i5OtdTJfwAQyivhI-wS4wVQOL0olo-8CZFkPYZ3BVshp-iXjNXyC_5QSOIMyf7Sm3KZthzbUYJFxvL_-mEzPJfFmV3OUm_uc9aLY1NT2y_jLSKl-XrCLbNPX32DaIzWUHABozFuWR_LMA29-KyuEq0pQHnJVGT1OEqtZm_srnH82vXFplQgSTGfIOikZk6LgN1WKJt0WnwaabY4ONHWROQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

async_usersync
ib.adnxs.com/ Frame D7BA
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:26 GMT
AN-X-Request-Uuid
f8a56619-8a9b-4843-ace7-91c48b22f4cc
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.208; 116.90.74.208; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 58A3
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=506911142357986&bg=!GRqlGl7NAAbvMpMzzzI7ACkAdvg8WmDYGvcs2K7BNRGN7iVGQoT48giXxjA-k2RSRpbERAsi4bahLAIAAABcUgAAAAJoAQcKAKX9_L0bbP7e6SPy91fMhQl8ZQQaBQr7gmGEHxq4fZaGHedp6m611vCU4MEMSiG0sEwj7Hx47EXXccR40OAtXoV3OsLghnmiFvfyl4pZUQUwPumwTHPq1lB91i03Hl4VBIX5WeHLz5hZztLw-_TlbKJxp4iUWE6FgsaJJp-iVgSiTA8UTXgWJ9wO7tr2A6xVuAQ-k2NMcLZcCzrqf1iqyius_B5WyzWZAseZdEcG-iO24YpXebM-pIiVWVOccsSIKfyfW0uxLyijKGcyRrp0s596N_IwOqGd2__SVa-RGMN8eirZR8oKUcRQJ3wyCxLnnXyexgs9Fgtt7iChxFreAaBRu4amovJO8rdEejaWeV7N9yQZnejkuT1kS0v2paaRX_5UhOqEDm3EG8gjfLw-s6ALwD9TAy4i1UTxGDcC_UOzZWF1V1zcCj7YUXqkvNZ7HaYT5bgRK2wNqIrpSHrQhhKiAzqdjVKG1iNk_E_i4l0LEE4IlVyBUeBPluQAasHcVcsEzIFEzb0cJZXur51nRFqLvT3nLq7qGP58jjlxYNfW7Oy-DUmqmFL2FGmVqgMGyhJS_1GhCzUxg3r-2lzBeiNVpi9YVeNJtkSdSf5XuBQWh9EpOXB7zo3p1kWonNObfmfXVmyvjLimgAf_ch3uiQ7STAjMuuhMrD67SL_19s2r6njUqKjAspdV2fCsJ0x20ismX14_IrhAHm7VlgY7R0_9i_HbEytGz4OMhYNm22GwV-q8mLED8hr6SiX6-I3mvzA1waCie1kMoWhIw3nlLZNCp69GMHSPuvPNBUEzEQLgdPdtvNOvpj0wNXp90pcuoL6ljzOBiu22s8CQ2cbh1vonzty7Cf6Nai3WIj0VPW3inWKuwP_7LJ7Bu2PtKobynRACO8qDTOI7WiS5Tqsf0iePK2e0ZuRRDyi9y5Igl0puc2Dq9A57jiIZV9k6dmF4uScxUhgcMOJTxEgq_XDcE9VX5InLyxbwQQ7_OIHc26vAcqj8ZE3RZgUMhByHFBjYLfar-rk9VHKfTwepkOiKDW7iTUw3TLc5G4kbM4kO7v4xw-FcAlV8br0uMoy2gYU5nUpxPJpEiX-Smuetg6xRLOiN54FesUfJup_OFY1F_qilQlB9BkvKRMp3-7GiuNLiVg55vqhDqBUc4JBbu2jN4LU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

13926
g2.gumgum.com/usync/ Frame 592C
5 KB
2 KB
Document
General
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.55.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a3da64e3ee15cfdc3371ed75bbceeae768b5463cb92222ab20ad4b1dd5c26f9a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 27 Nov 2022 00:17:26 GMT
etag
W/"05716b18a632989d6b32ce08fab00fbfe"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 5179
2 KB
814 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 7AA5
933 B
1 KB
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
45424b377bb7c4c9662c96cc7f056216f5013f59ca104e72d86a0b5407f6fefe

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
933
content-type
text/html
date
Sun, 27 Nov 2022 00:17:26 GMT
usermatch
ssum-sec.casalemedia.com/ Frame AFCC
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d041975ccfe382302df8d96afb7d06792fe848b78279a8eda741c6573240c877

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7706ae4a8fab1c54-AKL
content-encoding
br
content-type
text/html
date
Sun, 27 Nov 2022 00:17:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGvLgz7Im5G3heWHxjGcx1KxxbyzPjh%2FIjTCXxsVHfCjIEVSugLoHwGyC3wfo8Syp1M6r9gOXAKkS4IaGF1cWK3%2BMgfvfY3GTZMpY89rcOelNz7Ghbl9us2KILFwkr%2FOZW2o7pUcj5y%2BXw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A4BB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 27 Nov 2022 00:17:26 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 27 Nov 2022 00:17:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B0D0
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=77917
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 27 Nov 2022 00:17:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 27 Nov 2022 21:56:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame AEB9
5 KB
5 KB
Document
General
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.48 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa85d5ec0835a125e65353bd33afd844c68400fceb0075d1aa413c01e3fd98d

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Sun, 27 Nov 2022 00:17:26 GMT
via
1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront)
x-amz-cf-id
UK4yF172GSVXfJkW3lIUsNmrD1Np4mhxQAL4gILpF3-9FKxJnEzluQ==
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
sync
ads.servenobid.com/ Frame 0A46
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=6028598553993587893
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=312&uid=6028598553993587893
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:26 GMT
AN-X-Request-Uuid
44a761b2-ea5e-4293-809e-188810c94372
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=6028598553993587893
Connection
keep-alive
X-Proxy-Origin
116.90.74.208; 116.90.74.208; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 0A46
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=Ft-xCRZHUN4W9OsERWOmjoI9
0
0

sync
ads.servenobid.com/ Frame 0A46
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=Ft-xELZHekBFlomqQtSF_SWP
0
0

