urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-h...
Submission: On November 16 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 126 IPs in 15 countries across 118 domains to perform 596 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 99821.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
19 142.251.12.132 15169 (GOOGLE)
1 6 64.120.88.131 133752 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.200 4637 (ASN-TELST...)
19 104.26.2.91 13335 (CLOUDFLAR...)
29 142.251.12.155 15169 (GOOGLE)
2 69.16.175.42 20446 (STACKPATH...)
20 13.33.33.38 16509 (AMAZON-02)
14 172.217.194.154 15169 (GOOGLE)
2 74.125.200.97 15169 (GOOGLE)
3 74.125.24.102 15169 (GOOGLE)
2 34.95.67.231 396982 (GOOGLE-CL...)
9 203.75.214.136 3462 (HINET Dat...)
2 4 35.201.76.93 15169 (GOOGLE)
2 18.155.68.27 16509 (AMAZON-02)
6 142.250.4.155 15169 (GOOGLE)
1 74.125.68.94 15169 (GOOGLE)
7 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
2 18.179.87.8 16509 (AMAZON-02)
11 182.161.73.129 55569 (CRITEO-AS...)
3 9 74.125.24.156 15169 (GOOGLE)
4 7 103.229.10.180 16509 (AMAZON-02)
15 56 74.125.24.157 15169 (GOOGLE)
2 103.132.192.30 138552 (RTBHOUSE-...)
1 104.16.85.20 13335 (CLOUDFLAR...)
3 3.114.40.184 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
9 182.161.73.145 55569 (CRITEO-AS...)
16 54.228.225.243 16509 (AMAZON-02)
9 35.244.159.8 15169 (GOOGLE)
1 2 44.240.78.82 16509 (AMAZON-02)
8 11 68.67.181.211 29990 (ASN-APPNEX)
2 172.64.154.237 13335 (CLOUDFLAR...)
1 2 145.40.89.200 54825 (PACKET)
1 23.195.153.54 16625 (AKAMAI-AS)
1 35.213.117.18 15169 (GOOGLE)
1 34.107.148.139 396982 (GOOGLE-CL...)
6 32 139.99.49.250 16276 (OVH)
1 18.140.22.207 16509 (AMAZON-02)
4 210.59.219.181 3462 (HINET Dat...)
2 104.211.156.162 8075 (MICROSOFT...)
1 32 172.217.194.132 15169 (GOOGLE)
8 16 34.96.119.68 396982 (GOOGLE-CL...)
9 9 139.162.58.205 63949 (LINODE-AP...)
1 9 172.253.118.105 15169 (GOOGLE)
3 182.161.73.136 55569 (CRITEO-AS...)
18 19 52.223.40.198 16509 (AMAZON-02)
4 14 23.15.148.136 16625 (AKAMAI-AS)
1 151.101.65.108 54113 (FASTLY)
5 12 35.71.178.8 16509 (AMAZON-02)
11 23.195.152.23 16625 (AKAMAI-AS)
2 172.64.151.162 13335 (CLOUDFLAR...)
1 52.222.144.13 16509 (AMAZON-02)
4 4 50.116.239.135 6336 (TURN-US-ASN)
3 4 34.98.64.218 396982 (GOOGLE-CL...)
2 2 124.146.215.45 2514 (INFOSPHER...)
3 3 13.33.88.98 16509 (AMAZON-02)
3 8 104.18.33.19 13335 (CLOUDFLAR...)
1 13.33.33.43 16509 (AMAZON-02)
8 8 103.229.206.240 30419 (MEDIAMATH...)
1 3 69.173.144.165 26667 (RUBICONPR...)
9 15 69.173.158.64 26667 (RUBICONPR...)
1 3 23.106.127.53 59253 (LEASEWEB-...)
3 5 35.190.60.146 15169 (GOOGLE)
4 10 52.46.130.91 16509 (AMAZON-02)
8 12 67.199.150.82 3257 (GTT-BACKB...)
9 11 52.74.13.196 16509 (AMAZON-02)
17 19 35.213.12.39 15169 (GOOGLE)
2 2 198.8.71.130 54312 (ROCKETFUEL)
4 23.40.32.206 16625 (AKAMAI-AS)
16 17 74.118.186.44 26120 (RHYTHMONE)
1 21 54.238.120.71 16509 (AMAZON-02)
6 6 54.255.40.83 16509 (AMAZON-02)
1 3 182.161.73.146 55569 (CRITEO-AS...)
5 9 18.141.128.115 16509 (AMAZON-02)
1 54.199.9.21 16509 (AMAZON-02)
4 4 35.156.8.143 16509 (AMAZON-02)
2 3.228.33.18 14618 (AMAZON-AES)
2 3 13.107.42.14 8068 (MICROSOFT...)
1 3 104.18.102.194 13335 (CLOUDFLAR...)
2 2 35.213.93.179 15169 (GOOGLE)
1 13.107.21.200 8068 (MICROSOFT...)
2 3 54.239.38.253 16509 (AMAZON-02)
1 52.192.208.41 16509 (AMAZON-02)
2 7 23.106.127.52 59253 (LEASEWEB-...)
1 13.33.88.118 16509 (AMAZON-02)
2 2 209.191.163.210 32475 (SINGLEHOP...)
3 3 209.191.163.208 32475 (SINGLEHOP...)
1 1 72.34.250.75 27630 (AS-XFERNET)
1 37.157.4.23 198622 (ADFORM)
2 2 34.199.170.64 14618 (AMAZON-AES)
1 139.5.86.202 27381 (CASALE-MEDIA)
5 142.251.10.154 15169 (GOOGLE)
3 20.212.157.225 8075 (MICROSOFT...)
2 17 139.5.84.243 27381 (CASALE-MEDIA)
3 4 35.186.193.173 15169 (GOOGLE)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 104.18.36.94 13335 (CLOUDFLAR...)
6 6 68.67.179.153 29990 (ASN-APPNEX)
4 4 3.113.228.209 16509 (AMAZON-02)
1 1 185.183.112.148 60350 (VP)
2 52.76.242.203 16509 (AMAZON-02)
1 4 103.231.98.196 62713 (AS-PUBMATIC)
2 2 52.205.53.251 14618 (AMAZON-AES)
2 2 74.214.196.131 19189 (PULSEPOINT)
3 4 38.133.127.159 22075 (AS-OUTBRAIN)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 1 54.208.133.106 14618 (AMAZON-AES)
2 129.158.42.199 31898 (ORACLE-BM...)
2 38.91.45.7 398989 (DEEPINTENT)
4 4 13.229.175.198 16509 (AMAZON-02)
4 4 151.101.194.49 54113 (FASTLY)
2 2 23.106.69.72 59253 (LEASEWEB-...)
2 2 8.43.72.98 26667 (RUBICONPR...)
2 142.251.12.95 15169 (GOOGLE)
1 142.250.4.94 15169 (GOOGLE)
24 23.23.180.179 14618 (AMAZON-AES)
1 1 67.202.105.23 32748 (STEADFAST)
2 2 203.195.121.141 7979 (SERVERS-COM)
1 1 8.2.111.13 46636 (NATCOWEB)
1 1 52.74.74.2 16509 (AMAZON-02)
1 2 54.84.45.215 14618 (AMAZON-AES)
2 2 52.76.94.174 16509 (AMAZON-02)
1 1 8.2.110.134 46636 (NATCOWEB)
1 2 64.120.110.136 59253 (LEASEWEB-...)
4 5 185.84.60.23 198622 (ADFORM)
7 19 103.231.98.194 62713 (AS-PUBMATIC)
1 1 18.138.18.111 16509 (AMAZON-02)
1 202.131.200.84 17941 (BIT-ISLE ...)
1 13.115.132.235 16509 (AMAZON-02)
1 52.74.118.249 16509 (AMAZON-02)
1 2 104.18.24.173 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 35.214.223.115 15169 (GOOGLE)
1 1 107.178.254.65 15169 (GOOGLE)
4 67.199.150.85 62713 (AS-PUBMATIC)
2 2 35.230.38.116 396982 (GOOGLE-CL...)
3 3 35.227.202.26 15169 (GOOGLE)
3 4 107.178.244.193 15169 (GOOGLE)
1 1 18.155.68.41 16509 (AMAZON-02)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
2 2 89.207.22.73 41041 (VCLK-EU-SE)
1 1 162.254.186.187 33695 (SCALEMATRIX)
1 1 23.108.103.8 59253 (LEASEWEB-...)
1 23.108.101.160 59253 (LEASEWEB-...)
4 185.84.60.30 198622 (ADFORM)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
2 3 213.180.204.90 13238 (YANDEX)
3 3 35.186.253.211 15169 (GOOGLE)
1 1 64.202.112.95 22075 (AS-OUTBRAIN)
2 64.120.110.137 59253 (LEASEWEB-...)
1 4 18.210.87.63 14618 (AMAZON-AES)
2 198.206.157.241 399668 (E-PLANNING-)
1 167.88.158.176 30081 (CACHENETW...)
1 182.161.73.132 55569 (CRITEO-AS...)
2 74.125.200.94 15169 (GOOGLE)
6 185.84.60.57 198622 (ADFORM)
1 182.161.73.142 55569 (CRITEO-AS...)
1 51.15.145.115 12876 (Online SAS)
1 2 119.9.108.191 45187 (RACKSPACE...)
1 2 54.255.22.33 16509 (AMAZON-02)
1 1 139.162.40.113 63949 (LINODE-AP...)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 18.177.71.222 16509 (AMAZON-02)
1 184.28.235.208 20940 (AKAMAI-ASN1)
1 2 54.251.140.206 ()
596 126
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
19    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
cdn.ampproject.org
6a7a8693510e64688d1984e88de707c8.safeframe.googlesyndication.com
b4b0f54f3550d95550aa07e3c00ab93e.safeframe.googlesyndication.com
a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
6    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
ads.aralego.com
sync.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.200 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-200.pacnet.net
cdn.adpushup.com
19    104.26.2.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
29    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
pagead2.googlesyndication.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
20    13.33.33.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-38.sin2.r.cloudfront.net
cdn.holmesmind.com
14    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
securepubads.g.doubleclick.net
2    74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net
www.googletagmanager.com
3    74.125.24.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f102.1e100.net
www.google-analytics.com
2    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
9    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
4    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
2    18.155.68.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-27.sin52.r.cloudfront.net
adcdn.holmesmind.com
6    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
adservice.google.com
1    74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net
d-10192113413369493558.ampproject.net
7    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
2    18.179.87.8 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-87-8.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
11    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
9    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
partner.googleadservices.com
adservice.google.co.nz
7    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
56    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
adservice.google.co.nz
cm.g.doubleclick.net
googleads.g.doubleclick.net
2    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
1    104.16.85.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    3.114.40.184 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-40-184.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
9    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
16    54.228.225.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
ads.servenobid.com
9    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
2    44.240.78.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-78-82.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
11    68.67.181.211 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
2    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com
a.teads.tv
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
32    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
1    18.140.22.207 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-22-207.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
4    210.59.219.181 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
32    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
tpc.googlesyndication.com
16    34.96.119.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
9    139.162.58.205 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1471-205.members.linode.com
gocm.c.appier.net
9    172.253.118.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f105.1e100.net
www.google.com
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
19    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
14    23.15.148.136 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-148-136.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
12    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
11    23.195.152.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-23.deploy.static.akamaitechnologies.com
contextual.media.net
cs.media.net
2    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    52.222.144.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-144-13.mrs52.r.cloudfront.net
public.servenobid.com
4    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
u.openx.net
2    124.146.215.45 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    13.33.88.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-98.sin2.r.cloudfront.net
cr-p3.ladsp.com
cr-p1.ladsp.com
8    104.18.33.19 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    13.33.33.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-43.sin2.r.cloudfront.net
rules.quantcount.com
8    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
15    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    23.106.127.53 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
5    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
10    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
12    67.199.150.82 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
11    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
19    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    198.8.71.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    23.40.32.206 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-32-206.deploy.static.akamaitechnologies.com
ads.pubmatic.com
17    74.118.186.44 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
21    54.238.120.71 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
usersync.gumgum.com
6    54.255.40.83 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-40-83.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
3    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
9    18.141.128.115 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-128-115.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    54.199.9.21 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-9-21.ap-northeast-1.compute.amazonaws.com
sync.ad-stir.com
4    35.156.8.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-8-143.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    3.228.33.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-33-18.compute-1.amazonaws.com
cs.emxdgt.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    104.18.102.194 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    52.192.208.41 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-208-41.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
7    23.106.127.52 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
1    13.33.88.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-118.sin2.r.cloudfront.net
cs-rtb.minutemedia-prebid.com
2    209.191.163.210 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
3    209.191.163.208 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    72.34.250.75 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    34.199.170.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-170-64.compute-1.amazonaws.com
ssp.disqus.com
1    139.5.86.202 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a4732.casalemedia.com
5    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
www.googletagservices.com
3    20.212.157.225 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bi.adpushup.com
17    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
ipac.ctnsnet.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    104.18.36.94 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
6    68.67.179.153 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
4    3.113.228.209 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-228-209.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    52.76.242.203 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-242-203.ap-southeast-1.compute.amazonaws.com
d.adroll.com
4    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    52.205.53.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-53-251.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    38.133.127.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
sync.outbrain.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    54.208.133.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-133-106.compute-1.amazonaws.com
sync.ipredictive.com
2    129.158.42.199 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
4    13.229.175.198 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-175-198.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    23.106.69.72 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
2    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    142.251.12.95 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f95.1e100.net
fonts.googleapis.com
1    142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net
www.gstatic.com
24    23.23.180.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-180-179.compute-1.amazonaws.com
cs.minutemedia-prebid.com
1    67.202.105.23 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    203.195.121.141 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    8.2.111.13 (United States)

ASN46636 (NATCOWEB, US)
cs.iqzone.com
1    52.74.74.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-74-2.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
2    54.84.45.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-45-215.compute-1.amazonaws.com
sync.bfmio.com
2    52.76.94.174 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-94-174.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
2    64.120.110.136 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
5    185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
19    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
1    13.115.132.235 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-132-235.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
1    52.74.118.249 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-118-249.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
2    104.18.24.173 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
4    67.199.150.85 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    35.230.38.116 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com
um.simpli.fi
3    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
odr.mookie1.com
4    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
1    18.155.68.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-41.sin52.r.cloudfront.net
aa.agkn.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    89.207.22.73 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin01-usadmm-ds.dotomi.com
pubmatic-match.dotomi.com
1    162.254.186.187 (Escondido, United States)

ASN33695 (SCALEMATRIX, US)
PTR: www.abcbymebath.com
demand.trafficroots.com
1    23.108.103.8 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
inv-nets.admixer.net
1    23.108.101.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
b1-sindc1.zemanta.com
4    185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)
asia.adform.net
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
3    213.180.204.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    64.120.110.137 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: ads.us.e-planning.net
u-sin01.e-planning.net
4    18.210.87.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-87-63.compute-1.amazonaws.com
a.audrte.com
2    198.206.157.241 (New York, United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
1    167.88.158.176 (Singapore)

ASN30081 (CACHENETWORKS, US)
PTR: unknown.scnet.net
i.e-planning.net
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
2    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
fonts.gstatic.com
6    185.84.60.57 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
1    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    51.15.145.115 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-15-145-115.rev.poneytelecom.eu
js.cookieless-data.com
2    119.9.108.191 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
2    54.255.22.33 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-22-33.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
1    139.162.40.113 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1453-113.members.linode.com
a.c.appier.net
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    18.177.71.222 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-71-222.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    184.28.235.208 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-28-235-208.deploy.static.akamaitechnologies.com
code.createjs.com
2    54.251.140.206 (None, )

ASN- ()
ps.eyeota.net
Apex Domain
Subdomains		 Transfer
72 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
584 KB
65 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
6a7a8693510e64688d1984e88de707c8.safeframe.googlesyndication.com
b4b0f54f3550d95550aa07e3c00ab93e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
1 MB
43 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 561
ads.pubmatic.com — Cisco Umbrella Rank: 458
image6.pubmatic.com — Cisco Umbrella Rank: 662
simage2.pubmatic.com — Cisco Umbrella Rank: 671
image2.pubmatic.com — Cisco Umbrella Rank: 882
image4.pubmatic.com — Cisco Umbrella Rank: 822
simage4.pubmatic.com — Cisco Umbrella Rank: 1110
48 KB
38 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 922
fastlane.rubiconproject.com — Cisco Umbrella Rank: 439
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2024
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 861
token.rubiconproject.com — Cisco Umbrella Rank: 544
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 823
68 KB
32 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 723
16 KB
30 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 147046
fcm.holmesmind.com — Cisco Umbrella Rank: 161307
c.holmesmind.com — Cisco Umbrella Rank: 106536
adcdn.holmesmind.com — Cisco Umbrella Rank: 144780
ad.holmesmind.com — Cisco Umbrella Rank: 95735
111 KB
28 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 491
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
a4732.casalemedia.com — Cisco Umbrella Rank: 493827
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
26 KB
26 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 44139
gocm.c.appier.net — Cisco Umbrella Rank: 1971
a.c.appier.net — Cisco Umbrella Rank: 13802
5 KB
25 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 495495
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 5293
12 KB
22 gumgum.com
usersync.gumgum.com — Cisco Umbrella Rank: 1898
g2.gumgum.com — Cisco Umbrella Rank: 1324
7 KB
20 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
8 KB
20 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 899
x.bidswitch.net — Cisco Umbrella Rank: 281
9 KB
20 bg3.co
www.bg3.co — Cisco Umbrella Rank: 99821
static.bg3.co
15 KB
19 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
10 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
acdn.adnxs.com — Cisco Umbrella Rank: 579
secure.adnxs.com — Cisco Umbrella Rank: 426
33 KB
18 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 691
gum.criteo.com — Cisco Umbrella Rank: 390
dis.criteo.com — Cisco Umbrella Rank: 631
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 20361
ads.as.criteo.com — Cisco Umbrella Rank: 15481
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 16096
24 KB
18 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15170
e3.adpushup.com — Cisco Umbrella Rank: 16671
campaign.adpushup.com — Cisco Umbrella Rank: 29370
aplogger.adpushup.com — Cisco Umbrella Rank: 16187
bi.adpushup.com — Cisco Umbrella Rank: 17664
313 KB
17 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1592
public.servenobid.com — Cisco Umbrella Rank: 3158
10 KB
16 adform.net
cm.adform.net — Cisco Umbrella Rank: 1373
c1.adform.net — Cisco Umbrella Rank: 582
asia.adform.net — Cisco Umbrella Rank: 55856
s2.adform.net — Cisco Umbrella Rank: 5398
135 KB
16 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13712
u.openx.net — Cisco Umbrella Rank: 656
us-u.openx.net — Cisco Umbrella Rank: 407
jp-u.openx.net — Cisco Umbrella Rank: 10594
rtb.openx.net — Cisco Umbrella Rank: 1473
8 KB
15 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
4 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 353
325 KB
13 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915
8 KB
13 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 554
eb2.3lift.com — Cisco Umbrella Rank: 339
6 KB
12 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 519
7 KB
12 media.net
prebid.media.net — Cisco Umbrella Rank: 1201
contextual.media.net — Cisco Umbrella Rank: 535
cs.media.net — Cisco Umbrella Rank: 1349
17 KB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
csm.as.criteo.net — Cisco Umbrella Rank: 15767
392 KB
10 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1720
ssbsync.smartadserver.com — Cisco Umbrella Rank: 807
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 607
3 KB
9 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 84382
12 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
4 KB
7 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3402
u-sin01.e-planning.net — Cisco Umbrella Rank: 190448
s.e-planning.net — Cisco Umbrella Rank: 5574
i.e-planning.net — Cisco Umbrella Rank: 5645
5 KB
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 917
pixel.quantserve.com — Cisco Umbrella Rank: 664
cms.quantserve.com — Cisco Umbrella Rank: 615
12 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
4 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27807
sync.aralego.com — Cisco Umbrella Rank: 2762
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
237 KB
5 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 862
ap.lijit.com — Cisco Umbrella Rank: 599
3 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1004
2 KB
5 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 540
idsync.rlcdn.com — Cisco Umbrella Rank: 321
911 B
5 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18067
creativecdn.com — Cisco Umbrella Rank: 612
1 KB
5 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 150757
1 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1771
4 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 400
933 B
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 533
1 KB
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 645
1 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 774
1 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 465
2 KB
4 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 3066
ipac.ctnsnet.com — Cisco Umbrella Rank: 5115
1 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 865
3 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 708
2 KB
4 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 73497
1 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9020
46 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3438
1022 B
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 929
807 B
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
55 KB
3 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 471
597 B
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
1 KB
3 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25501
cr-p1.ladsp.com — Cisco Umbrella Rank: 118049
2 KB
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 587
cdn.indexww.com — Cisco Umbrella Rank: 1490
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
510 B
2 eyeota.net
ps.eyeota.net
2 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 714
855 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1134
1 KB
2 zemanta.com
b1-sindc1.zemanta.com — Cisco Umbrella Rank: 46844
b1sync.zemanta.com — Cisco Umbrella Rank: 531
690 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3009
744 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 752
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 745
s.tribalfusion.com — Cisco Umbrella Rank: 1840
1 KB
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 618
782 B
2 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1532
598 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1902
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
671 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 924
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 801
83 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1152
596 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 510
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 665
1 KB
2 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1431
361 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1589
577 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2194
970 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 942
133 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 695
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 883
2 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 881
790 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3711
visitor.omnitagjs.com — Cisco Umbrella Rank: 901
909 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
78 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 669
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 16217
10 KB
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1492
63 KB
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 16779
512 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 8225
540 B
1 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 5458
535 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2481
589 B
1 trafficroots.com
demand.trafficroots.com — Cisco Umbrella Rank: 3773
633 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3659
463 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 434
672 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 668
586 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 840
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5822
279 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1298
230 B
1 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 19687
220 B
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2606
243 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 25038
652 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 5153
573 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 498
238 B
1 iqzone.com
cs.iqzone.com — Cisco Umbrella Rank: 9134
577 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 874
500 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 830
465 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1358
705 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2180
419 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 857
655 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 241
668 B
1 ad-stir.com
sync.ad-stir.com — Cisco Umbrella Rank: 4457
450 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 847
633 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1371
502 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
2 KB
1 ampproject.net
d-10192113413369493558.ampproject.net
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
596 118
Domain Requested by
48 cm.g.doubleclick.net 18 redirects u.openx.net
onetag-sys.com
eb2.3lift.com
www.bg3.co
g2.gumgum.com
a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
32 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
32 onetag-sys.com 6 redirects cdn.adpushup.com
onetag-sys.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
29 pagead2.googlesyndication.com cdn.ampproject.org
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
cdn.adpushup.com
a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
24 cs.minutemedia-prebid.com cs-rtb.minutemedia-prebid.com
onetag-sys.com
eus.rubiconproject.com
ads.us.e-planning.net
ads.pubmatic.com
21 usersync.gumgum.com 1 redirects contextual.media.net
public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
20 cdn.holmesmind.com ads.aralego.com
cdn.holmesmind.com
ad.holmesmind.com
19 x.bidswitch.net 17 redirects onetag-sys.com
19 match.adsrvr.org 18 redirects cdn.adpushup.com
19 static.bg3.co www.bg3.co
17 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
16 ad2.apx.appier.net 8 redirects www.bg3.co
16 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
g2.gumgum.com
eus.rubiconproject.com
cs-rtb.minutemedia-prebid.com
ssbsync.smartadserver.com
ads.pubmatic.com
15 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
14 simage2.pubmatic.com 6 redirects ads.pubmatic.com
14 securepubads.g.doubleclick.net cdn.aralego.net
cdn.adpushup.com
securepubads.g.doubleclick.net
www.bg3.co
www.googletagservices.com
12 sync.1rx.io 12 redirects
12 image8.pubmatic.com 8 redirects onetag-sys.com
ads.pubmatic.com
12 eb2.3lift.com 5 redirects cdn.adpushup.com
eb2.3lift.com
11 ups.analytics.yahoo.com 9 redirects onetag-sys.com
11 pixel.rubiconproject.com 5 redirects onetag-sys.com
www.bg3.co
11 ib.adnxs.com 8 redirects cdn.adpushup.com
acdn.adnxs.com
11 static.criteo.net cdn.holmesmind.com
cdn.adpushup.com
static.criteo.net
ads.as.criteo.com
10 s.amazon-adsystem.com 4 redirects onetag-sys.com
eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
10 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
10 googleads.g.doubleclick.net cdn.ampproject.org
www.bg3.co
cdn.adpushup.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
9 pr-bh.ybp.yahoo.com 5 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
9 contextual.media.net cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
ads.pubmatic.com
9 www.google.com 1 redirects tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
9 gocm.c.appier.net 9 redirects
9 bidder.criteo.com cdn.adpushup.com
static.criteo.net
9 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
8 sync.mathtag.com 8 redirects
8 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
www.bg3.co
7 e3.adpushup.com www.bg3.co
6 s2.adform.net asia.adform.net
s2.adform.net
www.bg3.co
6 secure.adnxs.com 6 redirects
6 pm.w55c.net 6 redirects
6 adservice.google.com cdn.ampproject.org
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 image2.pubmatic.com 1 redirects ads.pubmatic.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 cms.quantserve.com 4 redirects a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
5 www.googletagservices.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
5 sync.targeting.unrulymedia.com 4 redirects ads.pubmatic.com
5 us-u.openx.net 2 redirects u.openx.net
5 adservice.google.co.nz securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 a.audrte.com 1 redirects ads.us.e-planning.net
a.audrte.com
cs-rtb.minutemedia-prebid.com
4 asia.adform.net googleads.g.doubleclick.net
s2.adform.net
4 rtb-csync.smartadserver.com ssbsync.smartadserver.com
4 pixel.tapad.com 3 redirects public.servenobid.com
4 sync-tm.everesttech.net 4 redirects
4 ad.360yield.com 4 redirects
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 match.prod.bidr.io 4 redirects
4 token.rubiconproject.com 4 redirects
4 rtb.mfadsrvr.com 4 redirects
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 secure-assets.rubiconproject.com 4 redirects
4 id.rlcdn.com 2 redirects onetag-sys.com
4 ad.turn.com 4 redirects
4 prebid.scupio.com cdn.holmesmind.com
4 adpushup-d.openx.net cdn.adpushup.com
4 c.holmesmind.com 2 redirects cdn.holmesmind.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 rtb.openx.net 3 redirects
3 an.yandex.ru 2 redirects www.bg3.co
3 odr.mookie1.com 3 redirects
3 ipac.ctnsnet.com 2 redirects ads.pubmatic.com
3 creativecdn.com 3 redirects
3 bi.adpushup.com www.bg3.co
3 ap.lijit.com 3 redirects
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 p.adsymptotic.com 1 redirects eb2.3lift.com
ads.pubmatic.com
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 dis.criteo.com 1 redirects contextual.media.net
ads.pubmatic.com
3 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
3 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 ps.eyeota.net 1 redirects cs-rtb.minutemedia-prebid.com
2 sync.crwdcntrl.net 1 redirects public.servenobid.com
2 uipglob.semasio.net 1 redirects public.servenobid.com
2 simage4.pubmatic.com ads.pubmatic.com
2 fonts.gstatic.com fonts.googleapis.com
2 s.e-planning.net ads.us.e-planning.net
2 u-sin01.e-planning.net ads.us.e-planning.net
2 pubmatic-match.dotomi.com 2 redirects
2 um.simpli.fi 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 ads.us.e-planning.net 1 redirects cs-rtb.minutemedia-prebid.com
2 ads.yieldmo.com 2 redirects
2 sync.bfmio.com 1 redirects cs-rtb.minutemedia-prebid.com
2 ads.betweendigital.com 2 redirects
2 fonts.googleapis.com a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
s2.adform.net
2 pixel-us-east.rubiconproject.com 2 redirects
2 partner.googleadservices.com pagead2.googlesyndication.com
2 gu.dyntrk.com 2 redirects
2 match.deepintent.com g2.gumgum.com
ads.pubmatic.com
2 sync.technoratimedia.com g2.gumgum.com
cs-rtb.minutemedia-prebid.com
2 bh.contextweb.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 d.adroll.com ssum-sec.casalemedia.com
2 ssp.disqus.com 2 redirects
2 ce.lijit.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 cs.media.net contextual.media.net
2 p.rfihub.com 2 redirects
2 a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 u.openx.net 1 redirects cdn.adpushup.com
2 js-sec.indexww.com cdn.adpushup.com
ssum-sec.casalemedia.com
2 aplogger.adpushup.com cdn.adpushup.com
2 prebid.a-mo.net 1 redirects cdn.adpushup.com
cs-rtb.minutemedia-prebid.com
2 htlb.casalemedia.com cdn.adpushup.com
2 prebid-asia.creativecdn.com cdn.holmesmind.com
2 ad.holmesmind.com cdn.holmesmind.com
2 adcdn.holmesmind.com cdn.holmesmind.com
2 fcm.holmesmind.com cdn.holmesmind.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 code.createjs.com s2.adform.net
1 ds.uncn.jp 1 redirects
1 dsp.adkernel.com 1 redirects
1 a.c.appier.net 1 redirects
1 js.cookieless-data.com s.e-planning.net
1 csm.as.criteo.net ads.as.criteo.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 i.e-planning.net ads.us.e-planning.net
1 b1sync.zemanta.com 1 redirects
1 cr-p1.ladsp.com 1 redirects
1 ads.as.criteo.com googleads.g.doubleclick.net
1 rtb.jp2.as.criteo.com www.bg3.co
1 b1-sindc1.zemanta.com www.bg3.co
1 inv-nets.admixer.net 1 redirects
1 demand.trafficroots.com 1 redirects
1 ads.playground.xyz 1 redirects
1 aa.agkn.com 1 redirects
1 pippio.com 1 redirects
1 idsync.rlcdn.com 1 redirects
1 csync.loopme.me ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 dps.jp.cinarra.com ads.pubmatic.com
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 cm.ambientdsp.com 1 redirects
1 cs.krushmedia.com 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 match.sharethrough.com 1 redirects
1 cs.iqzone.com 1 redirects
1 ssc-cms.33across.com 1 redirects
1 www.gstatic.com a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
1 sync.ipredictive.com 1 redirects
1 sync.adotmob.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 a4732.casalemedia.com cdn.adpushup.com
1 pixel.quantserve.com www.bg3.co
1 cm.adform.net public.servenobid.com
1 sync.go.sonobi.com 1 redirects cs-rtb.minutemedia-prebid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 sync.ad-stir.com contextual.media.net
1 rules.quantcount.com secure.quantserve.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 b4b0f54f3550d95550aa07e3c00ab93e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 6a7a8693510e64688d1984e88de707c8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.quantserve.com cdn.adpushup.com
1 campaign.adpushup.com www.bg3.co
1 d-10192113413369493558.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 cs.admanmedia.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 stags.bluekai.com Failed contextual.media.net
ssum-sec.casalemedia.com
g2.gumgum.com
596 194