RX-0a5e5534-f1b1-4030-ad23-d9af86c18b32-004
sync.targeting.unrulymedia.com/csync/ Frame 0A46
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1669508246442
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4514317990
  • https://sync.1rx.io/usersync/tradedesk/34f39761-0016-448c-b60e-9f4dc4c42967
  • https://sync.targeting.unrulymedia.com/csync/RX-0a5e5534-f1b1-4030-ad23-d9af86c18b32-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dr1%2...
0
0

sync
ads.servenobid.com/ Frame 0A46
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1992631737882419639
0
0

usa
sync.go.sonobi.com/ Frame 0A46
0
0

redirectuser
ssp.disqus.com/ Frame 0A46
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3463%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Da5167e1d-5a07-4d0b-a2a6-1400ad32ab5b%26bidder%3Dappnexus%26cbx%3...
  • https://prebid.a-mo.net/cchain/0/3463?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=a5167e1d-5a07-4d0b-a2a6-1400ad32ab5b&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&...
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3463%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Da...
0
0

sync
ads.servenobid.com/ Frame 0A46
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-gWfhomBE2uGvoM92BP2PjNH8SsQYSDeuOiXRCMw-~A
0
367 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-gWfhomBE2uGvoM92BP2PjNH8SsQYSDeuOiXRCMw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-gWfhomBE2uGvoM92BP2PjNH8SsQYSDeuOiXRCMw-~A
date
Sun, 27 Nov 2022 00:17:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
redirectuser
ssp.disqus.com/ Frame 0A46
0
0

occ
ups.analytics.yahoo.com/ups/58632/ Frame 0A46
0
0

token
token.rubiconproject.com/ Frame 5101
0
0

dcm
s.amazon-adsystem.com/ Frame 5101
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
0
0

tap.php
pixel.rubiconproject.com/ Frame 5101
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEpW-327IADFvdQfsNZUXLU&google_cver=1
0
0

token
token.rubiconproject.com/ Frame 5101
0
0

token
token.rubiconproject.com/ Frame 5101
0
0

dcm
aax-eu.amazon-adsystem.com/s/ Frame 5101
0
0

token
token.rubiconproject.com/ Frame 5101
0
0

tap.php
pixel.rubiconproject.com/ Frame 5101
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=34f39761-0016-448c-b60e-9f4dc4c42967&gdpr=0&gdpr_consent=&expires=30
0
0

crum
dsum-sec.casalemedia.com/ Frame AFCC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6028598553993587893
0
0

Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AFCC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB
43 B
600 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
52.74.252.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-252-98.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB
date
Sun, 27 Nov 2022 00:17:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame AFCC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=88876382-ac92-4300-a95b-e8bf0e6e3a9b
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=88876382-ac92-4300-a95b-e8bf0e6e3a9b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 27 Nov 2022 00:17:26 GMT
Server
MT3 169 32252b7 master hkg-pixel-x4 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=88876382-ac92-4300-a95b-e8bf0e6e3a9b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 27 Nov 2022 00:17:25 GMT
rum
dsum-sec.casalemedia.com/ Frame AFCC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4537025322566496957
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4537025322566496957
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4537025322566496957
pragma
no-cache
date
Sun, 27 Nov 2022 00:17:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame AFCC
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=BQN9OlJTfDoeB309UFRoMAABJGkeAyQ4AVMjCKZP
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=BQN9OlJTfDoeB309UFRoMAABJGkeAyQ4AVMjCKZP
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=BQN9OlJTfDoeB309UFRoMAABJGkeAyQ4AVMjCKZP
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
b1sync.zemanta.com/usersync/index/ Frame AFCC
0
0

crum
dsum.casalemedia.com/ Frame AFCC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6028598553993587893
43 B
868 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6028598553993587893
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 00:17:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfKRC2UsJgYBWt7yOoJMicztjqm0QutfdvcZVWi2gEJzhIDBTdQH6dsRWQyTi56SKBTZIon7J0muxB2vILJD0ToRwMBs8Yp5CZRFI9iUzUJWHTpQo4q1UjQ12QQ6w3%2FWhFg1XXUE"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7706ae505f48a820-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:26 GMT
AN-X-Request-Uuid
5422c2a2-5c47-43cf-aefe-a544464c05e3
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6028598553993587893
Connection
keep-alive
X-Proxy-Origin
116.90.74.208; 116.90.74.208; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=23728&dpuuid=Y4KslD7BCQcDcBfYYZ6kdgAA%264731
dpm.demdex.net/ Frame AFCC
0
0

sync
ads.servenobid.com/ Frame AFCC
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y4KslD7BCQcDcBfYYZ6kdgAAEnsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame B0D0
2 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43942340&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5a8e69b508492881ff238a6f5385be32e44e5595f128f2a04b06afd57cd90ef

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 27 Nov 2022 00:17:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ad-s.css
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame F2BD
549 B
642 B
Stylesheet
General
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ad-s.css
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCEy9ckayCY-THONCavQSa9rKwDdKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKqlijH2_WkPqgDAaoE7gFP0NAGsffWgUgIjFgPbdpxz_yNvnYmqO5Hz3Yokpd1P3_qe7eBNz4Mq2tbotg2z1sgeeUnugm1YZLcgFXNyQy9JjTb5QQV-xug5AkEde0v3vE9ungVlFlsbowaMWkr_zeNJE4zS7HKaQ23b7-P6PFLphAE9KtDqKlq-ssK6khGcdsPvpRXciGsB8tbC-mRFEyLi-CjR2I3tSXW4Ajek7-zCYwP1d_dyxwHLTyEY9-6ZXYzCO2XgLAd2MBvjP1uO47dt-2BAASjIkfQCp2HMf0DoQUwSi2X0JVZuBKN3Jq2q_7U3Ne2LANpTiAUBA65wATN78nshgTgBAOQBgGgBk2AB7j91OwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT2-nxEMgTt4yk4QPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw%26sig%3DAOD64_1aiBbSRAyggsJyvx2IZyxq334Avw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-AElV9YGv8kHlif74yCOcwRkTSIs7qkSZJjbwmrm8Wrfxqi4-n9_PlTY3_XnBpsOQDpwozIB8nQTS6HBorQabr2Sfot9D9BE0WAISr-pkd71aDaoYm25MWTnZlq1Jm1-Jl-BV83tgQPljgmyE_rszhY6Rfp02I7dVY0T3RquA2spw5SfIQ%26cry%3D1%26dbm_d%3DAKAmf-C3OQYz_P6yRZFSWsbBGXqV_E9Tcmq2-_FUyh21wq73O2n52RqWB3-pocqftHOxh7WfIPSWbjD07cHJOdntE9DEmNQYkOGpSe32Pn8KxaujUbcKgNAEZegZHBlt-RAbwFdNyCRSqcgaL2MgAUVl22vN80BPg5Jfr8XiiQrauFriuchvjpkv0Y31dufVklMK14dbzw4NQg9gOJucvynfh8bVY5GyAdie11B3BWcBaHX12oP03Wz8a8hYoIdThU6GY0U6G6gLjGzX54hfT3YLpUHblSER7-vDYvUqWXz47W12jXbwj2RjYvpt_GtKfb2cimqB3iLLuAmhDabczx0RH4J5wm0_Z-yLD6RYpX8O7bLlBkhOWmN0nBpbC4jH6z0cq_y0sXUtKcj318bS26V1PMcUWG5BvEZ42iyAOtzgons5lWD7ST7VecFHFSyx4_Ul_1EaVYO5NlaR46lawiWs6MLtIBXJNuTQrAQgkECopB6_PTMMWQnAGAHK6r6v9IwdoNZKz3YVcC1mWTBBJBDygeGkx71pG4TS8oNVfSzLYbsmKvdfq_7ZFsn4vd68vnZUJCenbjvpg5AljkAj8DurHXNXLwX_gXL9-u0Yy6a7fzbVFkvvWvIJIHj7kE2plrmhWOTPCJDxqEQAWpSbF_MtfbWmuQOnxSf9P0nDBaoFJ133pk7je-s%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1669508241926692
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.11 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
3affb7138a23846fc1abd98ec56528e801dc9967fa0a9115c5ed4d80aa511183

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:25 GMT
Server
AmazonS3
x-amz-request-id
ZAPYNDDBRKDM9MKR
ETag
"fff088d095049a532e08414ffbf79c8b"
x-amz-meta-info
inline html5 ForScript
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
222
x-amz-id-2
XA58kY7S95hGpogYaVkwhDe0rKMhJrwPjEdZuYuYTgOYzFtODJPbsYwPD1m2al0hNi5ELNGC4qE=
hype_generated_script.js
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame F2BD
31 KB
7 KB
Script
General
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/hype_generated_script.js?497
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=32c8794c-79f1-49bb-a03f-85569be09a9f&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCEy9ckayCY-THONCavQSa9rKwDdKwpPls9-L8x5QRv831_JotEAEguoTAM2Cr7LGF4BigAbCCq5MByAEJqQKqlijH2_WkPqgDAaoE7gFP0NAGsffWgUgIjFgPbdpxz_yNvnYmqO5Hz3Yokpd1P3_qe7eBNz4Mq2tbotg2z1sgeeUnugm1YZLcgFXNyQy9JjTb5QQV-xug5AkEde0v3vE9ungVlFlsbowaMWkr_zeNJE4zS7HKaQ23b7-P6PFLphAE9KtDqKlq-ssK6khGcdsPvpRXciGsB8tbC-mRFEyLi-CjR2I3tSXW4Ajek7-zCYwP1d_dyxwHLTyEY9-6ZXYzCO2XgLAd2MBvjP1uO47dt-2BAASjIkfQCp2HMf0DoQUwSi2X0JVZuBKN3Jq2q_7U3Ne2LANpTiAUBA65wATN78nshgTgBAOQBgGgBk2AB7j91OwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAbAT2-nxEMgTt4yk4QPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDq26N9oMeDOqusJm8F16UDHGSZV4cKiiqPOyc89Kq61kCQsc8UGCBxUar6Wj5GJ_F7wsCNLI3Xsi4_GAEgEw%26sig%3DAOD64_1aiBbSRAyggsJyvx2IZyxq334Avw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-AElV9YGv8kHlif74yCOcwRkTSIs7qkSZJjbwmrm8Wrfxqi4-n9_PlTY3_XnBpsOQDpwozIB8nQTS6HBorQabr2Sfot9D9BE0WAISr-pkd71aDaoYm25MWTnZlq1Jm1-Jl-BV83tgQPljgmyE_rszhY6Rfp02I7dVY0T3RquA2spw5SfIQ%26cry%3D1%26dbm_d%3DAKAmf-C3OQYz_P6yRZFSWsbBGXqV_E9Tcmq2-_FUyh21wq73O2n52RqWB3-pocqftHOxh7WfIPSWbjD07cHJOdntE9DEmNQYkOGpSe32Pn8KxaujUbcKgNAEZegZHBlt-RAbwFdNyCRSqcgaL2MgAUVl22vN80BPg5Jfr8XiiQrauFriuchvjpkv0Y31dufVklMK14dbzw4NQg9gOJucvynfh8bVY5GyAdie11B3BWcBaHX12oP03Wz8a8hYoIdThU6GY0U6G6gLjGzX54hfT3YLpUHblSER7-vDYvUqWXz47W12jXbwj2RjYvpt_GtKfb2cimqB3iLLuAmhDabczx0RH4J5wm0_Z-yLD6RYpX8O7bLlBkhOWmN0nBpbC4jH6z0cq_y0sXUtKcj318bS26V1PMcUWG5BvEZ42iyAOtzgons5lWD7ST7VecFHFSyx4_Ul_1EaVYO5NlaR46lawiWs6MLtIBXJNuTQrAQgkECopB6_PTMMWQnAGAHK6r6v9IwdoNZKz3YVcC1mWTBBJBDygeGkx71pG4TS8oNVfSzLYbsmKvdfq_7ZFsn4vd68vnZUJCenbjvpg5AljkAj8DurHXNXLwX_gXL9-u0Yy6a7fzbVFkvvWvIJIHj7kE2plrmhWOTPCJDxqEQAWpSbF_MtfbWmuQOnxSf9P0nDBaoFJ133pk7je-s%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d32c8794c-79f1-49bb-a03f-85569be09a9f&ord=1669508241926692
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.11 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
c156e2771927ce196034439e75f43effeb52ad6875d40bd12daf6f8124a8d445

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:25 GMT
Server
AmazonS3
x-amz-request-id
ZAPK9W36KT5XPEC0
ETag
"3d9647ddaddf09c9cf8fe85132809967"
x-amz-meta-info
main HYPE file
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
7156
x-amz-id-2
meXN/SxWy0YuMsDgT105sscQRULjhkBJOLZCnGxgU/wnVTDkwB/ETj51Ab2vBFnom7zE1nEymPk=
usync.js
eus.rubiconproject.com/ Frame A4BB
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
eaf4072a538faf5ef9905376635ccacd8cff466648f4d1a77b76b487706131af

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:26 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Nov 2022 08:11:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28461
Connection
keep-alive
Content-Length
10065
Expires
Sun, 27 Nov 2022 08:11:47 GMT
usync.js
eus.rubiconproject.com/ Frame E027
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
eaf4072a538faf5ef9905376635ccacd8cff466648f4d1a77b76b487706131af

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:26 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Nov 2022 08:11:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28461
Connection
keep-alive
Content-Length
10065
Expires
Sun, 27 Nov 2022 08:11:47 GMT
getuid
secure.adnxs.com/ Frame 592C
0
0

bidswitch
event.clientgear.com/cookie/ Frame 592C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_51757fb2-3aa7-4bc9-b9fb-2611b0c6d45c&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=766a7882-5997-484d-afd0-9f7108599032
0
0

usersync
usersync.gumgum.com/ Frame 592C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-74ab026b-7ed4-4f71-7d23-cc224987335f$ip$116.90.74.208
0
0

/
b1sync.zemanta.com/usersync/gumgum/ Frame 592C
0
0

34f39761-0016-448c-b60e-9f4dc4c42967
sync.1rx.io/usersync/tradedesk/ Frame 592C
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2608643581
  • https://sync.1rx.io/usersync/tradedesk/34f39761-0016-448c-b60e-9f4dc4c42967
0
0

rtset
bh.contextweb.com/bh/ Frame 592C
0
0

redirectObuid
sync.outbrain.com/ Frame 592C
0
0

usersync
usersync.gumgum.com/ Frame 592C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=8ce5a8e0-48ba-41b9-be7e-e857eec7a3ad
0
0

gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 592C
0
0

generic
sync.ipredictive.com/d/sync/cookie/ Frame 592C
0
0

services
sync.technoratimedia.com/ Frame 592C
0
0

142
match.deepintent.com/usersync/ Frame 592C
0
0

server_match
ad.360yield.com/ Frame 592C
0
0

sync
ssbsync.smartadserver.com/api/ Frame 592C
0
0

sync
ads.servenobid.com/ Frame 592C
0
0

oRTB
sync.inmobi.com/ Frame D7E7
0
0

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E620
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=77916
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 27 Nov 2022 00:17:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 27 Nov 2022 21:56:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame B8F5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=34f39761-0016-448c-b60e-9f4dc4c42967
0
0

usersync
usersync.gumgum.com/ Frame E92E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=88876382-ac92-4300-a95b-e8bf0e6e3a9b&gdpr=0&gdpr_consent=
0
0

URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 615C
0
0

pixel
cm.g.doubleclick.net/ Frame 2010
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV81MTc1N2ZiMi0zYWE3LTRiYzktYjlmYi0yNjExYjBjNmQ0NWM=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 00:17:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame 68B7
0
67 B
Document
General
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.4.49 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 27 Nov 2022 00:17:27 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame A9A0
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y4Ksl8Co8X8AAGbqL1sAAAAA
0
0

gumgum
cs.admanmedia.com/sync/ Frame 091E
0
0

usersync
usersync.gumgum.com/ Frame 98C7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y4KslD7BCQcDcBfYYZ6kdgAA%264731
0
0

cm-notify
creativecdn.com/ Frame 9546
0
0

usync.html
eus.rubiconproject.com/ Frame E357
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 27 Nov 2022 00:17:27 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 27 Nov 2022 00:17:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
async_usersync
ib.adnxs.com/ Frame D7BA
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 00:17:27 GMT
AN-X-Request-Uuid
e2cdf636-6003-4c06-b158-18942d0b6765
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.208; 116.90.74.208; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
HYPE-740.thin.min.js
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame F2BD
56 KB
25 KB
Script
General
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/HYPE-740.thin.min.js
Requested by
Host: s3-ap-southeast-2.amazonaws.com
URL: https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/hype_generated_script.js?497
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.11 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
1b672d771ea2e2d6cf15df45fa4978c98d571b4521e5ebedb7b060e65577c127

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:25 GMT
Server
AmazonS3
x-amz-request-id
ZAPGDD61W70YE4HF
ETag
"9e7db1868051997b3db193c0cefceb81"
x-amz-meta-info
HYPE file
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
24698
x-amz-id-2
eUaR1jc5qGBv+OF1LjwobkK07oFdAyXzS6BlVEaVZEFuu4SDcSCnaJhrr/AM1cSBMZaHDNEONy0=
cs
cs.minutemedia-prebid.com/ Frame AEB9
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=3448623052748763557&gdpr=0&gdpr_consent=
0
0

minute_media
cs.admanmedia.com/sync/ Frame AEB9
0
0

getuid
secure.adnxs.com/ Frame AEB9
0
0

sync
rtb.mfadsrvr.com/ Frame AEB9
0
0

server_match
ad.360yield.com/ Frame AEB9
0
0

redirectuser
ssp.disqus.com/ Frame AEB9
0
0

/
ssc-cms.33across.com/ps/ Frame AEB9
0
0

sync
x.bidswitch.net/ Frame AEB9
0
0

bsync
visitor.omnitagjs.com/visitor/ Frame AEB9
0
0

us
sync.go.sonobi.com/ Frame AEB9
0
0

cm
u.openx.net/w/1.0/ Frame AEB9
0
0

occ
ups.analytics.yahoo.com/ups/58611/ Frame AEB9
0
0

pbsync
ads.yieldmo.com/ Frame AEB9
0
0

rmpssp
sync.1rx.io/usersync2/ Frame AEB9
0
0

pixel
ap.lijit.com/ Frame AEB9
0
0

services
sync.technoratimedia.com/ Frame AEB9
0
0

rtset
bh.contextweb.com/bh/ Frame AEB9
0
0

3e1ed898b08f9e935ca99407796b46c0.gif
cs.iqzone.com/ Frame AEB9
0
0

0
prebid.a-mo.net/cchain/ Frame AEB9
0
0

usermatchredir
ssum-sec.casalemedia.com/ Frame AEB9
0
0

v1
match.sharethrough.com/universal/ Frame AEB9
0
0

match
ads.betweendigital.com/ Frame AEB9
0
0

6185b9cf4d72f7e454746134b8c78716.gif
cs.krushmedia.com/ Frame AEB9
0
0

getuid
eb2.3lift.com/ Frame AEB9
0
0

syncb
sync.bfmio.com/ Frame AEB9
0
0

ImgSync
image8.pubmatic.com/AdServer/ Frame AEB9
0
0

sync
ads.servenobid.com/ Frame AEB9
0
0

/
onetag-sys.com/usync/ Frame F733
2 KB
814 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
19fc6daa3a926256
ads.us.e-planning.net/uspd/1/ Frame 156D
0
0

usync.html
eus.rubiconproject.com/ Frame 31DD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 27 Nov 2022 00:17:27 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 27 Nov 2022 00:17:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame A4BB
0
0

sync.php
pixel.rubiconproject.com/exchange/ Frame E027
0
0

match
c1.adform.net/serving/cookie/ Frame BEEA
35 B
467 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=CEB39A7C-DC17-437E-B693-FDD734EFB451&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 27 Nov 2022 00:17:27 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5159
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:88876382-ac92-4300-a95b-e8bf0e6e3a9b&gdpr=0&gdpr_consent=
0
0

b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 5745
0
0

send
cm.ambientdsp.com/cm/ Frame ED22
0
0

getuid
ib.adnxs.com/ Frame 0113
0
0

Pug
image2.pubmatic.com/AdServer/ Frame A9BF
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GQlY1k5ZWdYCDVjRTF5N3BwLAYUCCQHUHVmkp0jD
0
0

sync
ads.servenobid.com/ Frame 2814
0
0

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B0D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zrOafNwXQ362k_3XNO-0UQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
0
0

420486.gif
idsync.rlcdn.com/ Frame B0D0
0
0

SPug
image4.pubmatic.com/AdServer/ Frame B0D0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=88876382-ac92-4300-a95b-e8bf0e6e3a9b
0
0

Pug
image2.pubmatic.com/AdServer/ Frame B0D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0VCMzlBN0MtREMxNy00MzdFLUI2OTMtRkRENzM0RUZCNDUx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0

Pug
image2.pubmatic.com/AdServer/ Frame B0D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOC_1KasA4YtMjH9yuTD1Vs&google_cver=1
0
0

Pug
image2.pubmatic.com/AdServer/ Frame B0D0
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:DE657C3EC0754347B9A8AB4FAA85442D
0
0

CEB39A7C-DC17-437E-B693-FDD734EFB451
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B0D0
43 B
600 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/CEB39A7C-DC17-437E-B693-FDD734EFB451?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.252.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-252-98.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 00:17:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame B0D0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=34f39761-0016-448c-b60e-9f4dc4c42967&gdpr=0&gdpr_consent=
0
0

css
fonts.googleapis.com/ Frame F2BD
0
0

van_welkam_logo.svg
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame F2BD
77 KB
22 KB
Image
General
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/van_welkam_logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.11 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
c44d01dcc4b5ec2d67d2a22a65507a24f24b2c95efa5fb3bd370dace12515d69

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:25 GMT
Server
AmazonS3
x-amz-request-id
AZX1FKCNEQZGVBMM
ETag
"96759fdcbaf3c91daf647466f0c91cc3"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
22006
x-amz-id-2
FypT7eM9UO9HvUTCOyOuE43k0cynRVNGFAXpltXl0mmn+5c6jRJ+HpSu2WCMgyGpE1xE3uZWcek=
Experience%20BTN.svg
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame F2BD
9 KB
3 KB
Image
General
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/Experience%20BTN.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/f-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.11 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
3eff40b5baa173579a18a83e983bc913aa99df9cdde0df72849e6c9309c5ab88