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.google.co.nz
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-26 -
2023-10-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-01-15 -
2023-01-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2022-11-08 -
2023-12-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
ads.us.e-planning.net
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
cs.minutemedia-prebid.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-02-10		 3 months crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-30		 a year crt.sh

This page contains 100 frames:

Primary Page: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Frame ID: 7F07CD841DA3D618B3AD7B2A94058114
Requests: 101 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: A2F2CDD4525C1FF3C35D45C36E32306F
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: F80A360CB5BCED52C535FC6F132E3DED
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 019D0807A04D79FD31161A167D60424A
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 47A3EA9EFD5EBA1702551BDEBBF48B6A
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 2B9B2B1434467129BA0A6ECB64C9BA41
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: E2CC9561E02CB82A990EBFF4F0C48206
Requests: 25 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: C81DF90C14D8B42BD845E4EC241708A0
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 5DF5F5B699CC5F74F718812F39604529
Requests: 22 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 82B8C4374FE15FA95DB7F86EA1F68030
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: C8310CE7C1E06CF3B09102D477C6E987
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-322659510411454245&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3222&oid=2&is_amp=5&amp_v=2211042305000&d_imp=1&c=3870&ga_cid=amp-jsBsJgrUGeAZwKr_cIZSWw&ga_hid=3870&dt=1668614142706&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&bdt=4728&dtd=685&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: E43D24C8A4FA74F84093ACD174383CE5
Requests: 1 HTTP requests in this frame

Frame: https://6a7a8693510e64688d1984e88de707c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: FC8D2EAA9933F3B0F3E60424B5419CBD
Requests: 1 HTTP requests in this frame

Frame: https://b4b0f54f3550d95550aa07e3c00ab93e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: AAE513E45082C8DD88C4E6A74A7BA77E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 55FA7BF283EF4BB5FB43C431B57AA2B4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DDD026D803E4443AB3935CA7BFAB9903
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2001282012A7FC4EC22C5AE848A27D4D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 30BCB2F96C09C12276AD235E5F4FFF64
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 54B1D67082DDDB11474D2237B1C1D5EC
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D336575830F4F636A20831B3C1353973
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: ED579ADEB5AD9B4C58691147297A19D4
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 428278ABD6D99CB7B70FEAEF8ECEF5BD
Requests: 14 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 02C16010713C05FB6C3F51A66E227AE3
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 5D44520842B4AED3FC8F35F9D63EB647
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 943B2075950630F45C69D1F59DB9961B
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1668614145957
Frame ID: 8BF1C1312B7E18A1A821D3CAD1E80B0B
Requests: 14 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: C75BCBE80759E080F8A17B131AC5AAD7
Requests: 10 HTTP requests in this frame

Frame: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 67731C550CA10698CB60D3A469C4A7FE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 95CF936BF8432605E650398814686C2F
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 8F04F1949EC2C35F115FED5D2CFBEC0C
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 868223745D0336C9EC7F7A1CF3325D73
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3116157497443797000V10&type=rkt&refUrl=&vid=86141500903116157497443797000V10&ovsid=1973209966069815918
Frame ID: 182BE21FBA21F4936B56593047BE4821
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Frame ID: D9BA6BC4BBBC09007DA66D72F4F43C3F
Requests: 17 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 9345C8EB2A6D56B95A650765BF3572BE
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 00172B375DAF2089613EB1D3A403505B
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 93311EABE82CF759B3F620D4BF004A71
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 284F6B6D415A348CC4024DD3B89FB841
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 8EAB9A8D26002F591AD890E2F650AA9E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 3C5392DAEBF0073C93F3350ED09FB584
Requests: 6 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: ADEC71E4038B8DFFCFB66C9F0AFDA405
Requests: 27 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_ZZcM1kw4C6RerkUP-rmJI4YiXjiQfCNcJD_1Vb6-hsNQ8f2OGMDai3zEn9ST9vaaUlqgwhhdF8wkqKqDAY71gcQnSuFqD4_xvQLFmJIn7RRG3-q-l9OL25kqjtfRlcgPA2ngegArg6IcAZFVQl3qlG_6rB-doffgMFedmxtsmGC77UrhULGI9oTY8-lvfBKBV_VKeZudQIprk-Lf8PhgkX4OUBIATU5gu--m0u7LnFpsFXX5Vvh2Ca_20HeftdQGrxqDaLFeEMx1cEacGQ4mQ648j1xpaeGVeQLA99C3D9PJgIICc0i--0mT&sai=AMfl-YQp3tQVp4y4UGy_2qrUtz2eDwHVryl7swVLtGmN_0B7SiWWI5nPPHWwb2KPs5FcqiWUt7vcYlH44ao_GZgFTGuVCslr3LVH_C6DbAZ4Ae-Rijaz-0_PbbdnHPfUb340&sig=Cg0ArKJSzAxP9EkoMByeEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 63637E5044DAE322B26D967F76895FE8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.197&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&sub_client=bidder-693656&hl=en&aceid=MKwatACRbTQBDXg0AUZ8NAGafzQBvX80Aex_NAH2fzQBXoA0AXCANAHCgDQB14A0AeGANAHngDQB-oA0AQWBNAEPgTQBGYE0ARyBNAEfgTQBK4E0AUCBNAFPgTQBVIE0AVmBNAFlgTQBcIE0AXqBNAF7gTQBg4E0AYWBNAGJgTQBj4E0AZKBNAGYgTQBmYE0AZqBNAGmgTQBq4E0AbGBNAG1gTQBwYE0AcKBNAHNgTQB0YE0AdeBNAHagTQB34E0AUtzQQFTc0EBVXNBAVFG5gEBWA8CsB1cAgUfXAJHH1wCRTyqAug-qgInQqoCKEKqAitCqgIZTaoCr06qAg9WqgL9eKoCp4qqAoCbqgKBm6oCgpuqAhedqgKiqKoC6aiqArGrqgLkrKoClbGqAly2qgJ6uKoCuruqAjrZqgJO2aoCyOKqAqDlqgJd7qoCq_GqAm_4qgIl-6oCQvuqAq_8qgJMBKsCHgarAjkGqwLBB6sCowurAt8LqwLpC6sC6wurAsMMqwLjDasCHhCrAmMcqwJAH6sCqR-rAvUfqwIMI6sC1iOrAg4mqwJUKKsCXSirAvsrqwL-LqsC1zCrAvEwqwKLMqsC9DOrAm80qwJWNqsChTarAow2qwJBN6sCHjirAlI5qwJCOqsCZDqrApA6qwKVOqsCDTyrAiM8qwKePKsCojyrAu4-qwL3PqsCQT-rAn4_qwI3QKsCMEGrAjZBqwLIQasC9kGrAnlEqwJmRasCvkWrAtYmEAOaOvoD2jNMBdGGIwoUyPsSItb7Elre-xI9-PsSUfv7Ev4A_BLzAfwStgL8EqQE_BJcBfwS9gX8ElwG_BINCPwSvwj8EuwI_BIpCfwSeQn8ErgJ_BLcCfwS-lZrGlsAkinWzrUu&awbid_c=AKAmf-CqBTCbbrAp9TWWWmd8lOAK2LPD-AmSig8iGDTKI_d2_NOW61guiniwzEgxqETsb7dKZdD7h4MnchETKHH6pmU7HGDbz00D_hzwljSKfPNMdB8p5d0EmdBJkfv7BYsO6TnE9_tra6IGw2Ez1SBDMOz-V2MipWWBk1zAoWUUcbMKVyjdILw&awbid_d=AKAmf-Bb4a6GySqsB4bVwmfASbmpSBxxBWIVS43iFklivLJ9cH_KAI6RiILTSuAJZpOXVYzqTImP09-yxj7G-TDJhSN08QwJgrnBNu_h0nYYkCYTW6yxGISXSje4spaRDf1k-eGkTAUzQIrlqPHDnTqIUOGMGfrdVb_t3kivsERoje6y8LNYYG3M6yXbF9YndT8pKmoI6QhlWnV4Si49tXUdLuuyI47_BxBBfrb5hPNbpsFcL3Lea6eGxCK26T3lrzlROviQ92D9S2hYvqfHqTuHWZi9HsVbWSbfghCGNSDdOMzoytBMt-5Kmo6zPkMSIZ2hrIzQjM414Hxpjv3bS_pEJMFukMU5PhYCYLNuA5uHTEtmHmDpkwjginuifn1Ce91sIRAnmW607RBo7W_xSqhyBoXmQC5h6ktX00WyXfdhymcoggjr5IgYYjHbjKl8HuL34UvfUWPf7IeBCNoM6TgxI2Da3738YKMRGqDAL-rmsqfXNsfOYmggPFx9aIfAJm-1cMK4XIf2aYvw3yYh4GzLD52JYtUevP2ByztBhdFf3M6BhGUGkk1EER8mOvoi7VRDMxq_EdKcndEx0PtAT9ty2ZKOq10bXWAMJJ9_oDCd3R2pY6cimlYztwf80sh9yxFWs13x8lvebkKLvAFkZ6mV-OfBfaXOKBBsVj99aurRPIdzE_1R-1w&cid=CAQSGwDq26N9zUq-YYyzFkmGlToE7kGlU1IsaYvOqBgBIAo&exk=713857248&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&a_pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg
Frame ID: 6E6024535017ABC96C8BDE5BAA86E0D4
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: DDCD94E9385B213CDD3B1EED09404C34
Requests: 12 HTTP requests in this frame

Frame: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 36D5B9848B3E1645109DCBE5BB1413C8
Requests: 19 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Frame ID: E7EBB3EBA3B53138E9DEE0A564B4AECF
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: AD3E08BC1C43A14DBC7239E92580B38D
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=11fe43f3-fdaf-4e93-a99a-20f132d88aae
Frame ID: BFA3E9A5D97603D2EB0213DA751115F9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=0&gdpr_consent=
Frame ID: 477BB5FE79032B3210410C180F7C5B2F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y3UIBwAIIFR7WQAW&gdpr=0&gdpr_consent=&_test=Y3UIBwAIIFR7WQAW
Frame ID: 7ED4FDD93FAA56A5CF7CEB6DB0B7962F
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hNjM2Y2JlNy04Mjc5LTQ5NTgtYjg5MC1hYmUwZGJiZjFhNDk=&gdpr=0&gdpr_consent=
Frame ID: EA030368D2A61CC61470DC29CA0AD455
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 97A2784A7276A0AA9CD37D8AA082EBDC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y3UIB8Co8YkAAFKwnfYAAAAA
Frame ID: 703BF7AA20EB8C4299EE3824A1B0DC7E
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Frame ID: 75A0ED153157DB0B72DB0ECCD747F3C8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y3UIBqQdqjPD9BouCJPzsQAA%265332
Frame ID: A478CC2562E674A53213625F3557AD2F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=lUNiwk7HDFS1zHnbAq8u&pi=gumgum&tc=1
Frame ID: F488B9ED22BAAEB848EF676D717725DC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 3946A2AD5C483D527849734A579F4F01
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095027&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150350&bpp=13&bdt=393&idt=1001&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=2&ga_vid=1152364600.1668614150&ga_sid=1668614151&ga_hid=1706757183&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070923%2C44770880&oid=2&pvsid=4255099490561129&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.etkkt8rxbycr&fsb=1&dtd=1023
Frame ID: CB0390AAAB81F49B048BC0EB7EB3A273
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Frame ID: 265E8D270C45DC89547CB659F64C2F4C
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Frame ID: 654298D08E7444D6494E260C5C7894D9
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: 76CCEAD20CF93282ACF411583227E62D
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: F96E9D0AFC29B1B08BE741A06ED70D5F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 990AD0CABA46231F0FF4BEFD3033024C
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent=
Frame ID: A83362F4CE1F88F4F0F9490800158F83
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=0&gdpr_consent=
Frame ID: C17A19CF819EBD3713C80113DD7D88E1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
Frame ID: F9D916225065374DD6835BF7DCD4C6BF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
Frame ID: 078A09392AC9C117B1255E8BC8A86FD1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8kcuDvRMKQ3pF3xY_Bc0XaURLwvpTCEPoRepltCf
Frame ID: 4EDD8E329CC97E299D02986182794676
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
Frame ID: C4E428D9F7F6F903E9B2D4C7E5277C4A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 3526AB44C15E6B4947042D4965E42B1F
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 2007969DD341E9B02C1F7F6797443EA4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=qgkN3Z13Cr2A-srsBAh1Yw
Frame ID: 0A4B98A7036B013BD8E875BEFBC361D3
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 73391DE98C2B9D6EB8B31F7A8802EDE7
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 0B21E127C77E39BDFE7B5178687231F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2efa6d9d710d4719bfbe9d1fb3130b25
Frame ID: 83EDF96ED3D62AE75D6EEA355006C159
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=B9DA278A-8A84-4BF3-988A-978B8497E325
Frame ID: 74FD3DE6FCB140E067D273B922DD0DA6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:HCIqNVSG1OVkLt5&gdpr=0&gdpr_consent=
Frame ID: 1AF7A8DAB6897741511B79E4D0E973D0
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
Frame ID: 24EB158A909C3B105D80886E8D41BBE3
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 3A91B461276C4C0E9733C407D915AAC4
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 7486E24277BB51DB1F68E563DDBB24D0
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 0CBF30D75593282B6B91633EDC6DFB02
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: F675B0A3523B9DB957DB75CAED06D54D
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: BDBB9F30F665FA1B4AD43D1FB5D92646
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3116157497443797000V10&type=pba&refUrl=&vid=86141500903116157497443797000V10&ovsid=B9DA278A-8A84-4BF3-988A-978B8497E325
Frame ID: 4BEAD5B8DFF2B4E94AA0409363859CA2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8647F18F88D5EAF8EA7E0CCEECDB00E5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CEcfHBwh1Y8D_HoHovgTR5pjABP--iZltnZy51YoKwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBK4CT9Duy86SXnfGfmyBxh3T6bwbmL3_uPw3MHcKr0V8fuWYOwPOd32Sz0SJupghUxPZLOsMG8ShGOzQ5IgJdfOLEVaB78bKsW8gKLCyxn3wBUAaPfSF-JA2WHwI_ymjqlD_-1Fa2Zy9kMdeCLgjtAxVWb6g3VGWTp_lQjgmHvEz0VtNjbCCEUASzDCilmEWR8imB9-LEhAxU3n3t5L6D3GhSYxOR3lK6PMH2pSrmSMH1eEEyOxipQ1HpPtQYrpbwSB8ko5H4QPzaSfuHu_f7VfvbP5sKcFiOTNky5Yts8FsYm7ZNirVLGoxhzUnsteujkuhXhMnV_eSZiJeNO0xREsKOmqzWFemAt4abJy4heoQLvi1kEOoWkJwbubt08sZCEEu9QS-jKkkGfPObfQ6JdyABszoi6enmM30KKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=XILPsdhFPcc&uach_m=[UACH]&cid=CAQSOwDq26N9AmrM0d_otEJ_jio4_u_thRhDEr_vcea2UWtuaQflsYqgqBgDyM6yw62q16IGMs-jZBaNueuGGAEgEw
Frame ID: 234718281474C97368490AF3F3D17CE8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C42GGBwh1Y8rQKLWN9fwP5oOlgA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJqSn6p-K2mPqgDAaoEtAJP0Bw-0Pcli1B7XXAlB8oy6VYgHR5pc7wOKqUBVnR06Ix38_Vnv18ILgWNAzBrGF67BzdM_rvZ3KuYY3ZjCsm_5g6HCEYi2ueyb__h4bYyjkPRC3yPnB4eCnaF_oaU2A-uUVV2SQ_JJvxN789FmhuT9YOLfivXd8_f2B2ZKYL47bAZbAy-8_vnAVdzyep27Qr5cQ0-qWRkI2VQeTU9nVk9kVR1l4ThBVWmn__JWlMObnqbHdOjyeTJU3xZuVGzoY21TdFbNslwMmCA8Mm33Z7bnbITmYsozf2o2EHNiqk5RyKCHFl9FGpwN7PPFz-kUZlzZgRDXsbErOXw3mLE4Kq7qdOt94upRKoYMLYfjxw_0EEzl-0olIqIpQBScZYt8qZ8lmJcSNhPoS-2eSoiHNjpeZqYo4AG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=_mZNSARIWa0&uach_m=[UACH]&cid=CAQSOwDq26N97bIndMp5PXJBSdK5IS1ISUx0vzEr7-HHVnqKrp8XrTUd4kChIbOLAXwfRfaU7b6tShcNVfPzGAEgEw
Frame ID: 77BFC16616BB98C2D4B2E3AA6EBC5F03
Requests: 7 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3UIBwAKKEoJnUa1AAlB5rMIlUNxfCuAJbqaiQ&u=%7CT%2FaWT8rIpropSBH7062x2SgL1kVyo6Z%2FPVuPyjBqaP0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq9RW7f92aDsJAFO9dBzkeQNFN5BR1Vgob7TsNRk99YtT4vYtJqcLC1QOOC9LkMQtrjhZ5xxHggLOd3rCbHb_9BE87YmyL31r5U2YElwczLOxNVMmHIe0AXLXhzjX-51B-tU7oPRlMTmWqkE0qM97wnuKRy7tFOvxDEm8zxqRLyUvb2iI7iFBqvhIJdKRZFd0vLVGVAm4PcSdQ8I_YDHtuYRudTWmft6FPyroWx2kp8vjutolsg0GAVwtMiEXspNDgGIPQNqu2NmvxDITWGjJBQ_JDzLG5HoCkSdyb0Garp6R2nWK0-Yn7iJgdi_ssos8CDc-Fs1FNBrQslTVfVJCCTNveGZT3zmundlf0QNI0-OYXe7JlzqNmG0CDWd8MMtdd2M_8yXi1g037UzjlgsyiZP_VW8e7iVGyWe5C2lINATACTsbARTP0kQK-QY33dmWADqLcXaCFpQXxLZggqFZJQjnJLu-q7pBrBHcCAIopGe7H7uAXGhOA1cQ_xY45F_8uypByhPznq4BDgCDoks3_hxUXCdr_HrfB9wY_0Yc3nq4SCxHL8MV1eE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHFXEBwh1Y8rQKLWN9fwP5oOlgA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJqSn6p-K2mPqgDAaoEtwJP0Bw-0Pcli1B7XXAlB8oy6VYgHR5pc7wOKqUBVnR06Ix38_Vnv18ILgWNAzBrGF67BzdM_rvZ3KuYY3ZjCsm_5g6HCEYi2ueyb__h4bYyjkPRC3yPnB4eCnaF_oaU2A-uUVV2SQ_JJvxN789FmhuT9YOLfivXd8_f2B2ZKYL47bAZbAy-8_vnAVdzyep27Qr5cQ0-qWRkI2VQeTU9nVk9kVR1l4ThBVWmn__JWlMObnqbHdOjyeTJU3xZuVGzoY21TdFbNslwMmCA8Mm33Z7bnbITmYsozf2o2EHNiqk5RyKCHFl9FGpwN7PPFz-kUZlzZgRDXsbErOXw3mLE4Kq7qdOt94upRKoYMLYfjxx90mChciOh6nUB1J65Jwzu27J2AWhyUDDHUnkssJQ8MMAOkgvmXEPkGoAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2M-nfxe0udhxLEpg65e5sgBKftFQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 1E91604201A815CAD93717533BC0210A
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 595C24115241FC27FEA6548600BBF668
Requests: 9 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 39882E3CA6444C2867B0EADEA33DE8B1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 2BFF60EADAA7A19C784BEBDB1753D1F5
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: CF1322F585E1E049B0FAE68FE734DC68
Requests: 2 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21506&id=AOMZZHoP0mUaSIRU
Frame ID: 79393D2200C3BFA65C22E4A61C4ADB96
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 8DB9A3E8C2C3E5F3469DBDEBC0A56D61
Requests: 1 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21482&id=B9DA278A-8A84-4BF3-988A-978B8497E325
Frame ID: 34D6056AD0E33AD9E39C7C549D32642B
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
Frame ID: AF2BDCECFF65CA688C65FFE5CD37BABF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 097A2A1F97C8C330E80F76FCB3E9312B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 316FB8ABF0CF03CD46AD79C06F6584CC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A667918FF2F2AE3918702B5932E9CC70
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=B9DA278A-8A84-4BF3-988A-978B8497E325
Frame ID: 0295DC1D35EC03F3014EB6570F0D0A0E
Requests: 1 HTTP requests in this frame