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 27 Nov 2022 00:17:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2022 01:38:24 GMT
Server
AmazonS3
x-amz-request-id
AZX1DPFX37C3905D
ETag
"6e9e34eefd6a9eb35a7a4da3a5372ccc"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2534
x-amz-id-2
xiNLQNhNUtQYYfQu4BXNk0No/agS71P3PUKJjJTK/tPvXFmQvpRrJQkrLPU0PkE4dy2U7o6NvKE=
Youre%20invited.svg
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame F2BD
0
0

Arrow_1.svg
s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/ Frame F2BD
0
0

sync
ads.servenobid.com/ Frame 7AA5
0
0

711890.gif
id.rlcdn.com/ Frame 7AA5
0
0

getuid
secure.adnxs.com/ Frame 7AA5
0
0

/
rtb-csync.smartadserver.com/redir/ Frame 7AA5
0
0

gjIEMT18
sync-tm.everesttech.net/upi/pid/ Frame 7AA5
0
0

usync.js
eus.rubiconproject.com/ Frame E357
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.html?cs=8&vsid=3125098457444838000V10&type=rkt&refUrl=&vid=95082456093125098457444838000V10&ovsid=1992631737882419638
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-0a5e5534-f1b1-4030-ad23-d9af86c18b32-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dr1%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3DRX-0a5e5534-f1b1-4030-ad23-d9af86c18b32-004
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=766a7882-5997-484d-afd0-9f7108599032&gdpr=0&gdpr_consent=&gdpr_pd=
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=KW_4f8o0NfAuw9VHYLAV&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKLK5PTIZRYN4YE4ZSBOV3TSVSILFGECVRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4TKMBYGI2DKNRQHEZTCMRVGA4TQNBVG42DINBYGM4DAMBQKYYTAJTWONUWIPJTGEZDKMBZHA2DKNZUGQ2DQMZYGAYDAVRRGA
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3125098457444838000V10
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=310&uid=Ft-xCRZHUN4W9OsERWOmjoI9
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=310&uid=Ft-xELZHekBFlomqQtSF_SWP
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-0a5e5534-f1b1-4030-ad23-d9af86c18b32-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3125098457444838000V10%26type%3Dr1%26refUrl%3D%26vid%3D95082456093125098457444838000V10%26ovsid%3DRX-0a5e5534-f1b1-4030-ad23-d9af86c18b32-004
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=324&uid=1992631737882419639
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3463%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Da5167e1d-5a07-4d0b-a2a6-1400ad32ab5b%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58632/occ
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=25470
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEpW-327IADFvdQfsNZUXLU&google_cver=1
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2249&pt=n
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=36584
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=34f39761-0016-448c-b60e-9f4dc4c42967&gdpr=0&gdpr_consent=&expires=30
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6028598553993587893
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y4KslD7BCQcDcBfYYZ6kdgAA%264731?gdpr_consent=&us_privacy=&gdpr=
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
Domain
event.clientgear.com
URL
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=766a7882-5997-484d-afd0-9f7108599032
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sta&i=0-74ab026b-7ed4-4f71-7d23-cc224987335f$ip$116.90.74.208
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=a_51757fb2-3aa7-4bc9-b9fb-2611b0c6d45c&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync/tradedesk/34f39761-0016-448c-b60e-9f4dc4c42967
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=opx&i=8ce5a8e0-48ba-41b9-be7e-e857eec7a3ad
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=309&uid=a_51757fb2-3aa7-4bc9-b9fb-2611b0c6d45c
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=ttd&i=34f39761-0016-448c-b60e-9f4dc4c42967
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=mmh&i=88876382-ac92-4300-a95b-e8bf0e6e3a9b&gdpr=0&gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sus&i=Y4Ksl8Co8X8AAGbqL1sAAAAA
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=iex&i=Y4KslD7BCQcDcBfYYZ6kdgAA%264731
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=3448623052748763557&gdpr=0&gdpr_consent=
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=minutemedia
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
Domain
u.openx.net
URL
https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent=
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21483%26id%3D%5BUSER_ID%5D
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/3e1ed898b08f9e935ca99407796b46c0.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21508%26puid%3D[UID]
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
Domain
cs.krushmedia.com
URL
https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
Domain
sync.bfmio.com
URL
https://sync.bfmio.com/syncb?pid=186
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=348&uid=tauxCLStC_mm
Domain
ads.us.e-planning.net
URL
https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LAYM3MSL-1C-5KJ7
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LAYM3MSL-1C-5KJ7
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:88876382-ac92-4300-a95b-e8bf0e6e3a9b&gdpr=0&gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
cm.ambientdsp.com
URL
https://cm.ambientdsp.com/cm/send?vc=pmj
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GQlY1k5ZWdYCDVjRTF5N3BwLAYUCCQHUHVmkp0jD
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=316&uid=CEB39A7C-DC17-437E-B693-FDD734EFB451
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/420486.gif?partner_uid=CEB39A7C-DC17-437E-B693-FDD734EFB451
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=88876382-ac92-4300-a95b-e8bf0e6e3a9b
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOC_1KasA4YtMjH9yuTD1Vs&google_cver=1
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:DE657C3EC0754347B9A8AB4FAA85442D
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=34f39761-0016-448c-b60e-9f4dc4c42967&gdpr=0&gdpr_consent=
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Alkalami&subset=latin
Domain
s3-ap-southeast-2.amazonaws.com
URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/Youre%20invited.svg
Domain
s3-ap-southeast-2.amazonaws.com
URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/7387f6fa-a109-45b5-9a4f-d45813c5ad8b/Arrow_1.svg
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=317&uid=5498859441347375423&gdpr=0&gdpr_consent=
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| adpushup object| ucfad_async object| AMP object| adRecover object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString function| setImmediate function| clearImmediate undefined| $ undefined| jQuery function| jqAlias object| google_reactive_ads_global_state number| ampAdSlotIdCounter string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| _qevents object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries function| quantserve function| __qc object| ezt object| _qoptions undefined| google_measure_js_timing boolean| descriptionPage object| dataLayer function| gtag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| google_tag_manager function| onYouTubeIframeAPIReady

76 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ9c_Is8swCgoIgQIQ9c_Is8swCgoI4gEQ9c_Is8swCgoI5gEQ9c_Is8swCgoIhwIQ9c_Is8swCgkICRD1z8izyzAKCQg6EPXPyLPLMAoKCIwCEPXPyLPLMAoJCF8Q9c_Is8swCgkIHxD1z8izyzA=
.aralego.com/ Name: sspid
Value: 28f9943f-f94d-3414-9224-314947995a5a
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: f5a5e158-bcbd-4ef4-b26f-ff7802dec2dd
.adpushup.com/ Name: ap_uid
Value: da25e431-6de8-11ed-8326-000d3aa16686
.adpushup.com/ Name: ap_usid
Value: da25e432-6de8-11ed-8326-000d3aa16686
.doubleclick.net/ Name: IDE
Value: AHWqTUketGeOVWs47Vxxrpq9K1q7kjsCrhuJIo6f8SNT6391j7zdinCeume_nd4f8FE
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: a87433c9-c928-4618-83d3-305242b09116
.bg3.co/ Name: __gpi
Value: UID=00000b83db21bcba:T=1669508238:RT=1669508238:S=ALNI_MaXx_JBAkL2e2dFKiEFQ8NfmnDBjw
.openx.net/ Name: i
Value: a87433c9-c928-4618-83d3-305242b09116|1669508239
.omnitagjs.com/ Name: ayl_visitor
Value: 0bc3c7cca7f74b300483625cf05f6536
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwj9mKnAY4AUABSAEQj9mKnAYYAA..
.adnxs.com/ Name: uuid2
Value: 6028598553993587893
.teads.tv/ Name: tt_viewer
Value: 6adde1b1-b71a-4ca2-b318-56634df4d8e8
.rubiconproject.com/ Name: khaos
Value: LAYM3MSL-1C-5KJ7
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJoU6jy0XI4OnXrd8oPN4aCi36BsFBBbyiUu+fFoqt/hS5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
.blismedia.com/ Name: b
Value: 6382AC916FA88EA40911A2F2BLIS
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: 88876382-ac92-4300-a95b-e8bf0e6e3a9b
.bg3.co/ Name: __gads
Value: ID=2437ea9eea160579-22b06bd5a7d800ee:T=1669508238:S=ALNI_MYjjqkpZbGWdjfYnIDc3cMG_h2NjA
.bidswitch.net/ Name: tuuid
Value: 766a7882-5997-484d-afd0-9f7108599032
.bidswitch.net/ Name: c
Value: 1669508242
.bidswitch.net/ Name: tuuid_lu
Value: 1669508242
.adform.net/ Name: uid
Value: 8208776668112090044
.quantserve.com/ Name: mc
Value: 6382ac92-785cd-831aa-3a02c
.bg3.co/ Name: __qca
Value: P0-986546504-1669508239278
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-74ab026b-7ed4-4f71-7d23-cc224987335f.9ZM6JFeK9Gp6cfD9m4%2FTuELnceAzSn7LjIGCW6HBrQw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AdKsCa37UT3F9I8wiSYczX3RaStA.XGdD2xaMiXElsNpVhHpajaeRyBx07AVdINcCmYhRsec
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1669508242.1.0.1669508242.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.576298791.1669508242
.quantserve.com/ Name: d
Value: EGkBCQHWJ4EA
.mathtag.com/ Name: mt_mop
Value: 4:1669508243
.ctnsnet.com/ Name: gid_CAESEB7TxgM6e_zilxjcmi7UpLg
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GTtj)tG$!]tbPl1M>e)ZlrFUfJ+tGXvX+](mXr[IIZ]><n(IN=iL^Al@3hYvn7fC%#]H*bpRz*qF1`*b^4U)j=:f
.tribalfusion.com/ Name: ANON_ID
Value: aNntmIyg6AarA7u8QGkuI6hZbI6H52Ejo3cCEFc1tjv7424MR18FRbODTwaI2fx6F4LZbFjgoHZbv2EXl2FjWlkYPOX
.turn.com/ Name: uid
Value: 4537025322566496957
.ctnsnet.com/ Name: cid
Value: de62e8bcbfb7412a8ff63597805af439
.openx.net/ Name: pd
Value: v2|1669508244|jElYiuvOiahI
.casalemedia.com/ Name: CMID
Value: Y4KslD7BCQcDcBfYYZ6kdgAA
.casalemedia.com/ Name: CMPS
Value: 4731
.casalemedia.com/ Name: CMPRO
Value: 4731
.adsrvr.org/ Name: TDID
Value: 34f39761-0016-448c-b60e-9f4dc4c42967
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22ec5932d3-f488-4577-8290-eee6f59a73d9%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-27T00%3A17%3A25%22%7D
.3lift.com/ Name: tluid
Value: 2826671534370865974578
.sportradarserving.com/ Name: zuuid
Value: 12d9ff6d-e790-4973-804e-ab42b3396025
.sportradarserving.com/ Name: c
Value: 1669508245
.sportradarserving.com/ Name: zuuid_lu
Value: 1669508245
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1669508245
.media.net/ Name: visitor-id
Value: 3125098457444838000V10
.openx.net/ Name: univ_id
Value: 537072971|34f39761-0016-448c-b60e-9f4dc4c42967|1669508245465982
.yandex.ru/ Name: yuidss
Value: 4257897241669508245
.yandex.ru/ Name: yandexuid
Value: 4257897241669508245
.ladsp.com/ Name: cr
Value: 1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY5NTA4MjQ1fQ
.ladsp.com/ Name: smn_uid
Value: uVcgbKk7sF_zaIj0dOhJMA8cFL4E96c
.ladsp.com/ Name: lum
Value: CM3TyLPLMBIFCAMQ0AU
.bg3.co/ Name: cto_bundle
Value: PSluQ18waFd6akhYc0dUTVo2WmpUWUlKaUpTR1NGWHYlMkJ0VHM3RUw0dyUyQjZSVVA1JTJCSiUyRmwyS24zemFXTHNMVjQ1NHolMkZyblp0TDVkZWNnenhnSTdTcXdoMFRZbER0VW94bUFqR3F4QzJkTDZlajdTSzglM0Q
.bg3.co/ Name: cto_bidid
Value: 7hQe_F83Z1V6UW1LdkxDbG1sRGMlMkJWSW12ZXJwT09zbVpmdHJ5Z0tYWERsb0I0SHA0VjdZRUowRzVTdFdBTHdWMHgwUzlkeTJEJTJCdmVoWEZvZnhmSm9qOURzSkElM0QlM0Q
.media.net/ Name: data-mm
Value: 88876382-ac92-4300-a95b-e8bf0e6e3a9b~~8
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI9LSmttmFqDsQBRIWCgdydWJpY29uEgsIkP60udmFqDsQBRgFIAMoAjILCLzX_dzvhag7EAU4AQ..
.media.net/ Name: data-a
Value: 6028598553993587893~~8
.media.net/ Name: data-o
Value: b3f4650f-cbaf-430f-ba4a-86d494783037~~8
.criteo.com/ Name: uid
Value: 686e4297-e1e2-4509-a07f-f4d02f5b052c
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.a-mo.net/ Name: amuid2
Value: a5167e1d-5a07-4d0b-a2a6-1400ad32ab5b
.prebid.a-mo.net/ Name: sd_amuid2
Value: a5167e1d-5a07-4d0b-a2a6-1400ad32ab5b
.yahoo.com/ Name: A3
Value: d=AQABBJasgmMCEK4Ice2Xw2megFyGxdDi_i8FEgEBAQH-g2OMYwAAAAAA_eMAAA&S=AQAAAhrK-ubekiDH-KwTmtqCrhU
.linkedin.com/ Name: li_sugr
Value: 2887543e-caf6-4b8e-85d8-e39181454466
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&92198f64-1b68-4d0d-86c2-b4b861b3d13b"
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2630:u=1:x=1:i=1669508246:t=1669594646:v=2:sig=AQH_kqcJ7Pk03bs_Odg17sISsfCGLypD"
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMTS
Value: 4708