Frame: https://s2.adform.net/Banners/Elements/Files/2111416/11240091/11240091.js?ADFassetID=11240091&bv=513
Frame ID: 537DFE0CF5ED6DA10CD5F06EBA7E0CC4
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

蔡宛珊認愛「臺灣女藝人老公」! 失婚1年淪小三…正宮林家璜FB狠打臉 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

596
Requests

69 %
HTTPS

0 %
IPv6

118
Domains

194
Subdomains

126
IPs

15
Countries

4069 kB
Transfer

9625 kB
Size

231
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Request Chain 57
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 59
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 146
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=CvmJ1HPTDmW7aavoBAh1Yw
Request Chain 147
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=WhXV3MXbDj6ds_uzBAh1Yw
Request Chain 148
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dng5u5JvCROM1F4_BAh1Yw
Request Chain 149
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=IApQied7CE6o5oAwBAh1Yw
Request Chain 150
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=xsH8QQ_6CU661UQiBAh1Yw
Request Chain 155
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=lqDE3o96B3u4-eGDBAh1Yw
Request Chain 162
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=jTv2CBnSAsm65ILQBAh1Yw
Request Chain 163
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=qgkN3Z13Cr2A-srsBAh1Yw
Request Chain 178
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 187
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3732945120016780590&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 188
  • https://match.adsrvr.org/track/cmf/openx?oxid=d1b42d14-f077-7797-da21-48f033f67b8a&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=d1b42d14-f077-7797-da21-48f033f67b8a&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=11fe43f3-fdaf-4e93-a99a-20f132d88aae&ttd_puid=d1b42d14-f077-7797-da21-48f033f67b8a&gdpr=0&gdpr_consent=
Request Chain 189
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y3UIBsCo8YkAAFKwndoAAAAA
Request Chain 190
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfHVCNw7kvEtks8ADv76RGwpcM8AAAGEgSdZZg
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOX409EBieF_pAjxKda-eJQ&google_cver=1
Request Chain 194
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 202
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=57866375-0806-4600-9887-67e19f4ea373&gdpr=1&gdpr_consent=
Request Chain 204
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2619822817631859109
Request Chain 206
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhIEnWCBxTHXplg0k6HrqErLYqHrY6OEoCg
Request Chain 208
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCIaQ1JsGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 209
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=_de8gIsRHuFd_pfGYDSOERxu3-VQR_fJHfhOVXbQf6Y
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJiiV_xra4XZZ2pe0JTGUGE&google_cver=1
Request Chain 213
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
Request Chain 218
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 219
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Drkt%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3116157497443797000V10&type=rkt&refUrl=&vid=86141500903116157497443797000V10&ovsid=1973209966069815918
Request Chain 221
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dapx%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3116157497443797000V10&type=apx&refUrl=&vid=86141500903116157497443797000V10&ovsid=2619822817631859109
Request Chain 222
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dopx%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3116157497443797000V10&type=opx&refUrl=&vid=86141500903116157497443797000V10&ovsid=1998448b-5b77-4d77-b96e-369e8119e956
Request Chain 223
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dmma%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3116157497443797000V10&type=mma&refUrl=&vid=86141500903116157497443797000V10&ovsid=98466375-0806-4f00-8e5d-7a4fc39ae493
Request Chain 224
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dr1%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dr1%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3D%5BRX_UUID%5D&cb=1668614150948 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6202773772 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/11fe43f3-fdaf-4e93-a99a-20f132d88aae HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzExNjE1NzQ5NzQ0Mzc5NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENhFZN186qflJV34LBaGWD8&google_cver=1
Request Chain 226
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Ddxu%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Ddxu%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3116157497443797000V10&type=dxu&refUrl=&vid=86141500903116157497443797000V10&ovsid=2U41HBD41OVkLs5
Request Chain 228
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171250450&expires=5 HTTP 302
  • https://sync.ad-stir.com/?symbol=BIDSWITCH&uid=705b2411-319c-4b14-a843-22ef020a85ca
Request Chain 229
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dzem%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=MsWwf8IHFHnZv0DRHR-J&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKNONLXOZRYJFEEMSDOLJ3DARCSJBJC2SRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4DMMJUGE2TAMBZGAZTCMJWGE2TONBZG42DIMZXHE3TAMBQKYYTAJTWONUWIPJTGEYTMMJVG42DSNZUGQZTOOJXGAYDAVRRGA
Request Chain 230
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3116157497443797000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3116157497443797000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=10bd117c-8581-4213-9501-2a374f797a90&cs=1
Request Chain 232
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=11fe43f3-fdaf-4e93-a99a-20f132d88aae
Request Chain 233
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&dongle=0cfd
Request Chain 234
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgyNDU1NTg2NTYwMTg0ODI1ODIwMQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBnoDnnaZoVkC_27qT-7U7k&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 236
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgyNDU1NTg2NTYwMTg0ODI1ODIwMQ%3D%3D
Request Chain 237
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3824555865601848258201&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3824555865601848258201&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a8ab257c-0f44-4d07-bbdc-d834e408ba20&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a8ab257c-0f44-4d07-bbdc-d834e408ba20&_noobservation=1&_expected_cookie=f07396575e40f920f1db22ee5985d64d
Request Chain 238
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3824555865601848258201&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=3824555865601848258201&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=04c0247e-e01b-4cc3-83cd-420f5cb029ca&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=705b2411-319c-4b14-a843-22ef020a85ca&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 239
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3824555865601848258201?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-yoRDJLxE2oRBn0OAXs2q7NWyWJO3Oi41p2qaBGLEng--~A&dongle=0883
Request Chain 240
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3824555865601848258201 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3824555865601848258201&dcc=t
Request Chain 242
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2619822817631859109&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 244
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=kN3qvAmMTZWrAhoz1Mu2kA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=kN3qvAmMTZWrAhoz1Mu2kA
Request Chain 245
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWY1OGU0MzRjMjcwODA2MjRhMmI3MzBhZjJjNzIwMGE5ZjQ5OTM0YQ
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKUUsxao3CrbgEzTxaIlVPA&google_cver=1
Request Chain 247
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAJTS2X6-O-7T07
Request Chain 248
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=&expires=30
Request Chain 249
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vRArkAYbT1qfJV-E-PoO4g&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vRArkAYbT1qfJV-E-PoO4g
Request Chain 250
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/zZA3qTSmdRRbRfMow9UTHQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5824054178760376436
Request Chain 251
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKVFMyWDYtTy03VDA3
Request Chain 259
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 262
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=2619822817631859109
Request Chain 263
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FqV7ERZH4bTf5-KeT3KD7DYS
Request Chain 264
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FqV7CLZHjqU-OgFCQc6Tkmfl
Request Chain 265
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1668614150948 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2767501738 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/11fe43f3-fdaf-4e93-a99a-20f132d88aae HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
Request Chain 266
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1975180290104658928
Request Chain 267
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=5184bf1c-c6e7-4bf4-ac4a-e0d1237018c7
Request Chain 268
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F36468%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dcc4de2f7-fe76-4125-8caa-605e758cd934%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 269
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A
Request Chain 270
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-d048e3e4-f726-324c-b4e7-cad8247aa29d
Request Chain 271
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBVb-kyyvWcaSJXcAmGSOhc&google_cver=1
Request Chain 283
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=11fe43f3-fdaf-4e93-a99a-20f132d88aae&expiration=1671206151&gdpr=0&gdpr_consent=
Request Chain 284
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3UIBqQdqjPD9BouCJPzsQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENJsNqQIz8BNySxSbuQOx1Q&google_cver=1
Request Chain 285
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB&dcc=t
Request Chain 286
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2efa6d9d710d4719bfbe9d1fb3130b25&expiration=1671206151
Request Chain 287
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB
Request Chain 288
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=QxzamAmPTWC3jVM_z9vS&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2ULYPJQW2QLNKBKFOQZTNJLE2X32HF3FG
Request Chain 289
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684252551&external_user_id=e2681fb2-698f-4fb6-8d88-fc0850f953e6
Request Chain 306
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2619822817631859109
Request Chain 307
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEhNU7G6hAAAB9n8RVSnQ&expiration=1669823752
Request Chain 308
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3732945120016780590
Request Chain 309
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=086122041975a554618cf97e&expiration=[EXPIRATION]
Request Chain 310
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3UIBqQdqjPD9BouCJPzsQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENJsNqQIz8BNySxSbuQOx1Q&google_cver=1
Request Chain 312
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=HCIqNVSG1OVkLt5
Request Chain 317
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhIEnXFxtaUk5vTXPzMn_E8EQf4T_YYidDQ
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJiiV_xra4XZZ2pe0JTGUGE&google_cver=1
Request Chain 320
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=0&gdpr_consent=
Request Chain 321
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LAJTS2X6-O-7T07&gdpr=0
Request Chain 322
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2619822817631859109
Request Chain 324
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=8311656690547555136
Request Chain 325
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=_de8gIsRHuFd_pfGYDSOERxu3-VQR_fJHfhOVXbQf6Y
Request Chain 326
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
Request Chain 327
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A
Request Chain 328
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
Request Chain 329
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=0&user_id=vMmZKbrCniqnmct_spmDeuufmCynwpYo75nVXR9U HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 341
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2619822817631859109
Request Chain 342
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_a636cbe7-8279-4958-b890-abe0dbbf1a49&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3D705b2411-319c-4b14-a843-22ef020a85ca HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=HCIqNVSG1OVkLt5&expires=30&ssp=gumgum2&bsw_param=705b2411-319c-4b14-a843-22ef020a85ca HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=705b2411-319c-4b14-a843-22ef020a85ca
Request Chain 343
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-188f12ba-dbfd-4929-63b3-9f0119446c8b$ip$116.90.74.197
Request Chain 344
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_a636cbe7-8279-4958-b890-abe0dbbf1a49&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=VxIyNl3vAOXIjjM_qlT5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VTYJF4U43BTOZAU6WCJNJVE2X3RNRKDKJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Request Chain 345
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6095151003 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/11fe43f3-fdaf-4e93-a99a-20f132d88aae HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
Request Chain 346
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=HdfX6VhaSwVQ&ev=1&pid=558355
Request Chain 347
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%285Wk5tO34SYujKQoTPcQttIMWAR3ddV9wyv3_2JnMi86VgXNUX3feGY0iszPRBZGz%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%285Wk5tO34SYujKQoTPcQttIMWAR3ddV9wyv3_2JnMi86VgXNUX3feGY0iszPRBZGz%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_a636cbe7-8279-4958-b890-abe0dbbf1a49&obuid=ENC(5Wk5tO34SYujKQoTPcQttIMWAR3ddV9wyv3_2JnMi86VgXNUX3feGY0iszPRBZGz) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=lUNiwk7HDFS1zHnbAq8u&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
Request Chain 348
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=26898964-d862-4fc1-bd5a-581dfba67acc
Request Chain 349
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Y3nN_MFE2pcMTwGfFFj938QYIgkRMr2NfoHh~A
Request Chain 350
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=921a6151-3110-4680-89a6-307395445772
Request Chain 353
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=0cd6dd90-289f-4e28-8225-ce4c1ecf1e22
Request Chain 354
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4594210909283810098
Request Chain 357
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=11fe43f3-fdaf-4e93-a99a-20f132d88aae
Request Chain 358
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=0&gdpr_consent=
Request Chain 359
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y3UIBwAIIFR7WQAW HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y3UIBwAIIFR7WQAW&gdpr=0&gdpr_consent=&_test=Y3UIBwAIIFR7WQAW
Request Chain 362
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y3UIB8Co8YkAAFKwnfYAAAAA
Request Chain 364
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y3UIBqQdqjPD9BouCJPzsQAA%265332
Request Chain 365
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=lUNiwk7HDFS1zHnbAq8u&pi=gumgum&tc=1
Request Chain 366
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 368
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2619822817631859109
Request Chain 369
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3732945120016780590
Request Chain 370
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=98466375-0806-4f00-8e5d-7a4fc39ae493
Request Chain 371
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBVb-kyyvWcaSJXcAmGSOhc&google_cver=1
Request Chain 372
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=ZcRZoWPPXqJ-lAv3a5RD8jKSWKR-z1agNpRyp3OI
Request Chain 374
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_63750807f3fd6&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63750807f3fd6
Request Chain 380
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LAJTS2X6-O-7T07 HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LAJTS2X6-O-7T07
Request Chain 381
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LAJTS2X6-O-7T07 HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAJTS2X6-O-7T07
Request Chain 396
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnhtPIdhDRBBiVATIIiDiTMPPfvFo HTTP 301
  • https://tpc.googlesyndication.com/simgad/6221982920796084867
Request Chain 401
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=f923dc9a-6567-4b89-a6ec-3fb9ed616181
Request Chain 402
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212030491315847
Request Chain 403
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=deb4ef0b-d43b-5440-948c-f28df7f9fa85
Request Chain 404
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-d048e3e4-f726-324c-b4e7-cad8247aa29d
Request Chain 406
  • https://cs.iqzone.com/3e1ed898b08f9e935ca99407796b46c0.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21508%26puid%3D[UID] HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21508&puid=854752fd-7b64-4b91-afd8-ee7fb5c719d7
Request Chain 408
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y3UIBqQdqjPD9BouCJPzsQAA%265332
Request Chain 409
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=3824555865601848258201
Request Chain 410
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F19789%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253Dcc4de2f7-fe76-4125-8caa-605e758cd934%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F19789%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dcc4de2f7-fe76-4125-8caa-605e758cd934%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3DB9DA278A-8A84-4BF3-988A-978B8497E325 HTTP 302
  • https://prebid.a-mo.net/cchain/0/19789?gdpr=&gdpr_consent=&us_privacy=&A=cc4de2f7-fe76-4125-8caa-605e758cd934&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=B9DA278A-8A84-4BF3-988A-978B8497E325 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F19789%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dcc4de2f7-fe76-4125-8caa-605e758cd934%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/2/19789?gdpr=&gdpr_consent=&us_privacy=&A=cc4de2f7-fe76-4125-8caa-605e758cd934&bidder=index_rtb&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=Y3UIBqQdqjPD9BouCJPzsQAA%265332 HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F19789%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dcc4de2f7-fe76-4125-8caa-605e758cd934%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/cchain/3/19789?gdpr=&gdpr_consent=&us_privacy=&A=cc4de2f7-fe76-4125-8caa-605e758cd934&bidder=triplelift&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=3824555865601848258201 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F19789%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dcc4de2f7-fe76-4125-8caa-605e758cd934%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/5/19789?gdpr=&gdpr_consent=&us_privacy=&A=cc4de2f7-fe76-4125-8caa-605e758cd934&bidder=appnexus&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=2619822817631859109 HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F6%2F19789%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dcc4de2f7-fe76-4125-8caa-605e758cd934%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/6/19789?gdpr=&gdpr_consent=&us_privacy=&A=cc4de2f7-fe76-4125-8caa-605e758cd934&bidder=zeta&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=ua-d048e3e4-f726-324c-b4e7-cad8247aa29d HTTP 302
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F19789%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dcc4de2f7-fe76-4125-8caa-605e758cd934%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/7/19789?gdpr=&gdpr_consent=&us_privacy=&A=cc4de2f7-fe76-4125-8caa-605e758cd934&bidder=sovrn&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=FqV7CLZHjqU-OgFCQc6Tkmfl
Request Chain 411
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=48edcf10-8fe5-48c3-a2b9-510773f5f16f
Request Chain 412
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=0cd6dd90-289f-4e28-8225-ce4c1ecf1e22
Request Chain 413
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=1486928c-dd63-4acc-9bc7-833b807b2d20&gdpr=0
Request Chain 414
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004&rndcb=1290774062 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=705b2411-319c-4b14-a843-22ef020a85ca&google_hm=NzA1YjI0MTEtMzE5Yy00YjE0LWE4NDMtMjJlZjAyMGE4NWNh HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENE0ZSlih2_0_Qtj-d71TSM&google_cver=1&ssp=adconductor&bsw_param=705b2411-319c-4b14-a843-22ef020a85ca HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/705b2411-319c-4b14-a843-22ef020a85ca?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
Request Chain 415
  • https://sync.bfmio.com/syncb?pid=186 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae
Request Chain 416
  • https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=HdfX6VhaSwVQ&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
Request Chain 417
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT] HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=4594210909283810098&gdpr=0&gdpr_consent=
Request Chain 419
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=B9DA278A-8A84-4BF3-988A-978B8497E325
Request Chain 420
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=b30aa90c280450af725a35668da26886
Request Chain 421
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A&gdpr=0&gdpr_consent=
Request Chain 422
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=ge2fd786148b14393a1b&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Request Chain 423
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=FqV7CLZHjqU-OgFCQc6Tkmfl
Request Chain 424
  • https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21501&puid=61fe60c6-fc2a-4731-8fdd-4a5bd65a6cdb
Request Chain 425
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=2619822817631859109
Request Chain 427
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Request Chain 429
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 431
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent=
Request Chain 432
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=0&gdpr_consent=
Request Chain 433
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y3UIBwAIIE57jAAW HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3UIBwAIIE57jAAW&gdpr=0&gdpr_consent=&_test=Y3UIBwAIIE57jAAW HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
Request Chain 434
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xu7mybg2wp1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
Request Chain 435
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8kcuDvRMKQ3pF3xY_Bc0XaURLwvpTCEPoRepltCf
Request Chain 436
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2619822817631859109&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
Request Chain 438
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eOQJjkANSEtOqZH-bP8om3RaSsU HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 439
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=qgkN3Z13Cr2A-srsBAh1Yw
Request Chain 442
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2efa6d9d710d4719bfbe9d1fb3130b25
Request Chain 444
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:HCIqNVSG1OVkLt5&gdpr=0&gdpr_consent=
Request Chain 445
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6324319043 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/11fe43f3-fdaf-4e93-a99a-20f132d88aae HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
Request Chain 447
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 452
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=udonioqES_OYipeLhJfjJQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 453
  • https://idsync.rlcdn.com/420486.gif?partner_uid=B9DA278A-8A84-4BF3-988A-978B8497E325 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8a192713d59282b76d7a0cb4ad339a5686352375c8caff40aebe1af83f26c670791426b5417dce21&_=2 HTTP 307
  • https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
Request Chain 454
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=98466375-0806-4f00-8e5d-7a4fc39ae493
Request Chain 455
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjlEQTI3OEEtOEE4NC00QkYzLTk4OEEtOTc4Qjg0OTdFMzI1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 456
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHm-udfz-8Bx-wXuBrZQYEo&google_cver=1
Request Chain 457
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E547AB7B174C4CEEB075D3465A32E5D7 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
Request Chain 459
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
Request Chain 460
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B9DA278A-8A84-4BF3-988A-978B8497E325&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7h8CPYhE2uXn32hd6D0XQXyPIKVmeBM-~A&gdpr=0&gdpr_consent=
Request Chain 461
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=705b2411-319c-4b14-a843-22ef020a85ca&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525334544038896284&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10525334544038896284&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=672e7c2f-6f33-41e2-a9f7-921b60972fc6&ssp=pubmatic&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10525334544038896284&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209510804337004603120&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10525334544038896284&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 462
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8442255637575501824
Request Chain 463
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2619822817631859109 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 464
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3732945120016780590&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 465
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=59e9d1c63e842266&is_secure=true&networkId=17100&version=1&nuid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMQiLXkAWVogM8IfPvAAAAAAA&expiration=1668700553&nuid=B9DA278A-8A84-4BF3-988A-978B8497E325&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 467
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=ce90507737&gdpr=0&gdpr_consent=
Request Chain 468
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=d76406e9-6013-4519-9243-ffa17fb64165&gdpr=0&gdpr_consent=
Request Chain 469
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dsmartadserver%26bsw_param%3D705b2411-319c-4b14-a843-22ef020a85ca%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=615cda2e756a42b0a3a43ad001103551&ssp=smartadserver&bsw_param=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&gdpr_consent=
Request Chain 470
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEhN07G6hAAAB9n8RVSnQ&gdpr=0
Request Chain 481
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 482
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhIEnX_ENGRaDJHkjd4O50XRejhQYSrlQ5g
Request Chain 484
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=46qQidORhfV6JbEkUQHEa_Zu23vExwvrtyHoIJYO6wE
Request Chain 486
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=1&gdpr_consent=
Request Chain 488
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2619822817631859109
Request Chain 492
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJiiV_xra4XZZ2pe0JTGUGE&google_cver=1
Request Chain 494
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
Request Chain 508
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=ASkJ3Fa-LYthhlzqMAD-fIj_N7v6u0peyvtGmjZUwqHiB2LN5aoTC0NH77-LTRO7Ubev7dKXuOdZgEjoYP3YSTbph4pEcxILe57nhN4bpzwAPR5AvAUHKk6DStTy-gbNsSnJTwTtKeShaXEeYBweJzrmCSQ&google_gid=CAESEHwqA_RDZ6arH8YWEwcV6Mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3Fa-LYthhlzqMAD-fIj_N7v6u0peyvtGmjZUwqHiB2LN5aoTC0NH77-LTRO7Ubev7dKXuOdZgEjoYP3YSTbph4pEcxILe57nhN4bpzwAPR5AvAUHKk6DStTy-gbNsSnJTwTtKeShaXEeYBweJzrmCSQ&google_hm=AZ9yX7jNRq94ks8ADv76RGwpcMA
Request Chain 509
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELgUJBQADQVj0iqjBPDCcyQ&google_cver=1&google_push=ASkJ3FaRJ-1iXqc9zCPar6eRScUaKvMGIcEtpq1jKA5J6CrTkLqbylM_hQhBLcJDJFnxqUIGvMN30UK49IXFQRd1CeQ0nx3UmmYuuCOk8jT4h2OKWRoexhHmUuKkw5bDQWtaYCdJSqkH1Lx8KQ6wYGk15j0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaRJ-1iXqc9zCPar6eRScUaKvMGIcEtpq1jKA5J6CrTkLqbylM_hQhBLcJDJFnxqUIGvMN30UK49IXFQRd1CeQ0nx3UmmYuuCOk8jT4h2OKWRoexhHmUuKkw5bDQWtaYCdJSqkH1Lx8KQ6wYGk15j0&google_hm=cFskETGcSxSoQyLvAgqFyg==
Request Chain 510
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELdrmG_SXp58ngf-9QbNnYM&google_cver=1&google_push=ASkJ3FbJJib4X6NWz5PWNOD26oq8WVy0Gfl98wSxtrM_HaG_Y-me9g7jZhn2cR0kqsva9QbiJhAkJ7DcwvpUUfjXcgcKa5XZHGFCgnRI_fQckGhuGjP5RLZH7l9RT29Cyg4aavr_57_vEIscJ9rb8dpgu98 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELdrmG_SXp58ngf-9QbNnYM&google_cver=1&google_push=ASkJ3FbJJib4X6NWz5PWNOD26oq8WVy0Gfl98wSxtrM_HaG_Y-me9g7jZhn2cR0kqsva9QbiJhAkJ7DcwvpUUfjXcgcKa5XZHGFCgnRI_fQckGhuGjP5RLZH7l9RT29Cyg4aavr_57_vEIscJ9rb8dpgu98 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA5OTk0MjU2MTc3NDI0MDIxOQ&google_push=ASkJ3FbJJib4X6NWz5PWNOD26oq8WVy0Gfl98wSxtrM_HaG_Y-me9g7jZhn2cR0kqsva9QbiJhAkJ7DcwvpUUfjXcgcKa5XZHGFCgnRI_fQckGhuGjP5RLZH7l9RT29Cyg4aavr_57_vEIscJ9rb8dpgu98
Request Chain 511
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOrLVcGCGrXsXFDd_g7_GV4&google_cver=1&google_push=ASkJ3FZWfscVvWrnxRids5cg0vLaQmD5p1hjFYf98ePzAQl7TWz-B5CEPsJi4yprYIVa--Y1YKiQNFGBhjEDTuSCZ5QAbM_EHDxerTiaWe-2MPa_lKEUGkE4Ja0b8_ILmzJP9hTkLsgz4vY3Mvyk188y3AE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKVFMyWDYtTy03VDA3&google_push=ASkJ3FZWfscVvWrnxRids5cg0vLaQmD5p1hjFYf98ePzAQl7TWz-B5CEPsJi4yprYIVa--Y1YKiQNFGBhjEDTuSCZ5QAbM_EHDxerTiaWe-2MPa_lKEUGkE4Ja0b8_ILmzJP9hTkLsgz4vY3Mvyk188y3AE
Request Chain 512
  • https://an.yandex.ru/mapuid/google/CAESEK4T3fPaQ309T5f9XBrtg3o?ext-param=ASkJ3FbN6UVynKUY1wu-ViPTZVGKsBrRpHn9pF0jK5dhXcZvJEN2oVA4Jtulh-iXIm_ZUprEe3VMwa5kTmodrhHWhut-AARHAEpkm7IfVWjHZBb3iqogbrv-6iIEjWLYkzVC3QNIBwfE8PCskarFy07xrKg&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEK4T3fPaQ309T5f9XBrtg3o?redir-setuniq=1&ext-param=ASkJ3FbN6UVynKUY1wu-ViPTZVGKsBrRpHn9pF0jK5dhXcZvJEN2oVA4Jtulh-iXIm_ZUprEe3VMwa5kTmodrhHWhut-AARHAEpkm7IfVWjHZBb3iqogbrv-6iIEjWLYkzVC3QNIBwfE8PCskarFy07xrKg&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEK4T3fPaQ309T5f9XBrtg3o&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 513
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJiW2SeJuNExUOFyeekRd64&google_cver=1&google_push=ASkJ3Fbio9je5FbzgB5gHACB7rduhHaF4Dv0TLr1WH8i6OcZB_wbXA7dhVSNV8xkTrAi4kHDF4ylR-8izOTjyZqIZiUnTxhnii1NF4_Td9pxyurXjlFBDYA_JZIdJpCiQxe8FMW0HVT70g9NDgF36icLNiU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjYxOTgyMjgxNzYzMTg1OTEwOQ%3D%3D&google_gid=CAESEJiW2SeJuNExUOFyeekRd64&google_cver=1&google_push=ASkJ3Fbio9je5FbzgB5gHACB7rduhHaF4Dv0TLr1WH8i6OcZB_wbXA7dhVSNV8xkTrAi4kHDF4ylR-8izOTjyZqIZiUnTxhnii1NF4_Td9pxyurXjlFBDYA_JZIdJpCiQxe8FMW0HVT70g9NDgF36icLNiU
Request Chain 515
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LAJTS2X6-O-7T07 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LAJTS2X6-O-7T07
Request Chain 516
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOYTXF36AJv_pvMOu2fmdOM&google_cver=1&google_push=ASkJ3FYbt1S8sfcyD6YNkUsCpcUDBHauGVebaHMwG7rj3prYi-EXwLwU16YqKisiP_u6M0TeOgRjybW1YusdkubqvbpG-XMFzOmkzCP1sF3uSyi62NMBtOjt_1LH90aNs1piUuf4ZP0-vT7Etp_h7RvVqNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FYbt1S8sfcyD6YNkUsCpcUDBHauGVebaHMwG7rj3prYi-EXwLwU16YqKisiP_u6M0TeOgRjybW1YusdkubqvbpG-XMFzOmkzCP1sF3uSyi62NMBtOjt_1LH90aNs1piUuf4ZP0-vT7Etp_h7RvVqNw&google_hm=5GJ6CM65pnJEXa5kiw5qQA
Request Chain 517
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEEQyoKeKr5ldmDCznCiOXBg&google_cver=1&google_push=ASkJ3FYECpq3f2i4daxAXXfoMs0eDF-k1t5XlLWf1N1ccYoeeHe2rM62Dyk2l6bScWpAyy0MN8AwAPldMj0WLXie4k-aBsnGVOqk437WZzh1XwIVEP7waEkSu2g2y7wFybHRqtHWvUPjoLs4UR3QeMQGvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FYECpq3f2i4daxAXXfoMs0eDF-k1t5XlLWf1N1ccYoeeHe2rM62Dyk2l6bScWpAyy0MN8AwAPldMj0WLXie4k-aBsnGVOqk437WZzh1XwIVEP7waEkSu2g2y7wFybHRqtHWvUPjoLs4UR3QeMQGvA&google_hm=LvptnXENRxm_vp0fsxMLJcU
Request Chain 518
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOOYIX5mdZNZPMSbONiLpTs&google_cver=1&google_push=ASkJ3FYQcOsGkE5CNN4-bA2DjNve4tG8Q8XGM7DiKoGzWjDCwlBvgKQrbc0VKJqtPhRIPSiQg5t1DHa50N8DcFKfora7bLJvQWmVt6xtjqSzmRLfl-yLuxPU0f9tpibpS8Pe7GR1cv7b2tN7SPGqpVrHPw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYQcOsGkE5CNN4-bA2DjNve4tG8Q8XGM7DiKoGzWjDCwlBvgKQrbc0VKJqtPhRIPSiQg5t1DHa50N8DcFKfora7bLJvQWmVt6xtjqSzmRLfl-yLuxPU0f9tpibpS8Pe7GR1cv7b2tN7SPGqpVrHPw&google_hm=NTgyNDA1NDE3ODc2MDM3NjQzNg%3D%3D
Request Chain 519
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPZLkrtwYZJY8e3MmK7VZvE&google_cver=1&google_push=ASkJ3FbJVH0cIEfEGy0faiddR3JsQHeS72NcBZzfuEWgRCuuHstAckGP5-g23gWr8q0g1f-2yiFOr9DXdfxuG0JF6HcwG8XJudwVLV2ZHv5wM5SR3s5gjz4hh4fRPaUZNodnHiDsIs6LoStXxLCaBpnm2TI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbJVH0cIEfEGy0faiddR3JsQHeS72NcBZzfuEWgRCuuHstAckGP5-g23gWr8q0g1f-2yiFOr9DXdfxuG0JF6HcwG8XJudwVLV2ZHv5wM5SR3s5gjz4hh4fRPaUZNodnHiDsIs6LoStXxLCaBpnm2TI&google_hm=DuKnKFnxzrk8VQRH4O9BMA==
Request Chain 520
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEL3iywBimSG3dJp2ngpVNVY&google_cver=1&google_push=ASkJ3FaSJs54lhYlGIc_-NR03htMYwXUi-Q5Ei0Pld4yoyy4nPLpHHGD4rAprj3CsvvlOR38baLVASJWqME1QS8rjGdJ3couduF5Ge9k_6ZGRm0Ge5zO9qoxx2V3M6UrOgNMANToQ4DguiGJBvEEjLNXcec HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FaSJs54lhYlGIc_-NR03htMYwXUi-Q5Ei0Pld4yoyy4nPLpHHGD4rAprj3CsvvlOR38baLVASJWqME1QS8rjGdJ3couduF5Ge9k_6ZGRm0Ge5zO9qoxx2V3M6UrOgNMANToQ4DguiGJBvEEjLNXcec&google_hm=VnhJeU5sM3ZBT1hJampNX3FsVDU=
Request Chain 521
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP-go065e8e4whVGFxwpKhk&google_cver=1&google_push=ASkJ3FYtFO1mh1SzcfOI17w4RR8R_zuqlDnjfq_Ib95hNMA85vY2F9uLyVzgxRonfQl8KYHLlTMou5Uuz6PG8SxQqkbs45vz8pDiKgBilau3IXxI8-XdEjcltIAepMM3zfzxRoPjoTiqEJzTETMX46XXmA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=udonioqES_OYipeLhJfjJQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYtFO1mh1SzcfOI17w4RR8R_zuqlDnjfq_Ib95hNMA85vY2F9uLyVzgxRonfQl8KYHLlTMou5Uuz6PG8SxQqkbs45vz8pDiKgBilau3IXxI8-XdEjcltIAepMM3zfzxRoPjoTiqEJzTETMX46XXmA
Request Chain 522
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEP2CI5erNsghygCFIOgHDXA&google_cver=1&google_push=ASkJ3Fb0_7Cjgipt_8VsqGHqP1rdfxRvzaHay1WTdTVrCATtDjvfbl6BGKaY19KpLpz5DcsAfdCKYkv1Er64wVC4ZlkTcKrgpgmnCE9hjgliX07uOMv0rHs1MvgkPn8cFz0trmQPh3Alr4YCuT6TLfOA1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3Fb0_7Cjgipt_8VsqGHqP1rdfxRvzaHay1WTdTVrCATtDjvfbl6BGKaY19KpLpz5DcsAfdCKYkv1Er64wVC4ZlkTcKrgpgmnCE9hjgliX07uOMv0rHs1MvgkPn8cFz0trmQPh3Alr4YCuT6TLfOA1A&google_hm=Z2UyZmQ3ODYxNDhiMTQzOTNhMWI=
Request Chain 524
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LAJTS2X6-O-7T07 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LAJTS2X6-O-7T07
Request Chain 526
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3De9d1b7ccc2fd8d4d%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e9d1b7ccc2fd8d4d&uid=e86aa2db-49e8-447e-b1ad-88e5b2adb907
Request Chain 528
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3De9d1b7ccc2fd8d4d%26uid%3D%24UID HTTP 302
  • https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=e9d1b7ccc2fd8d4d&uid=2619822817631859109
Request Chain 556
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E547AB7B174C4CEEB075D3465A32E5D7&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=B9DA278A-8A84-4BF3-988A-978B8497E325
Request Chain 558
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B9DA278A-8A84-4BF3-988A-978B8497E325&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B9DA278A-8A84-4BF3-988A-978B8497E325&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 559
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent=&ct=y
Request Chain 560
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=B9DA278A-8A84-4BF3-988A-978B8497E325 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=672e7c2f-6f33-41e2-a9f7-921b60972fc6%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=11fe43f3-fdaf-4e93-a99a-20f132d88aae&ttd_puid=672e7c2f-6f33-41e2-a9f7-921b60972fc6%2C
Request Chain 567
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFtou_i2eTBgApv7waFyiPE&google_cver=1&google_push=ASkJ3FaXUlY714mLP0kym_QQjRyOyveR40k3GcAuToB7opRGL9GQrI2PtiX0XGXceIWpH1B3FyVwRUKvtDW7DNa3UIikUNSjTaM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTFmZTQzZjMtZmRhZi00ZTkzLWE5OWEtMjBmMTMyZDg4YWFl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=11fe43f3-fdaf-4e93-a99a-20f132d88aae
Request Chain 568
  • https://a.c.appier.net/gcm?google_gid=CAESEJR2dA5uZbkxgdoHtrQYFfA&google_cver=1&google_push=ASkJ3FYlsTU7G0lkKnF-uQXx1B2O42JC5sFveelNLonCMgRBDTkZQzPpwdy3g9J6fRDZeB3OF90Df3lzYs1Xn1AKInjbd-eUquTj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cWdrTjNaMTNDcjJBLXNyc0JBaDFZdw%3D%3D&google_push=ASkJ3FYlsTU7G0lkKnF-uQXx1B2O42JC5sFveelNLonCMgRBDTkZQzPpwdy3g9J6fRDZeB3OF90Df3lzYs1Xn1AKInjbd-eUquTj
Request Chain 569
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPZLkrtwYZJY8e3MmK7VZvE&google_cver=1&google_push=ASkJ3FZpnENpGa5HsCv4i6axcr9Ur-v-tltDtPxX_4CAa2xOUT5JRs5EIhEyQgiuqeicg_jj4_btw2s8lUQzco4FC9leNfBGteOc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FZpnENpGa5HsCv4i6axcr9Ur-v-tltDtPxX_4CAa2xOUT5JRs5EIhEyQgiuqeicg_jj4_btw2s8lUQzco4FC9leNfBGteOc&google_hm=DuKnKFnxzrk8VQRH4O9BMA==
Request Chain 570
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEN_IqjfskY-KO4DqBUMtxy0&google_cver=1&google_push=ASkJ3FZEACLQrcxXe2UIEXU7l0IMUcGFMMg7sKnP480wuYPDd1UZUwUkGPXehfiJ2cJDVhU1ZSIwsfyt9Ue7m5m15EFF6Yiwq26w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTgzNDkzMTk0MzgyNDMzNjQxMTU&google_push=ASkJ3FZEACLQrcxXe2UIEXU7l0IMUcGFMMg7sKnP480wuYPDd1UZUwUkGPXehfiJ2cJDVhU1ZSIwsfyt9Ue7m5m15EFF6Yiwq26w
Request Chain 571
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESELwwdzH1sra3Q4UowpbuJnU&google_cver=1&google_push=ASkJ3FbPDayDZ31_um8YSp1Pvof3nZVfEmuVPlFgYXWDiyyiIOaGCFM2G24FIrKgJTjE7m-Gj6hvBVqnoP94P8_aXWww05l3xc0Z HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FbPDayDZ31_um8YSp1Pvof3nZVfEmuVPlFgYXWDiyyiIOaGCFM2G24FIrKgJTjE7m-Gj6hvBVqnoP94P8_aXWww05l3xc0Z&google_hm=AecTCrgKb0nHugQL8w6d0XI
Request Chain 572
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKaLAWuFzucV-jMxCScGRss&google_cver=1&google_push=ASkJ3FZYKx9FVWb6MmRAKytMfArsEMGY9buxHzh6AHHKg7pMyFp5TC2hYy4zlmoJx3g5_q_JyT4L2QveUQhsqUO3Naji5w5AETa3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgyNDU1NTg2NTYwMTg0ODI1ODIwMQ%3D%3D&google_push=ASkJ3FZYKx9FVWb6MmRAKytMfArsEMGY9buxHzh6AHHKg7pMyFp5TC2hYy4zlmoJx3g5_q_JyT4L2QveUQhsqUO3Naji5w5AETa3
Request Chain 573
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEchoPkE_N6QL8cwhackGEA&google_cver=1&google_push=ASkJ3FZ8OiEVifiVCBjBIl8biwqYIiOW6RomgAK0Bdz8bUp14TtOgTE50poQlNE89Wy-lYt7D-ZVViiBtevlz6DgK1t2Lwdu7mkFIg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BVHV6bkdoRTJ1SFY0T09wQTFaeUl3QjdNRFV5Qm5sMX5B&google_push=ASkJ3FZ8OiEVifiVCBjBIl8biwqYIiOW6RomgAK0Bdz8bUp14TtOgTE50poQlNE89Wy-lYt7D-ZVViiBtevlz6DgK1t2Lwdu7mkFIg
Request Chain 594
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=d02jPelTCeJSSO9r28eX0mUSw&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=d02jPelTCeJSSO9r28eX0mUSw&gdpr=0&gdpr_consent=
Request Chain 595
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d02jPelTCeJSSO9r28eX0mUSw&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d02jPelTCeJSSO9r28eX0mUSw&gdpr=0&gdpr_consent=&google_gid=CAESEJlFliqOWn8ISt9KMss4qkM&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 596
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8442255637575501824 HTTP 302
  • https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D{PUB_USER_ID}%26p%3D560038091 HTTP 302
  • https://a.audrte.com/match?uid=0cd6dd90-289f-4e28-8225-ce4c1ecf1e22&p=560038091

596 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
www.bg3.co/a/ 		52 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4e4d7c43af356b9ba3a6a83a3e0b1842cb0d742a976c4fc46061b923c9774063

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Nov 2022 15:55:37 GMT
ETag
"cf12-l0maGgJ/OQ4uIMPs74VUzYs+3qM"
Expires
Wed, 16 Nov 2022 16:55:37 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
1d06186935333e9e0054906d58a51794a743376d1b71dc55df78e65debcc9820
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 16 Nov 2022 15:55:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72561
x-xss-protection
0
server
sffe
etag
"8982a451fc00c1b3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Nov 2022 15:55:38 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
0535100df27c6d49a6d1c06b7f98455bf0cdef6ae63c4c168b5cf1f170c14c51
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 16 Nov 2022 15:55:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9664
x-xss-protection
0
server
sffe
etag
"6079829c87823654"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Nov 2022 15:55:38 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
2c71445ec9538a4d031b32ba0f044ae793aac625896846f838f9c8abace99c08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 16 Nov 2022 15:55:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7578
x-xss-protection
0
server
sffe
etag
"1ef491f2ce412f6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Nov 2022 15:55:38 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
878674d3e2986e2a0da06a414498ebe39c165c2e22624600ee179ec9df149105
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 16 Nov 2022 15:55:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31953
x-xss-protection
0
server
sffe
etag
"eddf6e9f984d26cc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Nov 2022 15:55:40 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-hk/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
44 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:39 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Nov 2022 08:36:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6374a0f6-ae16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPr2EAKEZepVeOquRlheZ0Pz22dmrBdY8EuvWmuc0daNrh1YVCl%2FSUGe7%2Bfa6WkiJgBR28efAGSLGtGqIr55L71%2BFc4oTgBc7tl8Dy9ln5SFmQaVyFFKCCwT4kIdnQyURQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76b16983e935a81d-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44566

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 16 Nov 2022 15:55:39 GMT
content-encoding
br
last-modified
Wed, 16 Nov 2022 07:00:37 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=108
x-cf-geodata
NZ
content-length
9035
expires
Wed, 16 Nov 2022 16:55:39 GMT
adpushup.js
cdn.adpushup.com/42753/ 		867 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
0e74fbb4c49a44d222a938012bf4284b6f9484ceb05c828d39b7c84828f1629e