22 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202106/8ad3c0aca38107a705b775efffaed127.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/bbda8973649c419d73079c70c85b43a5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202107/660841c65e3a8772b4ce1e04bf94ba79.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/4ae49a3274d96fc29249301ca822a7d7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/38d24fa49742f9f63dad7d33423af14e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/0bcae59c9fd60dc88441662a58fe61f1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/9032aba83628dc12d7b2207a1579e457.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/91760bcd6c35f8d9c3583d6d442ce477.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/e9fbe45c321520237409cf4ae6b9adb5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/cbd9b9d22adb936da1922d3ddbe1d1e8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/cdc5473c5bbd0449514ee8318b14a9cb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/f7649ea832bac450354b23eebe1ae593.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/458e8f40a6f7b26c3fa7952fc4c52e03.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/1c59e8a284809d07c0e004b15eaba716.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202203/cfe7b5135a71a79a1d0b4c56b3de2869.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/00b6b235bb93fa8ecae1cd680033b30c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/a04b12c73444816fc82211466d2e2b19.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/e46dd73f96081cc3490a7331911bcfae.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669508237&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ff-16qing-chen-gua-dan-zhi-xing-zhan-bei-zhuan-chang-c-130zai-song-hou-qin-ren-li-zhuang-bei-ren-wu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669508235944&bpp=13&bdt=1919&idt=1637&shv=r20221110&mjsv=m202211140101&ptt=5&saldr=sa&correlator=4799427792427&frm=23&ife=1&pv=2&ga_vid=1852690037.1669508238&ga_sid=1669508238&ga_hid=2099637927&ga_fc=0&ga_cid=amp-EK-O7O0gkQfSw33_3wB6fw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1034371593&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44773614%2C31070924&oid=2&pvsid=1713591695959193&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4qyhgm4asang&fsb=1&dtd=1655
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvZi0xNnFpbmctY2hlbi1ndWEtZGFuLXpoaS14aW5nLXpoYW4tYmVpLXpodWFuLWNoYW5nLWMtMTMwemFpLXNvbmctaG91LXFpbi1yZW4tbGktemh1YW5nLWJlaS1yZW4td3UuaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