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 16 Nov 2022 15:55:39 GMT
content-encoding
br
last-modified
Thu, 03 Nov 2022 17:05:29 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=4
x-cf-geodata
NZ
content-length
194623
expires
Wed, 16 Nov 2022 16:55:39 GMT
0f6b0cefd67b99648cb2fb5e0b9fe476.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/0f6b0cefd67b99648cb2fb5e0b9fe476.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
568f6fead4a24e80aad1469800d338b0.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/568f6fead4a24e80aad1469800d338b0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8020d208ff4fa0f711d62222402ae6d9.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8020d208ff4fa0f711d62222402ae6d9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
86eb2b9ea615508cb1902a091e573f4f.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/86eb2b9ea615508cb1902a091e573f4f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
12c303634911794c0d34619f4ceae117.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/12c303634911794c0d34619f4ceae117.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
889c303b7cac01cdd3166e8666685a04.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/889c303b7cac01cdd3166e8666685a04.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
dbeae2cc8ff77a4df58693e499dd6be7.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/dbeae2cc8ff77a4df58693e499dd6be7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
fdcb6de7abb68d73e5ef7ef166901526.jpg
static.bg3.co/imgs/202203/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202203/fdcb6de7abb68d73e5ef7ef166901526.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
10cb73f437d105af34fd5211a49be6c1.jpg
static.bg3.co/imgs/202109/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202109/10cb73f437d105af34fd5211a49be6c1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4c2dc9b74a6bf183a8ee724dcd1c933d.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4c2dc9b74a6bf183a8ee724dcd1c933d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
663c9b2170f04869eecc64d5ac21cd51.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/663c9b2170f04869eecc64d5ac21cd51.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
938ca530357663fd5f753c634291cf40.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/938ca530357663fd5f753c634291cf40.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
5085a289c5087b4a93838e6a68eb3674.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5085a289c5087b4a93838e6a68eb3674.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
b0f89624de2bfaa72aea9c034e64dde3.jpg
static.bg3.co/imgs/202201/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202201/b0f89624de2bfaa72aea9c034e64dde3.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
39fe0591dea0f33e8d67c6ad9cf97f00.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/39fe0591dea0f33e8d67c6ad9cf97f00.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8b24d24bb9f71c84c9042ed7f86650d2.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8b24d24bb9f71c84c9042ed7f86650d2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f2049ca218c884f97a361b573e4d948e.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/f2049ca218c884f97a361b573e4d948e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
2ae423166fc2f34f8bc33e35f00787bb.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/2ae423166fc2f34f8bc33e35f00787bb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6c952786f70f004dff820f6f33a45a19.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/6c952786f70f004dff820f6f33a45a19.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
9367980d1a2a729754c9a6777d7236e9d49c662a197f00e210ba276d7e0aa6ac
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:01:46 GMT
age
71635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2991
x-xss-protection
0
server
sffe
etag
"413d5b5eb26df1c9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:01:46 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
e005bd498c71a1e59de4a20aec621c9a51451e498778fb049957e17fca316f8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:01:46 GMT
age
71635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23066
x-xss-protection
0
server
sffe
etag
"1b79e24071ca714c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:01:46 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		5 KB
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
839ae361d476afc38b42db367a9d014371e2eb9bd444cb089608b0de69cf1dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
529
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
3e76fa5f8f7b53855ef3a64bb458a6ff4a09da9a814e81d844c973008139f527
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:01:46 GMT
age
71635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3936
x-xss-protection
0
server
sffe
etag
"2e876f41249f1a45"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:01:46 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:42 GMT
content-encoding
gzip
x-sp-metadata
HS256.CI6s1JsGEogBCiQ5Yjg4ZmQ5My1mMzAxLTQ4YTAtYjdhNy02YTk1MTY4NDEyZmQQ6JCNkN3O+gIaBgj+j9SbBiINMTE2LjkwLjc0LjE5Nyi2xAIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDgzNmEzZjYzLTkxZjMtNGFhZC04ZGQ0LTExN2JmOTIwYWFkZRi46QE=.r7TdUox40N1GBBYSkX4zvXF6a16Bl2sBldBuUgR05gw=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1668614142.dop035.la3.t,1668614142.cds226.la3.hn,1668614142.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2811
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04xlzF5CHllnT4Y5%2F268IWdQijp%2FCqacCRPbQT2AiofVaO4ku4BwIo4b77n%2Bs2LzZTFzp9huxh8GIVDPKieyned8xv1cWI%2B07DZEhkhQ5iSVHoUwAKMhwmPTIhewakq4kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
76b169865a98a81d-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
4613bb4f7d48662c9e73eab55b9472acf5297f231427a56b2e7d5f05c9ee7d2e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:55:40 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
4613bb4f7d48662c9e73eab55b9472acf5297f231427a56b2e7d5f05c9ee7d2e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:55:40 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		412 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6612664108269044&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
43651d9987d330a8113243857b3e376194303e4ec962c2590676657b639ae99e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:55:40 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
412
ad_request
ads.aralego.com/ 		412 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.8442280778149889&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
43651d9987d330a8113243857b3e376194303e4ec962c2590676657b639ae99e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:55:40 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
412
init.js
cdn.holmesmind.com/js/ Frame A2F2 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Wed, 16 Nov 2022 15:55:23 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
20
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
BJE0Zq8fNEuGK3ZwDvPn-vSV7loOoz8T0Eu4HGFNliC4OJn7U4E-7w==
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:42 GMT
content-encoding
gzip
x-sp-metadata
HS256.CI6s1JsGEogBCiQwMmQ2ODNmMC0xOTIyLTQ1NTItODUzYS02Nzg0NmEzMzNlOGYQ6JCNkN3O+gIaBgj+j9SbBiINMTE2LjkwLjc0LjE5Nyi2xAIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDRlNTE1Zjc3LTE5ZmEtNGM1NC05NTk1LTA5ZGQyYjBlZmVmORib8QE=.c8tbFNYyzmHpUuD99rxOQaO240lk9fLir4t+0qDf+Hk=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1668614142.dop035.la3.t,1668614142.cds226.la3.hn,1668614142.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
ef61de62bdd4d685961d0da741d164c50e531c9d98376158e47bb777363970f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:01:46 GMT
age
71635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10255
x-xss-protection
0
server
sffe
etag
"4d52d329cbd34968"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:01:46 GMT
gtag.json
cdn.ampproject.org/rtv/012211042305000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:02:05 GMT
age
71616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"f8777e0f4a2af1a5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:02:05 GMT
init.js
cdn.holmesmind.com/js/ Frame F80A 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Wed, 16 Nov 2022 15:55:23 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
20
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
0bNQ7ZWVv_45KtibPrv6eHyo-8bcQzBLj4nz8otoyPqv1pBk0EoaZQ==
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 019D 		714 B
799 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
143
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
76b1698d1ae6559f-SYD
content-encoding
br
content-type
text/html
date
Wed, 16 Nov 2022 15:55:40 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8IsH7UoEtgUNR4MOUMQsl88lqTwmOtKCqbk%2B4%2F3vOMWoMGnHE%2FBvLtPv%2BJ6P4A0lv70QyTq6wZIFHGXhXzNfnD194oKRbSDegY1CcYK2McwE6SyNNObgvl9F12ZoFSGHsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:55:42 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 47A3 		714 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
144
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
76b1698d7b1c559f-SYD
content-encoding
br
content-type
text/html
date
Wed, 16 Nov 2022 15:55:41 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WagJJg4buO%2BJhhcCA4zcpX9OjDmogEJ%2BIN3ppCEHzZCs7hV7yFHfseo8%2FYs6U6JFQJEHB60j7LoZ2Z95jn8ofQB9DmVSDrs14%2BnXBbb%2BIwGYHAZ45mHvimMvjFh8JCHsXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 019D 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
c72ccbea57494b8d7e7bb4f11fc17e3ca16bcc3a739413b29dde29e31d9ab2ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27224
x-xss-protection
0
server
sffe
etag
"1393 / 878 of 1000 / last-modified: 1668600453"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Nov 2022 15:55:43 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 47A3 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
c72ccbea57494b8d7e7bb4f11fc17e3ca16bcc3a739413b29dde29e31d9ab2ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27224
x-xss-protection
0
server
sffe
etag
"1393 / 585 of 1000 / last-modified: 1668600453"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Nov 2022 15:55:43 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Wed, 16 Nov 2022 15:55:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a89c99a73b3c1f0c7a3977dd68ceba2286f13385d81aa1bf2c6811bce17f84fd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:10:34 GMT
age
71108
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57837
x-xss-protection
0
server
sffe
etag
"23f3142da2c5be06"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:10:34 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%94%A1%E5%AE%9B%E7%8F%8A%E8%AA%8D%E6%84%9B%E3%80%8C%E8%87%BA%E7%81%A3%E5%A5%B3%E8%97%9D%E4%BA%BA%E8%80%81%E5%85%AC%E3%80%8D%EF%BC%81%E3%80%80%E5%A4%B1%E5%A9%9A1%E5%B9%B4%E6%B7%AA%E5%B0%8F%E4%B8%89%E2%80%A6%E6%AD%A3%E5%AE%AE%E6%9E%97%E5%AE%B6%E7%92%9CFB%E7%8B%A0%E6%89%93%E8%87%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-jsBsJgrUGeAZwKr_cIZSWw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.032569686307867274&gjid=0.5927828447537746&_r=1&a=3870&z=0.7835950064745718&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 2B9B 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
8
content-length
4730
content-type
text/html
date
Wed, 16 Nov 2022 15:55:34 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
x-amz-cf-id
BPXqxYpQlwN7IdN_6mwnEW_IwTNMfQg7MVPvsBU7zwR6O0VLKxxX5A==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame A2F2 		662 B
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 15:55:28 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
15
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
Q1NzhTpjxtMQ09Ddp8D8v8jurrzgV6V0Kk2n4tQDPat7y185yC_Glg==
presetfn.js
cdn.holmesmind.com/js/ Frame E2CC 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbbabf3ef675209739bd2785e7899e6b0b38b55f64e3ae493c92bc736f4006fa

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GlcrFCdqriF9DWier1kzUa9X0iiYaAma
date
Wed, 16 Nov 2022 15:54:51 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Wed, 16 Nov 2022 08:17:24 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
52
etag
"302ae1e20fc6cee5c30acb31a909f501"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9631
x-amz-cf-id
kko5U6OBwH9uJnqDgfET3DeI-t7ox7VANDrDvQMCfxzJ4Eb4TqSH5g==
capmapping.htm
cdn.holmesmind.com/js/ Frame C81D 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
8
content-length
4730
content-type
text/html
date
Wed, 16 Nov 2022 15:55:34 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
x-amz-cf-id
JRpdLA_QwyhQr793eSdZe4YU0a_Erp28bBpTr1Y6UNdNN5k_k4EV7g==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame F80A 		662 B
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 15:55:28 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
15
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
dPRiKPBejfs2dp5i7GvUg7IIB1GSX1nBEcqDFbFqS72xSoyw-UCbMA==
presetfn.js
cdn.holmesmind.com/js/ Frame 5DF5 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbbabf3ef675209739bd2785e7899e6b0b38b55f64e3ae493c92bc736f4006fa

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GlcrFCdqriF9DWier1kzUa9X0iiYaAma
date
Wed, 16 Nov 2022 15:54:51 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Wed, 16 Nov 2022 08:17:24 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
52
etag
"302ae1e20fc6cee5c30acb31a909f501"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9631
x-amz-cf-id
Piixmr1JgKgKD8-IJel7H-_eFg3AaM_As2hPdvzQNKioptrvvO2_Lw==
cm.php
fcm.holmesmind.com/ Frame 82B8 		332 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 15:55:51 GMT
referrer-policy
no-referrer
utag.js
t.ssp.hinet.net/ Frame 2B9B 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:43 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 16 Nov 2022 16:05:43 GMT
cm
c.holmesmind.com/ Frame 2B9B
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:44 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Wed, 16 Nov 2022 15:55:43 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame E2CC 		1 KB
755 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14006
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-27.sin52.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:49:44 GMT
content-encoding
gzip
via
1.1 4051cd1127320e383387d289cc46a5fc.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
358
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
lOQPkQGdn77gqik03F7b-pX1__8YmDdwAg0LJi_g8cnrQ0v831UTeg==
cm
c.holmesmind.com/ Frame C81D
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:44 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Wed, 16 Nov 2022 15:55:43 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
cm.php
fcm.holmesmind.com/ Frame C831 		332 B
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 15:55:51 GMT
referrer-policy
no-referrer
utag.js
t.ssp.hinet.net/ Frame C81D 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:43 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 16 Nov 2022 16:05:43 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 5DF5 		1 KB
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14006
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-27.sin52.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:49:44 GMT
content-encoding
gzip
via
1.1 4051cd1127320e383387d289cc46a5fc.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
358
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
wR5tHrpRoo5txDRIH3IZ0cOLb3NnmKSOciaVrCcjUKaeFsPduNQ7lQ==
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-10192113413369493558.ampproject.net/2211042305000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-10192113413369493558.ampproject.net/2211042305000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1668614142592
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 16 Nov 2022 15:55:43 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=3
accept-ranges
bytes
content-length
631
expires
Wed, 16 Nov 2022 16:55:43 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 16 Nov 2022 15:55:44 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
94168
expires
Thu, 16 Nov 2023 15:55:44 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
506 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 16 Nov 2022 15:55:44 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
211
expires
Thu, 16 Nov 2023 15:55:44 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 16 Nov 2022 15:55:44 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=6
content-length
17440
expires
Wed, 16 Nov 2022 16:55:44 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
c72ccbea57494b8d7e7bb4f11fc17e3ca16bcc3a739413b29dde29e31d9ab2ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27224
x-xss-protection
0
server
sffe
etag
"1393 / 689 of 1000 / last-modified: 1668600453"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Nov 2022 15:55:43 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:43 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2Njg2MTQxNDI5MjAsInBhY2tldElkIjoiMDAwMEE3MDEtODZlNjMyMDctNDhlNi00ZWQ5LTkyMTQtMjU1YzViNGQzZTRjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NhaS13YW4tc2hhbi1yZW4tYWktdGFpLXdhbi1udS15aS1yZW4tbGFvLWdvbmctc2hpLWh1bi0xbmlhbi1sdW4teGlhby1zYW4temhlbmctZ29uZy1saW4tamlhLWh1YW5nLWZiaGVuLWRhLWxpYW4uaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=6615.200000762939
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:43 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2Njg2MTQxNDI5MjAsInBhY2tldElkIjoiMDAwMEE3MDEtODZlNjMyMDctNDhlNi00ZWQ5LTkyMTQtMjU1YzViNGQzZTRjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NhaS13YW4tc2hhbi1yZW4tYWktdGFpLXdhbi1udS15aS1yZW4tbGFvLWdvbmctc2hpLWh1bi0xbmlhbi1sdW4teGlhby1zYW4temhlbmctZ29uZy1saW4tamlhLWh1YW5nLWZiaGVuLWRhLWxpYW4uaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=6615.700000762939
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:43 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2Njg2MTQxNDI5MjAsInBhY2tldElkIjoiMDAwMEE3MDEtODZlNjMyMDctNDhlNi00ZWQ5LTkyMTQtMjU1YzViNGQzZTRjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NhaS13YW4tc2hhbi1yZW4tYWktdGFpLXdhbi1udS15aS1yZW4tbGFvLWdvbmctc2hpLWh1bi0xbmlhbi1sdW4teGlhby1zYW4temhlbmctZ29uZy1saW4tamlhLWh1YW5nLWZiaGVuLWRhLWxpYW4uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19&c_b=6616.200000762939
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:43 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:44 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
444
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Wed, 16 Nov 2022 19:55:44 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2Njg2MTQxNDI5MjYsInBhY2tldElkIjoiMDAwMEE3MDEtODZlNjMyMDctNDhlNi00ZWQ5LTkyMTQtMjU1YzViNGQzZTRjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NhaS13YW4tc2hhbi1yZW4tYWktdGFpLXdhbi1udS15aS1yZW4tbGFvLWdvbmctc2hpLWh1bi0xbmlhbi1sdW4teGlhby1zYW4temhlbmctZ29uZy1saW4tamlhLWh1YW5nLWZiaGVuLWRhLWxpYW4uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=6621.10000038147
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:44 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2Njg2MTQxNDI5MjksInBhY2tldElkIjoiMDAwMEE3MDEtODZlNjMyMDctNDhlNi00ZWQ5LTkyMTQtMjU1YzViNGQzZTRjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NhaS13YW4tc2hhbi1yZW4tYWktdGFpLXdhbi1udS15aS1yZW4tbGFvLWdvbmctc2hpLWh1bi0xbmlhbi1sdW4teGlhby1zYW4temhlbmctZ29uZy1saW4tamlhLWh1YW5nLWZiaGVuLWRhLWxpYW4uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M18xMjBYNjAwXzEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=6623.800000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:44 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads.js
ad.holmesmind.com/adserver/ Frame E2CC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&n=642&o=1&d=1&b=2&ts=1&ii=2&FPCK=570-X3KhG7eyOpmy2LDd8OdcXVSXzMNpO4zD&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.87.8 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-87-8.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a2e9e49c4274c951632bc67b534ddf2f482b7caf58fa0891fa9b28ea6eb3c409

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame E2CC 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 15:55:44 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
5
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
7ngqbbqN5xZmvR_cE9SDti97xj-sliV7Pi7_bjrSt2k72Slzdd9teA==
publishertag.js
static.criteo.net/js/ld/ Frame E2CC 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 17 Nov 2022 15:55:45 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame E2CC 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 15:55:29 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
16
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
-CdoF9uI_TCBA1S85U3GPYJAkgB8zDoN1QLkX2lWEMwMmvPxnWhc5w==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame E2CC 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 15:55:18 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
35
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
k4tWPUYsM4ztmDwOzv1-fC5JQoFaEg66l4XsPirWoLm7YbpXc2-HZA==
appierV2.js
cdn.holmesmind.com/js/ Frame E2CC 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 15:55:29 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
18
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
x2X_NKeFJLi3jg_ktHfg1YPBVwZ-4xGL-hY9_dQ37KgFrC-jlrkuZg==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame E2CC 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QNf_HVa__9WDJ9903hLaQWAhMnzhWu2z
date
Wed, 16 Nov 2022 15:55:18 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 09:50:43 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
39
etag
"b678af4b54f33f8ef194167ea87bc296"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5925
x-amz-cf-id
KftcLfpIOGcUhFo62UWRgb_S3UgK3ZHk-2g97PPIf1LExPRuv29WTw==
ads.js
ad.holmesmind.com/adserver/ Frame 5DF5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&n=860&o=1&d=1&b=2&ts=1&ii=2&FPCK=570-X3KhG7eyOpmy2LDd8OdcXVSXzMNpO4zD&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.87.8 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-87-8.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5b67d33d90734fdc30d0a920c4de85ae0dfa1e3192e49c81b675dface0c11373

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 16 Nov 2022 15:55:46 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 5DF5 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 15:55:44 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
7
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
FdY5RiHF9AY3ch-kpJgyBP5r0IEVK_zilv04d0Uki2GnspBKO6RUSA==
publishertag.js
static.criteo.net/js/ld/ Frame 5DF5 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 17 Nov 2022 15:55:46 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 5DF5 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 15:55:29 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
18
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
nN24Q0VsN7S15Nm8A4ydcyKJ4niJkMu2Wt96Nba0lJNFFp-hUbtlAw==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 5DF5 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 15:55:18 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
37
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
Oq80NNF4aWUS-TsssxH10IsBRUvOvSjjcQfl0ufW1Eq5FlWBrnXPLg==
appierV2.js
cdn.holmesmind.com/js/ Frame 5DF5 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 15:55:29 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
18
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
SjpYYW2zYrhLPp3k-hHkzuwYIaM3XwZAWiHcWntABOEgs5DK5IReEg==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 5DF5 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QNf_HVa__9WDJ9903hLaQWAhMnzhWu2z
date
Wed, 16 Nov 2022 15:55:18 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 09:50:43 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
39
etag
"b678af4b54f33f8ef194167ea87bc296"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5925
x-amz-cf-id
mWL0aehKkvcaKrxEXTxMcBaBrzuYU8SpRfQn5BXAuL84HQTJEl9GHQ==
/
t.ssp.hinet.net/ Frame C81D 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
0f57ea9f5f29b9656718ef9be86c181337417ba1344d50c7528549d9612cb4b0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:43 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 2B9B 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
0829f0bec070bc3be18699b31af784f50c9a1ba519fbcceea2a943f22445f3e9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:43 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
utag.js
t.ssp.hinet.net/ Frame E2CC 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:49 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 16 Nov 2022 16:05:49 GMT
utag.js
t.ssp.hinet.net/ Frame 5DF5 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:49 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 16 Nov 2022 16:05:49 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E43D 		603 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-322659510411454245&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3222&oid=2&is_amp=5&amp_v=2211042305000&d_imp=1&c=3870&ga_cid=amp-jsBsJgrUGeAZwKr_cIZSWw&ga_hid=3870&dt=1668614142706&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&bdt=4728&dtd=685&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:44 GMT
expires
Wed, 16 Nov 2022 15:55:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022111001.js
securepubads.g.doubleclick.net/gpt/ Frame 47A3 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132474
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 09:36:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Nov 2023 00:12:41 GMT
pubads_impl_2022111001.js
securepubads.g.doubleclick.net/gpt/ Frame 019D 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56583
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132474
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 09:36:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Nov 2023 00:12:41 GMT
pubads_impl_2022111001.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56588
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132474
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 09:36:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Nov 2023 00:12:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Wed, 16 Nov 2022 15:55:44 GMT
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d3eb4ba7978b0c89ef74df200f23f3fd1f4eddc5889a9976cdb9aebef14ec67e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:49 GMT
content-encoding
gzip
etag
"dGMVEkJqMDGUKmTNQCF+Mg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 23 Nov 2022 15:55:49 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame 47A3 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 47A3 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 47A3 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2800462935582595&correlator=854985645151199&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1668614144510&lmt=1644386353&dlt=1668614141110&idt=3379&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=p3vxgkgtrhs1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1520025891.1668614145&ga_sid=1668614145&ga_hid=25136686&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e6f6ef1fdde23e9e426b78ca97dd6a096df4ac2a95f0aeeab31945344b134d7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6a7a8693510e64688d1984e88de707c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC8D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6a7a8693510e64688d1984e88de707c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:45 GMT
expires
Thu, 16 Nov 2023 15:55:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 019D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 019D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 019D 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=728050127139291&correlator=298537802724529&eid=31061165%2C31065825&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1668614144670&lmt=1644386353&dlt=1668614141049&idt=3612&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=tmbnqfdslknx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1845143862.1668614145&ga_sid=1668614145&ga_hid=1045768740&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
cb5efa4b0884641a0d91aa466b7f20cac5d1a7766bede4d8eba6a3bd69ea5fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b4b0f54f3550d95550aa07e3c00ab93e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AAE5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b4b0f54f3550d95550aa07e3c00ab93e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:45 GMT
expires
Thu, 16 Nov 2023 15:55:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame E2CC 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 16 Nov 2022 15:55:45 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221116
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc6a23cb6ada4636d9f0bce6e99a841e38e6608c3f9c9600e873156950c93f4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Nov 2022 15:55:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3238
x-jsd-version
1.0.1526
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4563-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"664-pDSPYnvpSGfMuNpyXhU3jhqf2nY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQvK1CiQD0dfhFu0Gb2YowirOK1akfoXgOcanyNJfe4T%2BuXPOKdQMmtsh%2FUbehC31HRRxUokp%2B1JrnMZ4bwE8bcpSdmVo2%2FnXTZYNLtPAYAz7Uu3IxFSql4f6OunfGj7GE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76b169a7dfa5a93e-SYD
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.40.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-40-184.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
5f3732c568ff129dfa2aa4349d5339128c0af4935fa125ca1482bf52c0dbe3ba

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.40.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-40-184.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
1e4d882ca81a2ce1630e24189b783018b9b8ba14153f87a92862010cf662a618

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.40.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-40-184.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
7fdaa8146df6c4763e0d72e2983c245e49cc6e7ddbfd02b12c70cd0d88018013

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=0218124d-59f0-4860-80f7-801857d14877%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=25ab9c82-8f64-458d-8506-41e75458311c%3B97d098b5-dcfe-487a-bea5-41934eb9a3dc%3Be6033e5f-599a-4adc-8457-048fd57b47de&l_pb_bid_id=2d993416487773%3B388165470e7b08%3B49c75a99be128d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.9181257838603376
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2a718206c0a1374a552cfc99914e66bd6db9620789c5fda397f269f22129ea1b

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=19015892025
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Nov 2022 15:55:45 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
adreq
ads.servenobid.com/ 		717 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5112
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Nov 2022 15:55:46 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
arj
adpushup-d.openx.net/w/1.0/ 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=acc84757-2fc4-4eaa-bdb8-27d6160ac81a%2C14ce4563-fffa-49e5-9775-64a19858c9c7%2Cd8eb16e3-88af-4905-bcee-ced4b728585f&nocache=1668614144917&pubcid=0218124d-59f0-4860-80f7-801857d14877&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c1e1b8b2727caf44d68d149dad5705d591bb20c1367dacca2b72dcf39b261a29

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4595
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cf5a2dbd-a654-4c81-8975-c9bfa87789ee&nocache=1668614144918&pubcid=0218124d-59f0-4860-80f7-801857d14877&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:45 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=39f2aa82-9f46-413f-b45b-a8757e33a402&nocache=1668614144918&pubcid=0218124d-59f0-4860-80f7-801857d14877&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:45 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e8009910-ee64-4f8a-90a2-8bcde58f7d63&nocache=1668614144918&pubcid=0218124d-59f0-4860-80f7-801857d14877&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:45 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.78.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-78-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Nov 2022 15:55:45 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
13
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9927102df2201fc874f17c1f14acf83e1a1c0a30ead07171d243de89a769f908
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:45 GMT
AN-X-Request-Uuid
8b7e32ec-e714-47ed-9e14-2b0841a49a3b
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
379
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2230af300b4e87e2a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223752544df3dbff9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2240df2d661769aef%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%224109f4c7eb0bf5f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220218124d-59f0-4860-80f7-801857d14877%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac707c6fab6f4e57042633c9cce6c4043de3d126bce05ca50ba91573f4546dcc

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxWR7nHATOFk5bzUerRxry%2B9BQuWmVUZDhfk4VWII%2Ff6DlXKMO7sQluFI3Qen%2FVNaRUTc7q2kx4Ate7syqSJRHgvD6CFWBtyNrtNsXFSpPfK8D%2B0%2BywZe0e%2FeNipJlvbrHqEmX%2Bg"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76b169a7add71c5a-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2230af300b4e87e2a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2240df2d661769aef%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%224109f4c7eb0bf5f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220218124d-59f0-4860-80f7-801857d14877%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9256dfa37b5408e5afb69de454f5565bfc956454e527642a0031b0d3bb665e7d

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOCjfJXDbZ%2FDgxH6qTQ2IJFD%2Fsy90AzWTs%2FrGAjUT4gHSUf5t6t099GMjzmT8WJzScNMKfhseEUBIBkn2hTcLzxHXarVVabBlsl%2BKXwF7RX%2FXJaMvSKpwlpLH%2BYk16e6TYLUqXs%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76b169a7add81c5a-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Wed, 16 Nov 2022 15:55:45 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
bid-request
a.teads.tv/hb/ 		16 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 16 Nov 2022 15:55:45 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
49750f175b3c7cf88b048b32de78eb481a0c89323d2f106ff5074f5078ad4659

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Nov 2022 15:55:45 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1a44ed70b0044bcfb598bb712e06e03e225d04cabe7751235612bf44243474d8

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
102
alt-svc
clear
expires
Wed, 16 Nov 2022 15:55:45 GMT
prebid-request
onetag-sys.com/ 		15 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.22.207 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-22-207.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:45 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid.aspx
prebid.scupio.com/recweb/ Frame E2CC 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8402967367639675
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 16 Nov 2022 15:55:45 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
private
Access-Control-Allow-Credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame E2CC 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.31093353464772644
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 16 Nov 2022 15:55:45 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
private
Access-Control-Allow-Credentials
true
drawV2.js
cdn.holmesmind.com/js/ Frame E2CC 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&n=642&o=1&d=1&b=2&ts=1&ii=2&FPCK=570-X3KhG7eyOpmy2LDd8OdcXVSXzMNpO4zD&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 15:55:00 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
50
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
aceChlPtjL7RWyKirNOnQQd-o3I5UtTH6J7j2qbelZaYYSMy9TUrqw==
sodar
pagead2.googlesyndication.com/getconfig/ Frame 47A3 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
d431fba1bbba599775a1137cc450ad5d4e128326c6b67e94b46ac1453a746773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12421
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 019D 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
fd54712cf519615729e309e07e8a0456742d9076c2120d79e44595947930f62c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12464
x-xss-protection
0
cdb
bidder.criteo.com/ Frame E2CC 		177 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=87725215096
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
8784c9c9b992cce5fdabc30c9661fc996867ec8c30d6e1d4a7f5c10f0f4c8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
cdb
bidder.criteo.com/ Frame E2CC 		177 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=69457778402
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
7b0c45fbd6eb19f2f12aec8168b7d2b852824bc0b9fa9f875d021ddf65c59d4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Nov 2022 15:55:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
160
events
bidder.criteo.com/csm/ Frame E2CC 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Nov 2022 15:55:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame E2CC 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Nov 2022 15:55:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI0NTk4ODFfMTY2ODYxNDE0NTk0MCIsInVzZXJJZCI6IjY0ODk0NF8xNjY4NjE0MTQ1OTQxIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNTA3OTA2XzE2Njg2MTQxNDU5NDEiLCJwYWdlUGF0aCI6IiUyRmElMkZjYWktd2FuLXNoYW4tcmVuLWFpLXRhaS13YW4tbnUteWktcmVuLWxhby1nb25nLXNoaS1odW4tMW5pYW4tbHVuLXhpYW8tc2FuLXpoZW5nLWdvbmctbGluLWppYS1odWFuZy1mYmhlbi1kYS1saWFuLmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGY2FpLXdhbi1zaGFuLXJlbi1haS10YWktd2FuLW51LXlpLXJlbi1sYW8tZ29uZy1zaGktaHVuLTFuaWFuLWx1bi14aWFvLXNhbi16aGVuZy1nb25nLWxpbi1qaWEtaHVhbmctZmJoZW4tZGEtbGlhbi5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6Im5vUHJldmlld1BhZ2UiLCJleHBlcmltZW50UGFnZSI6ZmFsc2UsInRpbWVzdGFtcCI6MTY2ODYxNDE0NTk0MX0=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvY2FpLXdhbi1zaGFuLXJlbi1haS10YWktd2FuLW51LXlpLXJlbi1sYW8tZ29uZy1zaGktaHVuLTFuaWFuLWx1bi14aWFvLXNhbi16aGVuZy1nb25nLWxpbi1qaWEtaHVhbmctZmJoZW4tZGEtbGlhbi5odG1s.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvY2FpLXdhbi1zaGFuLXJlbi1haS10YWktd2FuLW51LXlpLXJlbi1sYW8tZ29uZy1zaGktaHVuLTFuaWFuLWx1bi14aWFvLXNhbi16aGVuZy1nb25nLWxpbi1qaWEtaHVhbmctZmJoZW4tZGEtbGlhbi5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 16 Nov 2022 15:55:46 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=37, origin; dur=206
content-length
555
expires
Wed, 16 Nov 2022 16:55:46 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 47A3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 15:55:46 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 019D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 15:55:46 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
f8ff3509e9d7c54af090bbf350f3266392d7f0db2cb2aa5f0ef65c639c931ddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Nov 2022 15:55:49 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9jYWktd2FuLXNoYW4tcmVuLWFpLXRhaS13YW4tbnUteWktcmVuLWxhby1nb25nLXNoaS1odW4tMW5pYW4tbHVuLXhpYW8tc2FuLXpoZW5nLWdvbmctbGluLWppYS1odWFuZy1mYmhlbi1kYS1saWFuLmh0bWwiLCJ0aW1lIjoxNjY4NjE0MTQ2NTQyfQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
server
nginx/1.14.0 (Ubuntu)
bid
ad2.apx.appier.net/v1/prebid/ Frame E2CC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=CvmJ1HPTDmW7aavoBAh1Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=CvmJ1HPTDmW7aavoBAh1Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:48 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 15:55:48 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=CvmJ1HPTDmW7aavoBAh1Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame E2CC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=WhXV3MXbDj6ds_uzBAh1Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=WhXV3MXbDj6ds_uzBAh1Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:48 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 15:55:48 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=WhXV3MXbDj6ds_uzBAh1Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame E2CC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Dng5u5JvCROM1F4_BAh1Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dng5u5JvCROM1F4_BAh1Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:48 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 15:55:48 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Dng5u5JvCROM1F4_BAh1Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame E2CC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=IApQied7CE6o5oAwBAh1Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=IApQied7CE6o5oAwBAh1Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:48 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 15:55:48 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=IApQied7CE6o5oAwBAh1Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame E2CC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=xsH8QQ_6CU661UQiBAh1Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=xsH8QQ_6CU661UQiBAh1Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:48 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 15:55:48 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=xsH8QQ_6CU661UQiBAh1Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 5DF5 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 16 Nov 2022 15:55:46 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 5DF5 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.41483648083156544
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 16 Nov 2022 15:55:46 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
private
Access-Control-Allow-Credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame 5DF5 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5286479430391287
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 16 Nov 2022 15:55:46 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
private
Access-Control-Allow-Credentials
true
drawV2.js
cdn.holmesmind.com/js/ Frame 5DF5 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&n=860&o=1&d=1&b=2&ts=1&ii=2&FPCK=570-X3KhG7eyOpmy2LDd8OdcXVSXzMNpO4zD&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 15:55:00 GMT
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
50
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
OBJZXV2cAk-P-obn_06-PT4zM_V27uI5CQ5BxEDTnsN4_GBSwa3sCA==
bid
ad2.apx.appier.net/v1/prebid/ Frame 5DF5
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=lqDE3o96B3u4-eGDBAh1Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=lqDE3o96B3u4-eGDBAh1Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:48 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 15:55:48 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=lqDE3o96B3u4-eGDBAh1Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 55FA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
109025
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 09:38:42 GMT
expires
Wed, 15 Nov 2023 09:38:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DDD0 		783 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f105.1e100.net
Software
GSE /
Resource Hash
87f8018b7eae35a6ed27d2a22ed677bfb0e6cf6ba08175147aaf3f333dc9ae7b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DyNNeBl-Oiu1XEx5lFkmsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-DyNNeBl-Oiu1XEx5lFkmsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:47 GMT
expires
Wed, 16 Nov 2022 15:55:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2001 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
109025
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 09:38:42 GMT
expires
Wed, 15 Nov 2023 09:38:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 30BC 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f105.1e100.net
Software
GSE /
Resource Hash
92b9646d115a2701bdade38eec86f060a608a51c5b246696eb3c8dcea969aeeb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4SeaC6nIlKWxMNglm8YWXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-4SeaC6nIlKWxMNglm8YWXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:47 GMT
expires
Wed, 16 Nov 2022 15:55:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cdb
bidder.criteo.com/ Frame 5DF5 		177 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=66861063421
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
df5621c62860958cd84bd6fd151e357b4ba3f7a222cabf9a23d4d7268ae2629d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Nov 2022 15:55:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
cdb
bidder.criteo.com/ Frame 5DF5 		177 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=6204154936
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad7c97d0824ccf62431f9e88ab6e42557ad60c05948e58e115b17a13fa9dd10e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Nov 2022 15:55:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
bid
ad2.apx.appier.net/v1/prebid/ Frame 5DF5
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=jTv2CBnSAsm65ILQBAh1Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=jTv2CBnSAsm65ILQBAh1Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:48 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 15:55:48 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=jTv2CBnSAsm65ILQBAh1Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 5DF5
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=qgkN3Z13Cr2A-srsBAh1Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=qgkN3Z13Cr2A-srsBAh1Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:48 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 15:55:48 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=qgkN3Z13Cr2A-srsBAh1Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
events
bidder.criteo.com/csm/ Frame 5DF5 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame 5DF5 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 55FA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:08:01 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 2001 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:08:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 30BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111001&jk=728050127139291&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame DDD0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111001&jk=2800462935582595&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 17 Nov 2022 15:55:49 GMT
generate_204
tpc.googlesyndication.com/ Frame 55FA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9JKliA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 2001 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RuL7vw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 16 Nov 2022 15:55:49 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
393272
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		324 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
814ee475a65ce4eb43748833478b05fcfca94039476fba20496dfd81e8cdb4b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
675603
expires
0
rid
match.adsrvr.org/track/ 		109 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
f416e3b81b7df190069367d7884eeb43263c29b07cc44d6f1c1fb8554f55577b

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Nov 2022 15:55:49 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 16 Dec 2022 15:55:50 GMT
usync.html
eus.rubiconproject.com/ Frame 54B1 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Nov 2022 15:55:49 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D336 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
40406
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 16 Nov 2022 15:55:49 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
30, 38223
X-Served-By
cache-lga13626-LGA, cache-mel11270-MEL
X-Timer
S1668614150.692157,VS0,VE0
sync
eb2.3lift.com/ Frame ED57
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
cc06378f7cf62ee00854c62ecbe2ca12959c523f9e1feb07f481180e8b93f56f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Wed, 16 Nov 2022 15:55:50 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 16 Nov 2022 15:55:49 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
checksync.php
contextual.media.net/ Frame 4282 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
14a15b9b179931b3755be7f019111567562bc0a808f2919740f70b2841f4b6ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=165042
content-encoding
gzip
content-length
11836
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 15:55:49 GMT
expires
Fri, 18 Nov 2022 13:46:31 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 02C1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
214
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
76b169c3190e1c60-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 15:55:49 GMT
expires
Wed, 16 Nov 2022 19:55:49 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 5D44 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.144.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-144-13.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55240e190af93c329c339c44aef4e37701f7cac83c65df0afb7e801b7eead39f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
84384
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Tue, 15 Nov 2022 16:29:27 GMT
etag
W/"02a59c9399d935f64b331e61178d2c9f"
last-modified
Mon, 14 Nov 2022 16:28:27 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 3e2d48e2701d85ed2900b5e1e8df2e24.cloudfront.net (CloudFront)
x-amz-cf-id
jbafNTub2oiBBeCWn7_qMSvlurKXbVMTrFenZWNc_mHdK9Ct_0Kl4Q==
x-amz-cf-pop
MRS52-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:9114884f-60db-4078-afb1-cde242f68696
x-amz-meta-codebuild-content-md5
3d437d58b8bd54e8a0e378e97cd0e39f
x-amz-meta-codebuild-content-sha256
85fe75fc3aebfc86893a7760fc0ac12e3ff269743874600311aae7eb8917fccd
x-cache
Hit from cloudfront
pd
u.openx.net/w/1.0/ Frame 943B 		533 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
46ffabdd418bd0cbd0e0fbac9e7b30b46610565f95cad648b7b1edae0d359e77

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
326
content-type
text/html
date
Wed, 16 Nov 2022 15:55:49 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 8BF1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1668614145957
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
51c4f2cf0148b740f4713c5ed14c5e70f6efaa72bfbbe75f3cecc00be1bc2959
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1372
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
/
t.ssp.hinet.net/ Frame 5DF5 		36 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
11fc6c67c988bbe028cdcb1dddb6c99014ccdca2cee29efd835288caf8539996
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:49 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame E2CC 		36 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
11fc6c67c988bbe028cdcb1dddb6c99014ccdca2cee29efd835288caf8539996
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:49 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 17 Nov 2022 15:55:49 GMT
sd
us-u.openx.net/w/1.0/ Frame 943B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3732945120016780590&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3732945120016780590&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3732945120016780590&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 16 Nov 2022 15:55:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 943B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=d1b42d14-f077-7797-da21-48f033f67b8a&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=d1b42d14-f077-7797-da21-48f033f67b8a&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=11fe43f3-fdaf-4e93-a99a-20f132d88aae&ttd_puid=d1b42d14-f077-7797-da21-48f033f67b8a&gdpr=0&gdpr_consent=
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=11fe43f3-fdaf-4e93-a99a-20f132d88aae&ttd_puid=d1b42d14-f077-7797-da21-48f033f67b8a&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:49 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=11fe43f3-fdaf-4e93-a99a-20f132d88aae&ttd_puid=d1b42d14-f077-7797-da21-48f033f67b8a&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 943B
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y3UIBsCo8YkAAFKwndoAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y3UIBsCo8YkAAFKwndoAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
42
Date
Wed, 16 Nov 2022 15:55:50 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":42,"gdpr":false,"ipv4":"116.90.74.197","key":"Y3UIBsCo8YkAAFKwndoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad30"}
X-SO-Key
Y3UIBsCo8YkAAFKwndoAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad30
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y3UIBsCo8YkAAFKwndoAAAAA
Cache-Control
private
X-SO-HostName
m-ad30.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng37.dc4p.scaleout.jp
X-SO-IP
116.90.74.197
sd
jp-u.openx.net/w/1.0/ Frame 943B
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfHVCNw7kvEtks8ADv76RGwpcM8AAAGEgSdZZg
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfHVCNw7kvEtks8ADv76RGwpcM8AAAGEgSdZZg
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
via
1.1 3c5649f7d49e8f5b916e18a72b919074.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfHVCNw7kvEtks8ADv76RGwpcM8AAAGEgSdZZg
cache-control
no-cache
content-length
0
x-amz-cf-id
zBwIpI-poVN_ukgt09FBD5M8N_PrBasI3JC86-TumO4CgZVtF5Xi1Q==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 943B 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmRkYmZlZGUtMzkwMC0yOTMzLWNmYzEtMTI0OWY5MTRiNWVh
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 943B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOX409EBieF_pAjxKda-eJQ&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOX409EBieF_pAjxKda-eJQ&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOX409EBieF_pAjxKda-eJQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
emome2
t.ssp.hinet.net/ Frame E2CC 		30 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=f5f3f2ab-279a-42bb-bb87-e1b7945aa845
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:49 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
usermatch
ssum-sec.casalemedia.com/ Frame C75B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a8f21b1f9df7cf87c83463b52b33907feea6556eec0d0a674ba70b4da3d7609

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76b169c84d99aaed-SYD
content-encoding
br
content-type
text/html
date
Wed, 16 Nov 2022 15:55:50 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMCZBHrKm7AAdUflAb0fm6wqYX%2BK1BH3XX0g8RXMbEiXIZ5ZGqPfSnjkR%2BDzSAcAIyiHpxQSM6ImTbfnqBE95EaVzcHT8C%2Fxi7e70t%2B26b7QY%2B2o6ac%2BFnDsrvwlx5NqRcTSLwuRg3g4bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76b169c5cc71aaed-SYD
content-length
0
date
Wed, 16 Nov 2022 15:55:50 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3sybCgqZBSBdEHagiqKY%2Fdr4rXlV145o50GDRg%2BlK3bFSOaJRw2Iwi676Ijfg6SqFdVw2u7M6Khk75yGmLRdEDMehrMAa6JK8HaJXv522pk46AemxlIlmcb1PRqbax4r1%2FKqrXF4Pflew%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame D336 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:49 GMT
AN-X-Request-Uuid
2a52f505-121b-4d1e-a2ac-7223765079f0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-43.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:25:25 GMT
via
1.1 0f7e4995783c21b04a0e0537b8737dde.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1826
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
dCxZ4gSL9cX6BORi8vzF28mVF3Gw7v4YWabYI0_J-dRenOL2fO-9rQ==
integrator.js
adservice.google.co.nz/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		181 KB
48 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1857996416543879&correlator=3536871503499573&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-40&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.07%26hb_ap_adid%3D74fc7227744a30b%26hb_ap_bidder%3Dix%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.02%26hb_ap_adid%3D76d618bcecd88c3%26hb_ap_bidder%3Dopenx%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1668614149946&lmt=1668614149&dlt=1668614137978&idt=11945&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1152364600.1668614150&ga_sid=1668614150&ga_hid=3870&ga_fc=false&ga_cid=amp-jsBsJgrUGeAZwKr_cIZSWw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
03c4a1f49717bc4d5e766008fdcd359f0a7ea72eafb05bd0eaa53061ff5a5484
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48951
x-xss-protection
0
google-lineitem-id
5221734845,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294466384,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6773 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:50 GMT
expires
Thu, 16 Nov 2023 15:55:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 95CF 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
f77e31b3fe6b0efdd40c819cfbfdb34ac7f9e112c790f8dd607edad49e85b06d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34260
x-xss-protection
0
server
cafe
etag
1116006578948929229
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Nov 2022 15:55:50 GMT
/
onetag-sys.com/match/ Frame 8BF1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=57866375-0806-4600-9887-67e19f4ea373&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=57866375-0806-4600-9887-67e19f4ea373&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668614145957
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 16 Nov 2022 15:55:50 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=57866375-0806-4600-9887-67e19f4ea373&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Nov 2022 15:55:49 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 8BF1 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668614145957
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 8BF1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2619822817631859109
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2619822817631859109
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668614145957
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:50 GMT
AN-X-Request-Uuid
b5665b98-0c7b-4f42-bd9a-8a20f808189f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2619822817631859109
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8BF1 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=uxAkiRC2gnEfKw5Pg1VxSOS6gz5uveMLD2pYhJux5Fg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668614145957
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8BF1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhIEnWCBxTHXplg0k6HrqErLYqHrY6OEoCg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhIEnWCBxTHXplg0k6HrqErLYqHrY6OEoCg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668614145957
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhIEnWCBxTHXplg0k6HrqErLYqHrY6OEoCg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 8BF1 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668614145957
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:50 GMT
content-length
0
/
onetag-sys.com/match/ Frame 8BF1
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCIaQ1JsGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668614145957
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Wed, 16 Nov 2022 15:55:51 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 8BF1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=_de8gIsRHuFd_pfGYDSOERxu3-VQR_fJHfhOVXbQf6Y
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=_de8gIsRHuFd_pfGYDSOERxu3-VQR_fJHfhOVXbQf6Y
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668614145957
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
94QRVK26EQGSRTJ42PZ8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=_de8gIsRHuFd_pfGYDSOERxu3-VQR_fJHfhOVXbQf6Y
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 8BF1 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668614145957
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
content-length
0
/
onetag-sys.com/match/ Frame 8BF1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJiiV_xra4XZZ2pe0JTGUGE&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJiiV_xra4XZZ2pe0JTGUGE&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668614145957
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJiiV_xra4XZZ2pe0JTGUGE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 8BF1 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668614145957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 8BF1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668614145957
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame 8BF1 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668614145957
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:55:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 54B1 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
29d366523891287dbebb8df15b3603b9472e47000ae63ad749508a16b060b5d4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:55:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Nov 2022 12:43:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74879
Connection
keep-alive
Content-Length
10066
Expires
Thu, 17 Nov 2022 12:43:49 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 8F04 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
637c4bb2adc3df8cba2337b294af87e3b032c5da379e153a0038cc6ce5b075e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34260
x-xss-protection
0
server
cafe
etag
8374278875264817783
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Nov 2022 15:55:50 GMT
sync
gum.criteo.com/ Frame 4282 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
324079
expires
60
usync.html
eus.rubiconproject.com/ Frame 8682
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 15:55:50 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 16 Nov 2022 15:55:50 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 182B
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Drkt%26refUrl%3D%26vid%3D861415009031161574974437970...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3116157497443797000V10&type=rkt&refUrl=&vid=86141500903116157497443797000V10&ovsid=1973209966069815918
219 B
652 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3116157497443797000V10&type=rkt&refUrl=&vid=86141500903116157497443797000V10&ovsid=1973209966069815918
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Wed, 16 Nov 2022 15:55:53 GMT
expires
Wed, 16 Nov 2022 15:55:53 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Wed, 16 Nov 2022 15:55:52 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3116157497443797000V10&type=rkt&refUrl=&vid=86141500903116157497443797000V10&ovsid=1973209966069815918
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D9BA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.32.206 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-32-206.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=36644
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 15:55:50 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 17 Nov 2022 02:06:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 4282
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dapx%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3116157497443797000V10&type=apx&refUrl=&vid=86141500903116157497443797000V10&ovsid=2619822817631859109
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3116157497443797000V10&type=apx&refUrl=&vid=86141500903116157497443797000V10&ovsid=2619822817631859109
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 16 Nov 2022 15:55:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 16 Nov 2022 15:55:50 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:50 GMT
AN-X-Request-Uuid
978fbc76-91be-4aee-8b81-4ad3cbab6567
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3116157497443797000V10&type=apx&refUrl=&vid=86141500903116157497443797000V10&ovsid=2619822817631859109
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 4282
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3116157497443797...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3116157497443797000V10&type=opx&refUrl=&vid=86141500903116157497443797000V10&ovsid=1998448b-5b77-4d77-b96e-369e8119e956
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3116157497443797000V10&type=opx&refUrl=&vid=86141500903116157497443797000V10&ovsid=1998448b-5b77-4d77-b96e-369e8119e956
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 16 Nov 2022 15:55:50 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Wed, 16 Nov 2022 15:55:50 GMT

Redirect headers

date
Wed, 16 Nov 2022 15:55:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3116157497443797000V10&type=opx&refUrl=&vid=86141500903116157497443797000V10&ovsid=1998448b-5b77-4d77-b96e-369e8119e956
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 4282
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dmma%26refUrl%3D%26vid%3D861415009031161574974437...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3116157497443797000V10&type=mma&refUrl=&vid=86141500903116157497443797000V10&ovsid=98466375-0806-4f00-8e5d-7a4fc39ae493
45 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3116157497443797000V10&type=mma&refUrl=&vid=86141500903116157497443797000V10&ovsid=98466375-0806-4f00-8e5d-7a4fc39ae493
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 16 Nov 2022 15:55:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 16 Nov 2022 15:55:51 GMT

Redirect headers

Date
Wed, 16 Nov 2022 15:55:50 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x2 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3116157497443797000V10&type=mma&refUrl=&vid=86141500903116157497443797000V10&ovsid=98466375-0806-4f00-8e5d-7a4fc39ae493
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Nov 2022 15:55:49 GMT
usersync
usersync.gumgum.com/ Frame 4282
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dr1%26refUrl%3D%26vid%3D86141500903116157497...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dr1%26refUrl%3D%26vid%3D86141500903116...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6202773772
  • https://sync.1rx.io/usersync/tradedesk/11fe43f3-fdaf-4e93-a99a-20f132d88aae
  • https://sync.targeting.unrulymedia.com/csync/RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
date
Wed, 16 Nov 2022 15:55:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2a46fe75a550453d90593a5278f7f8a6004
content-type
text/html
cksync
cs.media.net/ Frame 4282
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzExNjE1NzQ5NzQ0Mzc5NzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENhFZN186qflJV34LBaGWD8&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENhFZN186qflJV34LBaGWD8&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 16 Nov 2022 15:55:50 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENhFZN186qflJV34LBaGWD8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 4282
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Ddxu%26refUrl%3D%26vid%3D86141500903116157497443...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Ddxu%26refUrl%3D%26vid%3D86141500903116157...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3116157497443797000V10&type=dxu&refUrl=&vid=86141500903116157497443797000V10&ovsid=2U41HBD41OVkLs5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3116157497443797000V10&type=dxu&refUrl=&vid=86141500903116157497443797000V10&ovsid=2U41HBD41OVkLs5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 16 Nov 2022 15:55:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 16 Nov 2022 15:55:51 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:50 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0f40721276a047f1b@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3116157497443797000V10&type=dxu&refUrl=&vid=86141500903116157497443797000V10&ovsid=2U41HBD41OVkLs5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 4282 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
270446
expires
Wed, 16 Nov 2022 00:00:00 GMT
/
sync.ad-stir.com/ Frame 4282
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171250450&expires=5
  • https://sync.ad-stir.com/?symbol=BIDSWITCH&uid=705b2411-319c-4b14-a843-22ef020a85ca
43 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ad-stir.com/?symbol=BIDSWITCH&uid=705b2411-319c-4b14-a843-22ef020a85ca
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
54.199.9.21 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-9-21.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate
content-length
43
expires
0