094703f482bd484bcc3874f681efd9c7.safeframe.googlesyndication.com
305ead8bb9e1fc2af0134cdb4ec9593a.safeframe.googlesyndication.com
5fb543f625ea1e3be246c7c2fc8e6709.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.us.e-planning.net
ads.yieldmo.com
adservice.google.co.nz
adservice.google.com
adx.holmesmind.com
an.yandex.ru
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
campaign.adpushup.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
cs.iqzone.com
cs.krushmedia.com
cs.media.net
cs.minutemedia-prebid.com
csm.as.criteo.net
csync.loopme.me
d-1838737222392901985.ampproject.net
d.adroll.com
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
event.clientgear.com
fastlane.rubiconproject.com
fonts.googleapis.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
onetag-sys.com
p.adsymptotic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
r.turn.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s3-ap-southeast-2.amazonaws.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.bfmio.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tr.blismedia.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.omnitagjs.com
www.adtrek.co
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.us.e-planning.net
ads.yieldmo.com
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
cm.ambientdsp.com
contextual.media.net
creativecdn.com
cs.admanmedia.com
cs.iqzone.com
cs.krushmedia.com
cs.minutemedia-prebid.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
event.clientgear.com
fonts.googleapis.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
match.deepintent.com
match.sharethrough.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s3-ap-southeast-2.amazonaws.com
secure.adnxs.com
simage2.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.outbrain.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
token.rubiconproject.com
u.openx.net
ups.analytics.yahoo.com
usersync.gumgum.com
visitor.omnitagjs.com
x.bidswitch.net
103.229.10.171
103.229.206.240
103.231.98.196
103.254.153.160
104.16.87.20
104.18.24.173
104.18.33.19
104.18.36.94
104.18.99.194
104.26.2.91
104.26.4.103
124.146.215.44
13.107.42.14
13.228.248.223
13.33.33.118
13.33.88.48
13.33.88.71
13.35.8.85
13.76.45.37
139.5.84.243
139.99.49.250
142.250.4.148
142.250.4.97
142.251.10.132
142.251.10.154
142.251.10.156
142.251.12.154
142.251.12.157
145.40.89.200
15.197.193.217
152.199.39.108
172.217.194.138
172.217.194.154
172.64.151.162
172.64.154.237
18.136.62.187
18.139.12.96
18.177.55.15
182.161.73.129
182.161.73.132
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
184.51.240.199
184.51.240.213
185.84.60.20
204.79.197.200
23.106.127.52
23.108.103.8
23.44.27.86
23.50.118.44
23.50.119.72
23.75.85.227
3.104.150.39
34.107.148.139
34.149.43.113
34.236.140.33
34.83.125.63
34.96.105.8
35.186.193.173
35.213.117.18
35.213.12.39
35.213.93.179
35.214.223.115
35.244.159.8
35.71.178.8
42.99.140.200
42.99.140.201
44.230.16.162
50.116.239.135
52.183.162.69
52.204.4.49
52.46.151.131
52.68.16.50
52.74.13.196
52.74.252.98
52.84.45.7
52.95.128.11
54.75.88.22
64.120.88.131
68.67.179.155
69.16.175.10
69.173.158.65
74.125.200.132
74.125.24.155
74.125.24.94
74.125.24.99
77.88.21.90
84.17.37.44
96.17.188.24
0005f19af8a197e861a836aa2d92ba2ff628d5b1d1eadc047215492eca7ad0f1
000a5eac81aaf2bfa4112990ccfe9afb0560c653da623a2016f5a928bb1032eb
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
04af379c37398603077d9d44bfccfb4f4fa3cddcd33a3f1629f25c22031a09a6
0535100df27c6d49a6d1c06b7f98455bf0cdef6ae63c4c168b5cf1f170c14c51
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
061fa2bc31c5c7095afb6db1da7aaa79ec69951abb0865c37c94e26be87275c2
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eccebb7415d5c917a70a6b4326f5a32b22c1eebf205c3859fcbd28844930f92
0f46fc2ccc591120e2ff17f9aee448007226a2903c14298c1137f88e825c9fa1
124ba282fba9be018e2677e71d05d9cc739653b55a7e24d0f5d91b07d1bdce7e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1b672d771ea2e2d6cf15df45fa4978c98d571b4521e5ebedb7b060e65577c127
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1d06186935333e9e0054906d58a51794a743376d1b71dc55df78e65debcc9820
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
23fcb68994f7fd49b61fa0303100574f24a81f611958b7852f60ba8938503df6
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
2aa85d5ec0835a125e65353bd33afd844c68400fceb0075d1aa413c01e3fd98d
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2c71445ec9538a4d031b32ba0f044ae793aac625896846f838f9c8abace99c08
2f79aaf6e437b1dbcaaeb4e3328146776eeff98d9f56aea0ce2eb3e27d9e8956
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3391b1408e32d7885e15a2066477358b90842435c829ad7c2cf059c35b6bbfd6
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36dc398a24c1bf6644f0e227dec5ce7d8c603d482067d064d22ac122180f3763
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3affb7138a23846fc1abd98ec56528e801dc9967fa0a9115c5ed4d80aa511183
3b564c321b69cb9ea6ba3750cb07306f6f92862cb23682be0eb0fc7b4b3af660
3c052f971528328ba855dc51d679f3e81d9f819cdcdd5c976fbc2a5ec029e754
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e76fa5f8f7b53855ef3a64bb458a6ff4a09da9a814e81d844c973008139f527
3eff40b5baa173579a18a83e983bc913aa99df9cdde0df72849e6c9309c5ab88
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41917208086f4738ff77c9613c3e1b58ba1d5f8a93e55c27d0084fbe5c2f2d08
45424b377bb7c4c9662c96cc7f056216f5013f59ca104e72d86a0b5407f6fefe
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b94dd9e89612315570c32ceef8d758a13f6d3731afa8f43a90a0db6999c2ff
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d11eb681e969f43f6f4eaf183f1525a0d7a27c6c8864527e8168439a538b3a8
4d1383b53cf79d4cdc7cb8e0426a905ca944fbeee3116433b6a6de87f4b70110
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0de4d7a3059d2d724fedfff3f252fe6c7a8181871544a7966822e2bb0f615f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53f9f9582b5ca6a0ec45cd44bd033e2eac6d512569b42276e251d541d2141f8d
5469d9d2707ec8d436d4100ae5404f4da04178422b84cc3843b0ff676f7762e3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55240e190af93c329c339c44aef4e37701f7cac83c65df0afb7e801b7eead39f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
59d05a5388585b1e7bc71cfda944fee6ebe0d77897f23bb3f1c785edae95ab55
5f84d2d09062f08518f2569792044af25d9789e431c3d82ea377b33da878986b
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64130342828152e777b39517eb0e90586f5ff14d092ee86658f2f09e524c7053
65f826077a6a7f5d1d03e8ca4f276f18278462563843284ebde89df409802e40
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bfd228178a7920f79853de46df09c0a6ee732b6d92100be5bb99174d05a9c07
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6df83660fc9af4e487bffd1e923170ce7ab3135aece79a6a5b329bff4e72c6be
6f3b79cc8cc613dbc5936b1aa69fd15ee78237f6d595734c70cbcc95568319d3
70e2ff3ace36724ab2fa34bf8cec5e9a3ff126c6a69ce9837138f66250449421
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72d04605cc71056294a313aa468b474bb46e57031f3647cd9b8c629904eb84ad
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
75c392ae6fbb1f49b5ef9cfdeb490f4f63cb55dd47f800dd4ff5ed9180a45fc1
78c2d8202152efb8c7743216173b5549deac5992fc6056aa45ef4e45faf0b3d2
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7d4757b1d039f59e7de6cfa1ea3d9a927aec499132d575a3f82f8ee7dbc65ef6
7f44d4de5165f4fd18eabdecd1292b5d5a815e4465f32bb7d3bdfaca895922d3
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8587f6427faffbd6a2d4161eb3f15c94884f73bf27195a418089afe917f55a85
878674d3e2986e2a0da06a414498ebe39c165c2e22624600ee179ec9df149105
8a7fd9cf272483c91d91595ab284f310c610d42e61c41c740004ed4df0fd4912
8c5cf7aa391ad3090dc7d0dec9faddff86a1661efca6a9fa1a7cb951a07a1942
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9367980d1a2a729754c9a6777d7236e9d49c662a197f00e210ba276d7e0aa6ac
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
98a88b0e0a1d558186eb2bd505b0c2b09bcaa1e0772402f306e6866fb6c127f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a315744dee77b28d2b8812cc3c78ddcbf3674ad0e42a323db2f0d08e1a6cec74
a327ff5bc384f38e4ef5b88dd25812a252b6ff52b4f3a6e1b2133df16919708a
a3da64e3ee15cfdc3371ed75bbceeae768b5463cb92222ab20ad4b1dd5c26f9a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a54bd6cd6bb3a2cbae6bb11fa81b95ba3dd1995ebf858cea1562bef1f54b7428
a62b023c816bb56c43ee44e2690797d1ed55490868a0b141e38e445b50dab036
a6a64f6952ceae68d5eadd1daeee70c618f34cde778e5f2c6ce33926d60bfd97
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a89c99a73b3c1f0c7a3977dd68ceba2286f13385d81aa1bf2c6811bce17f84fd
abec67ea8b6c38c5634d47a12cd8066e7f3348b3500b35ea64ce3db62a1b4af3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4759bb4f7feb87cdfa4b36b4fe2754a54224629226f76df1287a5873c1176af
b771203e1a04667924c621eee87befe31b5d2f22ee4d34a0f4c95613af11d157
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
c156e2771927ce196034439e75f43effeb52ad6875d40bd12daf6f8124a8d445
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c44d01dcc4b5ec2d67d2a22a65507a24f24b2c95efa5fb3bd370dace12515d69
c4e98fd90c0adee3b439fb1de33aa982d1c9bb78abf231165337b2882cb08395
c7960fa01b219284ff1f6ced310ad6aab5fcedb8b9cb470238d23b1f535ecbb9
c9d39b0c6fd30f79e7feea1a01d35fbfdeeeeeda6a7b33a2f2f26375b9aa5d51
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9047ac8bdf9df4651b1f49d559f272517aae0ce96f3517e85adb240154cc2a
d041975ccfe382302df8d96afb7d06792fe848b78279a8eda741c6573240c877
d061b3b81dbcb2be444ef17d47ee82a283d5c5333cd82ffc2685bfb4907e2d34
d26a25fc3875ba53fe0f85cf3faca91d18dd52400e3899ec923edbe43813cee7
deef0ca154571e17a9007a38261b3aefeaf393f6c28e8bd5734687020b2bf6b9
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e005bd498c71a1e59de4a20aec621c9a51451e498778fb049957e17fca316f8c
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e38faebb5a6d42d74b0d294dd2b03c18f010247843533812c25b47e9d2850dc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5a8e69b508492881ff238a6f5385be32e44e5595f128f2a04b06afd57cd90ef
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9
e68ea196c6d7b69c48c5731a36abe964bc8074d22513fc4ed1375546cde0491b
e77cc4874d6292405e71d9f40cda49f223ecc8885a81f1c29f09677fdc4479e3
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
eaf4072a538faf5ef9905376635ccacd8cff466648f4d1a77b76b487706131af
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
eb37eefd108395c9e1fdca9dd2b6460d1c0c14a05d391cee21c996ed04a1a67f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee0d4fbd2f57ab77dba75aa60696a37b1c0b193ef7ae8a7d659da998517d2d05
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef61de62bdd4d685961d0da741d164c50e531c9d98376158e47bb777363970f6
f1280d7300e9d4f9ceac67f4170998605c770d5397330e1e62c04084966057bd
f4c3d2ae0aa42ca94a4dc0e1640116bf41f42653d66db64fed3ff327703816a8
f5261e6b5b77b5291e0122f9f72c8be1e4d805eefb45bfc7d0f526315dc29ca6
f5547bf768c4023a796160344735f8e550d73990127162854df18f827e4ecd74
f737e6651d248592da0d73f4c4f6b68a5a10dc75bd006a58d5500a95ce90e977
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f824af6240aaa57ba4104f1969365afa9b6904544545284db4a7469e6a94768a
fc004a5916548471a7f8e72506f6176aa47886490cae8daa0c26bf99250c9b35
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff7044fa27e31cb0b9cbcca8afcb17757bdab2e6cdf225559d87ea5dfda369b1