Redirect headers

Location
//sync.ad-stir.com/?symbol=BIDSWITCH&uid=705b2411-319c-4b14-a843-22ef020a85ca
Date
Wed, 16 Nov 2022 15:55:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
23178
stags.bluekai.com/site/ Frame 4282
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dzem%26refUrl%3D%26vid%3D86141500903116157497443797...
  • https://stags.bluekai.com/site/23178?id=MsWwf8IHFHnZv0DRHR-J&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
0
0
cksync.php
contextual.media.net/ Frame 4282
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3116157497443797000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3116157497443797000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=10bd117c-8581-4213-9501-2a374f797a90&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=10bd117c-8581-4213-9501-2a374f797a90&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 16 Nov 2022 15:55:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 16 Nov 2022 15:55:52 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=10bd117c-8581-4213-9501-2a374f797a90&cs=1
Date
Wed, 16 Nov 2022 15:55:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame 4282 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Demx%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.33.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-33-18.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame 4282
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=11fe43f3-fdaf-4e93-a99a-20f132d88aae
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=11fe43f3-fdaf-4e93-a99a-20f132d88aae
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 16 Nov 2022 15:55:51 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=11fe43f3-fdaf-4e93-a99a-20f132d88aae
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
xuid
eb2.3lift.com/ Frame ED57
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 16 Nov 2022 15:55:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame ED57
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgyNDU1NTg2NTYwMTg0ODI1ODIwMQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame ED57
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBnoDnnaZoVkC_27qT-7U7k&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBnoDnnaZoVkC_27qT-7U7k&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 16 Nov 2022 15:55:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBnoDnnaZoVkC_27qT-7U7k&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ED57
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgyNDU1NTg2NTYwMTg0ODI1ODIwMQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgyNDU1NTg2NTYwMTg0ODI1ODIwMQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgyNDU1NTg2NTYwMTg0ODI1ODIwMQ%3D%3D
date
Wed, 16 Nov 2022 15:55:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame ED57
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3824555865601848258201&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3824555865601848258201&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a8ab257c-0f44-4d07-bbdc-d834e408ba20&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a8ab257c-0f44-4d07-bbdc-d834e408ba20&_noobservation=1&_expected_cookie=f073965...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a8ab257c-0f44-4d07-bbdc-d834e408ba20&_noobservation=1&_expected_cookie=f07396575e40f920f1db22ee5985d64d
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.102.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Wed, 16 Nov 2022 15:55:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76b169d11a5ea941-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a8ab257c-0f44-4d07-bbdc-d834e408ba20&_noobservation=1&_expected_cookie=f07396575e40f920f1db22ee5985d64d
date
Wed, 16 Nov 2022 15:55:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76b169cf99c4a941-SYD
content-length
0
xuid
eb2.3lift.com/ Frame ED57
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3824555865601848258201&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=3824555865601848258201&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=04c0247e-e01b-4cc3-83cd-420f5cb029ca&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=705b2411-319c-4b14-a843-22ef020a85ca&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=705b2411-319c-4b14-a843-22ef020a85ca&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 16 Nov 2022 15:55:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=705b2411-319c-4b14-a843-22ef020a85ca&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 16 Nov 2022 15:55:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame ED57
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3824555865601848258201?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-yoRDJLxE2oRBn0OAXs2q7NWyWJO3Oi41p2qaBGLEng--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-yoRDJLxE2oRBn0OAXs2q7NWyWJO3Oi41p2qaBGLEng--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 16 Nov 2022 15:55:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 16 Nov 2022 15:55:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-yoRDJLxE2oRBn0OAXs2q7NWyWJO3Oi41p2qaBGLEng--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame ED57
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3824555865601848258201
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3824555865601848258201&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3824555865601848258201&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VFECRGZJ54ACTAK3NFS3
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3824555865601848258201&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame ED57 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3824555865601848258201&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 75F95956505C41D6A97260EBE19CDC38 Ref B: SYD03EDGE1713 Ref C: 2022-11-16T15:55:50Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame ED57
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2619822817631859109&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2619822817631859109&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 16 Nov 2022 15:55:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:51 GMT
AN-X-Request-Uuid
570616c9-3f00-40a6-9820-19f95b70ac28
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2619822817631859109&dongle=4d58&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 95CF 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
cbfaf0dd189b92c3477cb5ef2a5519ae7861dc9aa33f68e5a899724c8a9519da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119610
x-xss-protection
0
server
cafe
etag
1252791868700096378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Nov 2022 15:55:50 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 54B1
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=kN3qvAmMTZWrAhoz1Mu2kA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=kN3qvAmMTZWrAhoz1Mu2kA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=kN3qvAmMTZWrAhoz1Mu2kA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X113GJRM5TFE6ATH0TCT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=kN3qvAmMTZWrAhoz1Mu2kA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 54B1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWY1OGU0MzRjMjcwODA2MjRhMmI3MzBhZjJjNzIwMGE5ZjQ5OTM0YQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWY1OGU0MzRjMjcwODA2MjRhMmI3MzBhZjJjNzIwMGE5ZjQ5OTM0YQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWY1OGU0MzRjMjcwODA2MjRhMmI3MzBhZjJjNzIwMGE5ZjQ5OTM0YQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 54B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKUUsxao3CrbgEzTxaIlVPA&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKUUsxao3CrbgEzTxaIlVPA&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKUUsxao3CrbgEzTxaIlVPA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 54B1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAJTS2X6-O-7T07
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAJTS2X6-O-7T07
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 4E0D3D04293E43558F4E99EB98C7C92D Ref B: SYD03EDGE1015 Ref C: 2022-11-16T15:55:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtmIHFExN3IA7le1b7YA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAJTS2X6-O-7T07
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 54B1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
ecm3
s.amazon-adsystem.com/ Frame 54B1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vRArkAYbT1qfJV-E-PoO4g&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vRArkAYbT1qfJV-E-PoO4g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vRArkAYbT1qfJV-E-PoO4g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CVP58AWD14REX3F1GX52
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vRArkAYbT1qfJV-E-PoO4g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 54B1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/zZA3qTSmdRRbRfMow9UTHQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5824054178760376436
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5824054178760376436
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 16 Nov 2022 15:55:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5824054178760376436
content-length
0
pixel
cm.g.doubleclick.net/ Frame 54B1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKVFMyWDYtTy03VDA3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKVFMyWDYtTy03VDA3
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKVFMyWDYtTy03VDA3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
collect
www.google-analytics.com/g/ 		0
97 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb90&_p=3870&cid=1152364600.1668614150&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668614150&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&dt=%E8%94%A1%E5%AE%9B%E7%8F%8A%E8%AA%8D%E6%84%9B%E3%80%8C%E8%87%BA%E7%81%A3%E5%A5%B3%E8%97%9D%E4%BA%BA%E8%80%81%E5%85%AC%E3%80%8D%EF%BC%81%E3%80%80%E5%A4%B1%E5%A9%9A1%E5%B9%B4%E6%B7%AA%E5%B0%8F%E4%B8%89%E2%80%A6%E6%AD%A3%E5%AE%AE%E6%9E%97%E5%AE%B6%E7%92%9CFB%E7%8B%A0%E6%89%93%E8%87%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 47A3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111001&jk=2800462935582595&bg=!kZKlktbNAAbvMpMzzzI7ACkAdvg8WnPqVtyon0kW1Iy7nu0rpjTOUeqsOD8SAmayieVe09KXbLKMgAIAAABxUgAAAAJoAQcKANpZjfzrbisCKddFXg3nty-H78obfPAwT_TJ6vA9lue-iiM4YDFaiDHty2r1VBV7xviAqaxcDMEQTMG590Hlz5-Gn0KH2NYAw6L1oP4RC0uweBlmqHUPtE_VRtA8lfz7j8A3quYRYIyzR4FliwKbrltPq4NG4JSA-NlsKV3r9FZtyDucikKc7_0IOwE0PuUxuhADv9wndvmzvq7UkeFe5qDVizQ76SHKpCNX3J5Yt1an5XlaPNUnlAQ7mWL2tPud0dQGD1rusRZFu6J1kgUeXnhpPd6-TUh4gv7cJZkCt51iLgZubl-EWpuuGaMal9iyQinBuGD4fAzTSHvMDmZ2O1QcS1RKfuaARmbLx6ljLO_3WTrdE9OcnHkRsW3OAEnSwBG656eJXcuiAJY0U1QbtEzGvc1OlilSqmsvS9EPdMOc30JH8BojHvmfyaAlXG62YVOtwX4eVlmlwNiR4WSRnmJvQut74AUIRpdAd2J_scszodIv9JWYSwbpwXS-_Vx1XVqEBTo1qG22ceBQBWgPaIgKqQ5asBjfdq35qcV9jauWcFAUKRLbP8Q7KKi52lwX0WwJuTowc5lwmCpOJ1OS6MV9sFkoqcGlpHXkUqysHJsro_kpkuWVSr9i3L5F9-FRuADf-Jq89cgcwnPEwOzyq04eP7mu-cuwYNYr7frDxRNXv7LJftE-UjgqHVUolCs18T69GHIx-C1w64DHdHz88emLU5pHEdItBW1n0nKrT2W26k4tAt7bSc-p43LeZwFecJxohwzF1lhPVL5lhn3bc19HKnYTO2q01mCuODK9Ofa2CKoQYNfWCu15BvYYhNTbc69U-WcJOl9-z7uLVJZU_oj3uYbiOzHWZlSAdc0Q4ZsBG-YrmphjYz5RB8mq9kb2m7EhtYseyxn1JymtefD36esa-O0XiCLnFHUlGfSw3Lcj20kXoBSHD9W5mugkyypYUxKEbTUEJc0CSkCrXOhBXKU0zgDtb0tPu72zGPV0ugbuNRXKbzsAsBfamrqZlFpIfdV_tHfCyeOMU55Vf8YaA2C6uBMt8ESDc6PN9FQyxaVIySAnMiCudWhR08mXKSfYEb8npnLjTNHiWEHnefsp4fXRJS88MwRlKxAg8vlgNyTwhnjJ0MwXHUHFNzTc_0qzUgDIQubsZ3KXrk1q3hm5BsKIQ44uKw0hzRZHz7yRJkzhTp7kPFaCQNbCCDuwgtGjBZIXbluw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 8F04 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
b4759bb4f7feb87cdfa4b36b4fe2754a54224629226f76df1287a5873c1176af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119603
x-xss-protection
0
server
cafe
etag
18041840905878368703
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Nov 2022 15:55:50 GMT
13926
g2.gumgum.com/usync/ Frame 9345 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.208.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-208-41.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c438cb1f8aa555c781008f562f92be5a7e79e1a47f13d2a9fcadde7a979c76db

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 16 Nov 2022 15:55:51 GMT
etag
W/"0814f1126cd58b279e3f43cc6574375d2"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 0017 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
f407277179ec4eb22ad93ee875e53af0588c93774bafa55ac14a14279c467dbf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1397
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 9331 		747 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
107728d167373806ea160ecdd67ac67ca6cf824f2d660c63af29cfd9fd6fbebc

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
747
content-type
text/html
date
Wed, 16 Nov 2022 15:55:50 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 284F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e19d670aaac134ca36b150c5da12150cafc76fe5ae6a832a4d8cfebbd1cab6fd

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76b169c95e09aaed-SYD
content-encoding
br
content-type
text/html
date
Wed, 16 Nov 2022 15:55:50 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44PgfwqpieB7EGdFBToObr%2BGF%2FgnhgjkDzOoJ2sd1ZOK9%2BMXk8JiX8wmHUlYbyFf4pIxDl%2FmQSAQDOh3cVSD%2FAFtfBuLKex%2BpVj08ski03Wiu62sQKeVlGUizjw1ounmSidq9cZcZyDO9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8EAB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Nov 2022 15:55:50 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 16 Nov 2022 15:55:50 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3C53 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.32.206 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-32-206.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=36644
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 15:55:50 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 17 Nov 2022 02:06:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame ADEC 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-118.sin2.r.cloudfront.net
Software
/
Resource Hash
fbd455f1c72d34c76950219ae787ffd73c7a62ae2ef598f427d6f2e3eb784a7c

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Wed, 16 Nov 2022 15:55:51 GMT
via
1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront)
x-amz-cf-id
WIDJwWF1nzVj9m007yGlkwG3JDEhxaZplZqHSeDLVfPilHL10e4p4A==
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
sync
ads.servenobid.com/ Frame 5D44
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=2619822817631859109
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=2619822817631859109
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:50 GMT
AN-X-Request-Uuid
b56ce76b-85cd-4313-ab3c-4b39fea7f501
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=2619822817631859109
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 5D44
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FqV7ERZH4bTf5-KeT3KD7DYS
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FqV7ERZH4bTf5-KeT3KD7DYS
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:51 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FqV7ERZH4bTf5-KeT3KD7DYS
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 5D44
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FqV7CLZHjqU-OgFCQc6Tkmfl
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FqV7CLZHjqU-OgFCQc6Tkmfl
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Wed, 16 Nov 2022 15:55:51 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FqV7CLZHjqU-OgFCQc6Tkmfl
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usersync
usersync.gumgum.com/ Frame 5D44
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1668614150948
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2767501738
  • https://sync.1rx.io/usersync/tradedesk/11fe43f3-fdaf-4e93-a99a-20f132d88aae
  • https://sync.targeting.unrulymedia.com/csync/RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
date
Wed, 16 Nov 2022 15:55:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2a46fe75a550453d90593a5278f7f8a6004
content-type
text/html
sync
ads.servenobid.com/ Frame 5D44
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1975180290104658928
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1975180290104658928
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1975180290104658928
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 5D44
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=5184bf1c-c6e7-4bf4-ac4a-e0d1237018c7
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=5184bf1c-c6e7-4bf4-ac4a-e0d1237018c7
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:56 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:55 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-63
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=5184bf1c-c6e7-4bf4-ac4a-e0d1237018c7
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cookie
cm.adform.net/ Frame 5D44
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F36468%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dcc4de2f7-fe76-4125-8caa-605e...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F36468%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dcc4de2f7-fe76-4125-8caa-605e758cd934%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F36468%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dcc4de2f7-fe76-4125-8caa-605e758cd934%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
date
Wed, 16 Nov 2022 15:55:50 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 5D44
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A
date
Wed, 16 Nov 2022 15:55:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 5D44
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-d048e3e4-f726-324c-b4e7-cad8247aa29d
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-d048e3e4-f726-324c-b4e7-cad8247aa29d
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-d048e3e4-f726-324c-b4e7-cad8247aa29d
pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame 5D44
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A
date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sodar
pagead2.googlesyndication.com/pagead/ Frame 019D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111001&jk=728050127139291&bg=!DwylDEjNAAbvMpMzzzI7ACkAdvg8WlTD29qrgcUiiOhx_fSL47iv6Bx_hLaXk5fd35cpH-ObLAnbxAIAAABRUgAAAANoAQeZArizivlacWID3HwE42jul22_1lJYV_i53aYm-OTDX03rGwij5L96ffkvnRIEA6FBFgQzpC_pAoz0oyaeSGuUZUuRtHGPyPZmgEN8jnqUS6ezeFHPjzhAxDA12XNNH94Npr6P1m_1Y0BEyMx0cdBFIkFJctdx9GOfAJ8g4MueArl0JfrfQkOGpUSGLDw92aldEg1rORq_CK_-P2rZbK64ZhgFnAE2hRpXVX7bH7BrOzjrUcGVjFgVDSM1PjJPs30XwQ_xN51AQcOdnuNVWZdewRR_Fu3_r7j-e_ji2kTsMVciTUOejl5wOocvyzqa-FNlE8zrfqdOpbrIkYcOwQT1KrMHRCWAwyJ20_iZT-WoYJeTnsz-LJpM7Lxhp-AVMphiARiAKioxPNNGaslHCh77Hn83YpChdNYZ_0LQ9G19-Y5HJAiccAxykBi7edXv8Keo6iyjDAI4Ul0ihwop_6QDo1aLsfFhjps6RA5hP_LtmjBqeEffQgiKUmiRYbVn57KHo4EIQZdyf2j7cQyy1HsjjmFBYgfg_VPlkk8pXcFQyqVbrm-HrGev1mvyD6wm6w6eRXIs-y8qJMO21xgcaPVq7E1L5XwFyiQWuFFQWQRgYbGU8R0GSXhgcnoLhGagqhbyg4VK_x6H4I5bYqZ_FDClwl80exWVSFCBzSCldU6eF_zhe6JjrTTgqbSMrk0beaawvmdfMx11iYCse0Dsq8sSJZUmGl4qNYMjy-5EN9-m7u5d0F1eoUdQqnW1fs1m6InBxP4BIl_bHAQubXcFT-MpPTbzqhPcvlgtVNqQrjDJq_sD_gEr7U8OjQzmY2fqrpPgDRBhN4sOPgYPO4o3m06Ez4o-yZFC2EVVH4f9lLfpSYLQf6lP_5LVzledyOBiaq-boJuy1846EVY1UZyGkbfFOa3mdBW_2EWRTTY
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel;r=2007414047;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html;uh...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2007414047;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1491399323-1668614149815;pbc=0218124d-59f0-4860-80f7-801857d14877;ns=0;ce=1;qjs=1;qv=4a00825e-20221110201859;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1668614150638;tzo=0;ogl=;ses=5dffb677-d512-4b5c-a4fe-cbaca2792302
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6363 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_ZZcM1kw4C6RerkUP-rmJI4YiXjiQfCNcJD_1Vb6-hsNQ8f2OGMDai3zEn9ST9vaaUlqgwhhdF8wkqKqDAY71gcQnSuFqD4_xvQLFmJIn7RRG3-q-l9OL25kqjtfRlcgPA2ngegArg6IcAZFVQl3qlG_6rB-doffgMFedmxtsmGC77UrhULGI9oTY8-lvfBKBV_VKeZudQIprk-Lf8PhgkX4OUBIATU5gu--m0u7LnFpsFXX5Vvh2Ca_20HeftdQGrxqDaLFeEMx1cEacGQ4mQ648j1xpaeGVeQLA99C3D9PJgIICc0i--0mT&sai=AMfl-YQp3tQVp4y4UGy_2qrUtz2eDwHVryl7swVLtGmN_0B7SiWWI5nPPHWwb2KPs5FcqiWUt7vcYlH44ao_GZgFTGuVCslr3LVH_C6DbAZ4Ae-Rijaz-0_PbbdnHPfUb340&sig=Cg0ArKJSzAxP9EkoMByeEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adfetch
googleads.g.doubleclick.net/pagead/ Frame 6E60 		82 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.197&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&sub_client=bidder-693656&hl=en&aceid=MKwatACRbTQBDXg0AUZ8NAGafzQBvX80Aex_NAH2fzQBXoA0AXCANAHCgDQB14A0AeGANAHngDQB-oA0AQWBNAEPgTQBGYE0ARyBNAEfgTQBK4E0AUCBNAFPgTQBVIE0AVmBNAFlgTQBcIE0AXqBNAF7gTQBg4E0AYWBNAGJgTQBj4E0AZKBNAGYgTQBmYE0AZqBNAGmgTQBq4E0AbGBNAG1gTQBwYE0AcKBNAHNgTQB0YE0AdeBNAHagTQB34E0AUtzQQFTc0EBVXNBAVFG5gEBWA8CsB1cAgUfXAJHH1wCRTyqAug-qgInQqoCKEKqAitCqgIZTaoCr06qAg9WqgL9eKoCp4qqAoCbqgKBm6oCgpuqAhedqgKiqKoC6aiqArGrqgLkrKoClbGqAly2qgJ6uKoCuruqAjrZqgJO2aoCyOKqAqDlqgJd7qoCq_GqAm_4qgIl-6oCQvuqAq_8qgJMBKsCHgarAjkGqwLBB6sCowurAt8LqwLpC6sC6wurAsMMqwLjDasCHhCrAmMcqwJAH6sCqR-rAvUfqwIMI6sC1iOrAg4mqwJUKKsCXSirAvsrqwL-LqsC1zCrAvEwqwKLMqsC9DOrAm80qwJWNqsChTarAow2qwJBN6sCHjirAlI5qwJCOqsCZDqrApA6qwKVOqsCDTyrAiM8qwKePKsCojyrAu4-qwL3PqsCQT-rAn4_qwI3QKsCMEGrAjZBqwLIQasC9kGrAnlEqwJmRasCvkWrAtYmEAOaOvoD2jNMBdGGIwoUyPsSItb7Elre-xI9-PsSUfv7Ev4A_BLzAfwStgL8EqQE_BJcBfwS9gX8ElwG_BINCPwSvwj8EuwI_BIpCfwSeQn8ErgJ_BLcCfwS-lZrGlsAkinWzrUu&awbid_c=AKAmf-CqBTCbbrAp9TWWWmd8lOAK2LPD-AmSig8iGDTKI_d2_NOW61guiniwzEgxqETsb7dKZdD7h4MnchETKHH6pmU7HGDbz00D_hzwljSKfPNMdB8p5d0EmdBJkfv7BYsO6TnE9_tra6IGw2Ez1SBDMOz-V2MipWWBk1zAoWUUcbMKVyjdILw&awbid_d=AKAmf-Bb4a6GySqsB4bVwmfASbmpSBxxBWIVS43iFklivLJ9cH_KAI6RiILTSuAJZpOXVYzqTImP09-yxj7G-TDJhSN08QwJgrnBNu_h0nYYkCYTW6yxGISXSje4spaRDf1k-eGkTAUzQIrlqPHDnTqIUOGMGfrdVb_t3kivsERoje6y8LNYYG3M6yXbF9YndT8pKmoI6QhlWnV4Si49tXUdLuuyI47_BxBBfrb5hPNbpsFcL3Lea6eGxCK26T3lrzlROviQ92D9S2hYvqfHqTuHWZi9HsVbWSbfghCGNSDdOMzoytBMt-5Kmo6zPkMSIZ2hrIzQjM414Hxpjv3bS_pEJMFukMU5PhYCYLNuA5uHTEtmHmDpkwjginuifn1Ce91sIRAnmW607RBo7W_xSqhyBoXmQC5h6ktX00WyXfdhymcoggjr5IgYYjHbjKl8HuL34UvfUWPf7IeBCNoM6TgxI2Da3738YKMRGqDAL-rmsqfXNsfOYmggPFx9aIfAJm-1cMK4XIf2aYvw3yYh4GzLD52JYtUevP2ByztBhdFf3M6BhGUGkk1EER8mOvoi7VRDMxq_EdKcndEx0PtAT9ty2ZKOq10bXWAMJJ9_oDCd3R2pY6cimlYztwf80sh9yxFWs13x8lvebkKLvAFkZ6mV-OfBfaXOKBBsVj99aurRPIdzE_1R-1w&cid=CAQSGwDq26N9zUq-YYyzFkmGlToE7kGlU1IsaYvOqBgBIAo&exk=713857248&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&a_pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
d887047bec7bcec47e47aa0e7f6bd2e9c8c80a9e79e4fc6855c64cad57b634b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
32517
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame 6363 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:46:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
582
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3003
x-xss-protection
0
server
cafe
etag
2660866305706646737
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Nov 2022 16:46:08 GMT
2805b607-5003-4cde-83b7-ab5233a920d8
a4732.casalemedia.com/impression/v2/693656/85/cdqgg0bic75afb8tjcu0/ Frame 6363 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4732.casalemedia.com/impression/v2/693656/85/cdqgg0bic75afb8tjcu0/2805b607-5003-4cde-83b7-ab5233a920d8?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1668614745&creativeID=2a4ae9&pubID=189372&format=banner&channel=site
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.5.86.202 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6363 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-Cxmx_lxtohrQ1-v93H5Cyuo_tTUhMVEeGld644pCsaUznURiEIE_E8ANG_OmqIJoR4qpasmwsMyPKP9TyskiVLbh-0ew&pr=13:Y3UIAQAAAADju3ig0ObM7y3UYfBIQlRwti5DHA
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6363 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 15:55:51 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9jYWktd2FuLXNoYW4tcmVuLWFpLXRhaS13YW4tbnUteWktcmVuLWxhby1nb25nLXNoaS1odW4tMW5pYW4tbHVuLXhpYW8tc2FuLXpoZW5nLWdvbmctbGluLWppYS1odWFuZy1mYmhlbi1kYS1saWFuLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS04NmU2MzIwNy00OGU2LTRlZDktOTIxNC0yNTVjNWI0ZDNlNGMiLCJiaWRzIjpbeyJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDcwMDAwMDAwMDAwMDAwMDEsInJlc3BvbnNlVGltZSI6NjU5LCJuZXR3b3JrUmVsYXRpb24iOjF9XSwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJ3aW5uZXIiOiJpeCIsIndpbm5lck5ldHdvcmtSZWxhdGlvbiI6MSwid2lubmluZ1JldmVudWUiOjAuMDAwMDcwMDAwMDAwMDAwMDAwMDEsIndpbm5lckFkVW5pdElkIjoiNzRmYzcyMjc3NDRhMzBiIiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiMzAweDI1MCIsInByZWJpZEF1Y3Rpb25JZCI6ImEyMDk5ZjgzLWY4NTYtNDYyYi04YjNkLTE3MTJjZjRkYmE5MCIsImhlYWRlckJpZGRpbmdUeXBlIjoxfQ%3D%3D&c_b=14444.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=14454.5&data=eyJsaW5lSXRlbVR5cGUiOiJIQiIsImF1Y3Rpb25JZCI6ImEyMDk5ZjgzLWY4NTYtNDYyYi04YjNkLTE3MTJjZjRkYmE5MCIsImNvbXB1dGF0aW9uSWQiOm51bGwsInNsb3RJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInBhY2tldElkIjoiMDAwMEE3MDEtODZlNjMyMDctNDhlNi00ZWQ5LTkyMTQtMjU1YzViNGQzZTRjIiwiY291bnRyeSI6Ik5aIiwic2l0ZUlkIjo0Mjc1MywidGltZVN0YW1wIjoxNjY4NjE0MTUwNzYwfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
nginx/1.18.0 (Ubuntu)
usermatchredir
ssum-sec.casalemedia.com/ Frame C75B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBVb-kyyvWcaSJXcAmGSOhc&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBVb-kyyvWcaSJXcAmGSOhc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyO0LXN2k1swZsAij0LRNpZYjD7CM65OmCz0FXJfGQ%2BlDuzrChyauTQDbQdWl2TVR%2B5dlXL0cdfecTG1F0mybMZn0eVr6NqUj7IvsNb%2BrvbteXPksTTOxmhUpk3SKNJROsB8iwb%2BmreUUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76b169cc9f87aaed-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBVb-kyyvWcaSJXcAmGSOhc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C75B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=11fe43f3-fdaf-4e93-a99a-20f132d88aae&expiration=1671206151&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=11fe43f3-fdaf-4e93-a99a-20f132d88aae&expiration=1671206151&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=11fe43f3-fdaf-4e93-a99a-20f132d88aae&expiration=1671206151&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame C75B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3UIBqQdqjPD9BouCJPzsQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENJsNqQIz8BNySxSbuQOx1Q&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENJsNqQIz8BNySxSbuQOx1Q&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENJsNqQIz8BNySxSbuQOx1Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C75B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CP563GV94S4DYNXV096Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5N4GMBJC8N2SMQT5VTJT
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C75B
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2efa6d9d710d4719bfbe9d1fb3130b25&expiration=1671206151
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2efa6d9d710d4719bfbe9d1fb3130b25&expiration=1671206151
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2efa6d9d710d4719bfbe9d1fb3130b25&expiration=1671206151
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C75B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
18.141.128.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-128-115.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB
date
Wed, 16 Nov 2022 15:55:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
23178
stags.bluekai.com/site/ Frame C75B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=QxzamAmPTWC3jVM_z9vS&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
0
0
crum
dsum-sec.casalemedia.com/ Frame C75B
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684252551&external_user_id=e2681fb2-698f-4fb6-8d88-fc0850f953e6
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684252551&external_user_id=e2681fb2-698f-4fb6-8d88-fc0850f953e6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Wed, 16 Nov 2022 15:55:51 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684252551&external_user_id=e2681fb2-698f-4fb6-8d88-fc0850f953e6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
htw-pixel.gif
cdn.indexww.com/ht/ Frame C75B 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y3UIBqQdqjPD9BouCJPzsQAA%265332
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
13138
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76b169cfff081c5c-AKL
content-length
43
expires
Thu, 17 Nov 2022 15:55:51 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame DDCD 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 23:08:01 GMT
age
60470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 23:08:01 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame DDCD 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 22:54:03 GMT
age
61308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 22:54:03 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame DDCD 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 23:13:02 GMT
age
60170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 23:13:02 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame DDCD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 23:07:34 GMT
age
60498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 23:07:34 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame DDCD 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 22:41:14 GMT
age
62078
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 22:41:14 GMT
truncated
/ Frame DDCD 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9580af945dc04915b9dfe249304d2b3658bc07159b5d2180a42899eb336946e4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
CC_Tyre_Centre_OCT_Our_Reviews_Speak_For_Themselves_EMEC_GDN_728x90.png
tpc.googlesyndication.com/sadbundle/8444619643638210031/ Frame DDCD 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8444619643638210031/CC_Tyre_Centre_OCT_Our_Reviews_Speak_For_Themselves_EMEC_GDN_728x90.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
51ea63533ada918dc8595d04b77e0249c4144a65f8c819061d8f76bc0bd07985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:08 GMT
x-content-type-options
nosniff
age
28062
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24109
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 04:36:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 16 Nov 2023 08:08:08 GMT
container.html
a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 36D5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:50 GMT
expires
Thu, 16 Nov 2023 15:55:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DDCD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 21:19:53 GMT
x-content-type-options
nosniff
server
cafe
age
66957
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Wed, 16 Nov 2022 21:19:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DDCD 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 10:20:07 GMT
x-content-type-options
nosniff
server
cafe
age
20143
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 17 Nov 2022 10:20:07 GMT
l
www.google.com/ads/measurement/ Frame DDCD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuoVg87kbwqUttic5288Q5pRy6vQhyxsdFlklmiWEI86LWC-pcxn-J7YMDjRibfH5oUmHvKq9uFpDZrnrgVOpnooCJ8w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame DDCD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1Ji2Bgh1Y7HJB5qd3LUP15CigAqds-esbZi4sv7qEP2Tt8nmMRABILqEwDNgq-yxheAYoAGDo6bNA8gBCakCy9SHrqO9pD7gAgCoAwHIAwiqBOACT9DkA0gLyAmm2CGacIQ63wK702tQadBBnozP_DenXUjPE_Vx1gcpIET8UYG9YpjZ_87HlblD_5D4QZbiVS7rcPoK-W0Gl9hOiPd9lanfsq2gzuOfP5XtSbN6NAkw1BsSfUYsJ-SZTO5sKyPhRLJB6Zw7GkJ12393igUhhuWScMd8tpXolca0Xp1K1ZeC0-guAnqDYUWYVOCLpTriWLNkSAJ_cm8V2v8PdfTIyf9ruDFvfzCXTLfIxuJfpGiBm2ZgzPzkuOV3YC4P0Tk9JQT9FfprBr9fwPwjvSX5ErYAYqzVMDiAlOew9TbSEOTmEvUInOt5Nw9U0LHuMsuSSUZfO5-UDNfGrin42tEBSQrrapilsF-YvNrYVBjz-dGLDDNJv8yWE7uqfjhdIgcFxwCWHH4LzokuNupcwe1t8hYohdSTpSCEfy_Jd3U2I6WNadu4D50U2jX8GRpArT3KIWQR5MAEu-Db1OwD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-Xc2TKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD2qgLSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHYEwrQFQGYFgGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=fHy4rE7T7UY&uach_m=[UACH]&cid=CAQSOwDq26N9XBkVlfkQHu-YsVJ7Jk6Hil5eppjiLs5DpQfvSrAxJLdgivZ51Lr_WtnskhiiKiGFyg9nQJZVGAEgEw&template_id=419
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=14498.20000076294&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiJhMjA5OWY4My1mODU2LTQ2MmItOGIzZC0xNzEyY2Y0ZGJhOTAiLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTg2ZTYzMjA3LTQ4ZTYtNGVkOS05MjE0LTI1NWM1YjRkM2U0YyIsImNvdW50cnkiOiJOWiIsInNpdGVJZCI6NDI3NTMsInRpbWVTdGFtcCI6MTY2ODYxNDE1MDgwM30%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
nginx/1.18.0 (Ubuntu)
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=14499.400000572205&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiJhMjA5OWY4My1mODU2LTQ2MmItOGIzZC0xNzEyY2Y0ZGJhOTAiLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwicGFja2V0SWQiOiIwMDAwQTcwMS04NmU2MzIwNy00OGU2LTRlZDktOTIxNC0yNTVjNWI0ZDNlNGMiLCJjb3VudHJ5IjoiTloiLCJzaXRlSWQiOjQyNzUzLCJ0aW1lU3RhbXAiOjE2Njg2MTQxNTA4MDR9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
nginx/1.18.0 (Ubuntu)
Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 284F 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.128.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-128-115.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 284F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2619822817631859109
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2619822817631859109
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:51 GMT
AN-X-Request-Uuid
bb03f2bb-39bc-4726-9007-e87be7fcf0f1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2619822817631859109
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 284F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEhNU7G6hAAAB9n8RVSnQ&expiration=1669823752
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEhNU7G6hAAAB9n8RVSnQ&expiration=1669823752
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEhNU7G6hAAAB9n8RVSnQ&expiration=1669823752
Date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 284F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3732945120016780590
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3732945120016780590
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3732945120016780590
pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 284F
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=086122041975a554618cf97e&expiration=[EXPIRATION]
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=086122041975a554618cf97e&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=086122041975a554618cf97e&expiration=[EXPIRATION]
date
Wed, 16 Nov 2022 15:55:54 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 284F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3UIBqQdqjPD9BouCJPzsQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENJsNqQIz8BNySxSbuQOx1Q&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENJsNqQIz8BNySxSbuQOx1Q&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENJsNqQIz8BNySxSbuQOx1Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 284F 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.242.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-242-203.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 284F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=HCIqNVSG1OVkLt5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=HCIqNVSG1OVkLt5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:50 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0f40721276a047f1b@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=HCIqNVSG1OVkLt5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 284F 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
async_usersync
ib.adnxs.com/ Frame D336 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:51 GMT
AN-X-Request-Uuid
af9d2f66-fea5-43fa-aa97-90d73329397e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D9BA 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66957276&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
633b5e9411b1b53c04f0e4d698d1425ef66f89127c08596fc38402d510cc53d9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 15:55:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame E7EB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d62b7e48d4569f97e16e5bd4d3249fa9bcc2f5a5f4b22036e779f59478783ff

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76b169cc8f82aaed-SYD
content-encoding
br
content-type
text/html
date
Wed, 16 Nov 2022 15:55:51 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZttiPEYggTa49Dmc7bgEIRVfgcnHMo1E0Mac28t0Yu4vjgX0913SrWQQeYrutCBLrgG5eBr21hcSPKABw41RRyakUkL3wkIHrZh7kO59MdczmfHFNJcTq8DrGkmre3C4pvWunsNvl%2Fu4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 0017
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhIEnXFxtaUk5vTXPzMn_E8EQf4T_YYidDQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhIEnXFxtaUk5vTXPzMn_E8EQf4T_YYidDQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhIEnXFxtaUk5vTXPzMn_E8EQf4T_YYidDQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 0017 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame 0017
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJiiV_xra4XZZ2pe0JTGUGE&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJiiV_xra4XZZ2pe0JTGUGE&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJiiV_xra4XZZ2pe0JTGUGE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 0017
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 16 Nov 2022 15:55:51 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Nov 2022 15:55:50 GMT
/
onetag-sys.com/match/ Frame 0017
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LAJTS2X6-O-7T07&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LAJTS2X6-O-7T07&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LAJTS2X6-O-7T07&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
/
onetag-sys.com/match/ Frame 0017
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2619822817631859109
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2619822817631859109
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:51 GMT
AN-X-Request-Uuid
98a32951-39ad-47e4-b1d6-3976a3c59a47
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2619822817631859109
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0017 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=_de8gIsRHuFd_pfGYDSOERxu3-VQR_fJHfhOVXbQf6Y
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 0017
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=8311656690547555136
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=8311656690547555136
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=8311656690547555136
date
Wed, 16 Nov 2022 15:55:50 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 0017
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=_de8gIsRHuFd_pfGYDSOERxu3-VQR_fJHfhOVXbQf6Y
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=_de8gIsRHuFd_pfGYDSOERxu3-VQR_fJHfhOVXbQf6Y
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T0EMTJ6PJKKRF0MFQX6T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=_de8gIsRHuFd_pfGYDSOERxu3-VQR_fJHfhOVXbQf6Y
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 0017
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
  • https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
date
Wed, 16 Nov 2022 15:55:51 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 0017
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A
date
Wed, 16 Nov 2022 15:55:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 0017
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
/
onetag-sys.com/match/ Frame 0017
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=0&user_id=vMmZKbrCniqnmct_spmDeuufmCynwpYo75nVXR9U
  • https://onetag-sys.com/match/?int_id=30&uid=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&gdpr_consent=&us_privacy=
Date
Wed, 16 Nov 2022 15:55:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame 0017 		0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=_de8gIsRHuFd_pfGYDSOERxu3-VQR_fJHfhOVXbQf6Y
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 8EAB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
29d366523891287dbebb8df15b3603b9472e47000ae63ad749508a16b060b5d4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 12:43:24 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=74878
content-length
10066
expires
Thu, 17 Nov 2022 12:43:49 GMT
usync.js
eus.rubiconproject.com/ Frame 8682 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
29d366523891287dbebb8df15b3603b9472e47000ae63ad749508a16b060b5d4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 12:43:24 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=74878
content-length
10066
expires
Thu, 17 Nov 2022 12:43:49 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6E60 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=COrLGAQh1Y4GTE7mrmsMPgpSusAW248y1bbXvy9fQEL-7wbjBCRABILflhCFgq-yxheAYoAGFq_mBAsgBA6kCwwZX0OjBpD6oAwHIA8kEqgTHAk_Q9JML2OjG_aM8QPG-JFqLSmyTRy0guY7OFUKa0Pp04q-wg6RQNoPXW7bls3RkG9SnCNvb1WtaBy6sGQYv1yCsIstQtIC2BqfyOK5M6eSb7yO1n4vDBqbBg-F_hzRV-t9slPV02Cn4tV2JzYcPh1bsrFVTndATeuYExbrjtSRKgqiwE-gPwr4WOddPB0vOdw6mPgSoYdUWNv4AgWQxXKhTwQF3wSGF3IfwOKclfKF513Q-5E3mhWMVjk2mtm-i5hU2YPZJV4YYnUFbEOjDAGD_wcTYWBNUcKkZHGf7rh59GL41mOt3GQVqjH07oD7-4ahHkkgVfut-amCgkr20p-koLvwcoSV6j0dJ3TPLcveXobsAbeWzAJ2mwWz6PWKrqnMpXMuN4HjDV7sGhtsfRAgfKZSIsFGygNuHdDTuRZAFAXQgMUtX8sAEx5Wp9JcEkgUECAQYAZIFBAgFGASgBgOAB-PUhv4BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHSCA8IgGEQARgAMgKKAjoCgEDyCA1iaWRkZXItNjkzNjU2gAoEyAsB2BMK0BUBgBcBshcICgYIABIAGAA&sigh=m93_P6w4gyM&uach_m=[UACH]&pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.197&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&sub_client=bidder-693656&hl=en&aceid=MKwatACRbTQBDXg0AUZ8NAGafzQBvX80Aex_NAH2fzQBXoA0AXCANAHCgDQB14A0AeGANAHngDQB-oA0AQWBNAEPgTQBGYE0ARyBNAEfgTQBK4E0AUCBNAFPgTQBVIE0AVmBNAFlgTQBcIE0AXqBNAF7gTQBg4E0AYWBNAGJgTQBj4E0AZKBNAGYgTQBmYE0AZqBNAGmgTQBq4E0AbGBNAG1gTQBwYE0AcKBNAHNgTQB0YE0AdeBNAHagTQB34E0AUtzQQFTc0EBVXNBAVFG5gEBWA8CsB1cAgUfXAJHH1wCRTyqAug-qgInQqoCKEKqAitCqgIZTaoCr06qAg9WqgL9eKoCp4qqAoCbqgKBm6oCgpuqAhedqgKiqKoC6aiqArGrqgLkrKoClbGqAly2qgJ6uKoCuruqAjrZqgJO2aoCyOKqAqDlqgJd7qoCq_GqAm_4qgIl-6oCQvuqAq_8qgJMBKsCHgarAjkGqwLBB6sCowurAt8LqwLpC6sC6wurAsMMqwLjDasCHhCrAmMcqwJAH6sCqR-rAvUfqwIMI6sC1iOrAg4mqwJUKKsCXSirAvsrqwL-LqsC1zCrAvEwqwKLMqsC9DOrAm80qwJWNqsChTarAow2qwJBN6sCHjirAlI5qwJCOqsCZDqrApA6qwKVOqsCDTyrAiM8qwKePKsCojyrAu4-qwL3PqsCQT-rAn4_qwI3QKsCMEGrAjZBqwLIQasC9kGrAnlEqwJmRasCvkWrAtYmEAOaOvoD2jNMBdGGIwoUyPsSItb7Elre-xI9-PsSUfv7Ev4A_BLzAfwStgL8EqQE_BJcBfwS9gX8ElwG_BINCPwSvwj8EuwI_BIpCfwSeQn8ErgJ_BLcCfwS-lZrGlsAkinWzrUu&awbid_c=AKAmf-CqBTCbbrAp9TWWWmd8lOAK2LPD-AmSig8iGDTKI_d2_NOW61guiniwzEgxqETsb7dKZdD7h4MnchETKHH6pmU7HGDbz00D_hzwljSKfPNMdB8p5d0EmdBJkfv7BYsO6TnE9_tra6IGw2Ez1SBDMOz-V2MipWWBk1zAoWUUcbMKVyjdILw&awbid_d=AKAmf-Bb4a6GySqsB4bVwmfASbmpSBxxBWIVS43iFklivLJ9cH_KAI6RiILTSuAJZpOXVYzqTImP09-yxj7G-TDJhSN08QwJgrnBNu_h0nYYkCYTW6yxGISXSje4spaRDf1k-eGkTAUzQIrlqPHDnTqIUOGMGfrdVb_t3kivsERoje6y8LNYYG3M6yXbF9YndT8pKmoI6QhlWnV4Si49tXUdLuuyI47_BxBBfrb5hPNbpsFcL3Lea6eGxCK26T3lrzlROviQ92D9S2hYvqfHqTuHWZi9HsVbWSbfghCGNSDdOMzoytBMt-5Kmo6zPkMSIZ2hrIzQjM414Hxpjv3bS_pEJMFukMU5PhYCYLNuA5uHTEtmHmDpkwjginuifn1Ce91sIRAnmW607RBo7W_xSqhyBoXmQC5h6ktX00WyXfdhymcoggjr5IgYYjHbjKl8HuL34UvfUWPf7IeBCNoM6TgxI2Da3738YKMRGqDAL-rmsqfXNsfOYmggPFx9aIfAJm-1cMK4XIf2aYvw3yYh4GzLD52JYtUevP2ByztBhdFf3M6BhGUGkk1EER8mOvoi7VRDMxq_EdKcndEx0PtAT9ty2ZKOq10bXWAMJJ9_oDCd3R2pY6cimlYztwf80sh9yxFWs13x8lvebkKLvAFkZ6mV-OfBfaXOKBBsVj99aurRPIdzE_1R-1w&cid=CAQSGwDq26N9zUq-YYyzFkmGlToE7kGlU1IsaYvOqBgBIAo&exk=713857248&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&a_pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.197&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&sub_client=bidder-693656&hl=en&aceid=MKwatACRbTQBDXg0AUZ8NAGafzQBvX80Aex_NAH2fzQBXoA0AXCANAHCgDQB14A0AeGANAHngDQB-oA0AQWBNAEPgTQBGYE0ARyBNAEfgTQBK4E0AUCBNAFPgTQBVIE0AVmBNAFlgTQBcIE0AXqBNAF7gTQBg4E0AYWBNAGJgTQBj4E0AZKBNAGYgTQBmYE0AZqBNAGmgTQBq4E0AbGBNAG1gTQBwYE0AcKBNAHNgTQB0YE0AdeBNAHagTQB34E0AUtzQQFTc0EBVXNBAVFG5gEBWA8CsB1cAgUfXAJHH1wCRTyqAug-qgInQqoCKEKqAitCqgIZTaoCr06qAg9WqgL9eKoCp4qqAoCbqgKBm6oCgpuqAhedqgKiqKoC6aiqArGrqgLkrKoClbGqAly2qgJ6uKoCuruqAjrZqgJO2aoCyOKqAqDlqgJd7qoCq_GqAm_4qgIl-6oCQvuqAq_8qgJMBKsCHgarAjkGqwLBB6sCowurAt8LqwLpC6sC6wurAsMMqwLjDasCHhCrAmMcqwJAH6sCqR-rAvUfqwIMI6sC1iOrAg4mqwJUKKsCXSirAvsrqwL-LqsC1zCrAvEwqwKLMqsC9DOrAm80qwJWNqsChTarAow2qwJBN6sCHjirAlI5qwJCOqsCZDqrApA6qwKVOqsCDTyrAiM8qwKePKsCojyrAu4-qwL3PqsCQT-rAn4_qwI3QKsCMEGrAjZBqwLIQasC9kGrAnlEqwJmRasCvkWrAtYmEAOaOvoD2jNMBdGGIwoUyPsSItb7Elre-xI9-PsSUfv7Ev4A_BLzAfwStgL8EqQE_BJcBfwS9gX8ElwG_BINCPwSvwj8EuwI_BIpCfwSeQn8ErgJ_BLcCfwS-lZrGlsAkinWzrUu&awbid_c=AKAmf-CqBTCbbrAp9TWWWmd8lOAK2LPD-AmSig8iGDTKI_d2_NOW61guiniwzEgxqETsb7dKZdD7h4MnchETKHH6pmU7HGDbz00D_hzwljSKfPNMdB8p5d0EmdBJkfv7BYsO6TnE9_tra6IGw2Ez1SBDMOz-V2MipWWBk1zAoWUUcbMKVyjdILw&awbid_d=AKAmf-Bb4a6GySqsB4bVwmfASbmpSBxxBWIVS43iFklivLJ9cH_KAI6RiILTSuAJZpOXVYzqTImP09-yxj7G-TDJhSN08QwJgrnBNu_h0nYYkCYTW6yxGISXSje4spaRDf1k-eGkTAUzQIrlqPHDnTqIUOGMGfrdVb_t3kivsERoje6y8LNYYG3M6yXbF9YndT8pKmoI6QhlWnV4Si49tXUdLuuyI47_BxBBfrb5hPNbpsFcL3Lea6eGxCK26T3lrzlROviQ92D9S2hYvqfHqTuHWZi9HsVbWSbfghCGNSDdOMzoytBMt-5Kmo6zPkMSIZ2hrIzQjM414Hxpjv3bS_pEJMFukMU5PhYCYLNuA5uHTEtmHmDpkwjginuifn1Ce91sIRAnmW607RBo7W_xSqhyBoXmQC5h6ktX00WyXfdhymcoggjr5IgYYjHbjKl8HuL34UvfUWPf7IeBCNoM6TgxI2Da3738YKMRGqDAL-rmsqfXNsfOYmggPFx9aIfAJm-1cMK4XIf2aYvw3yYh4GzLD52JYtUevP2ByztBhdFf3M6BhGUGkk1EER8mOvoi7VRDMxq_EdKcndEx0PtAT9ty2ZKOq10bXWAMJJ9_oDCd3R2pY6cimlYztwf80sh9yxFWs13x8lvebkKLvAFkZ6mV-OfBfaXOKBBsVj99aurRPIdzE_1R-1w&cid=CAQSGwDq26N9zUq-YYyzFkmGlToE7kGlU1IsaYvOqBgBIAo&exk=713857248&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&a_pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Nov 2022 15:55:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
7858232299141590587
tpc.googlesyndication.com/simgad/ Frame 6E60 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7858232299141590587
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.197&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&sub_client=bidder-693656&hl=en&aceid=MKwatACRbTQBDXg0AUZ8NAGafzQBvX80Aex_NAH2fzQBXoA0AXCANAHCgDQB14A0AeGANAHngDQB-oA0AQWBNAEPgTQBGYE0ARyBNAEfgTQBK4E0AUCBNAFPgTQBVIE0AVmBNAFlgTQBcIE0AXqBNAF7gTQBg4E0AYWBNAGJgTQBj4E0AZKBNAGYgTQBmYE0AZqBNAGmgTQBq4E0AbGBNAG1gTQBwYE0AcKBNAHNgTQB0YE0AdeBNAHagTQB34E0AUtzQQFTc0EBVXNBAVFG5gEBWA8CsB1cAgUfXAJHH1wCRTyqAug-qgInQqoCKEKqAitCqgIZTaoCr06qAg9WqgL9eKoCp4qqAoCbqgKBm6oCgpuqAhedqgKiqKoC6aiqArGrqgLkrKoClbGqAly2qgJ6uKoCuruqAjrZqgJO2aoCyOKqAqDlqgJd7qoCq_GqAm_4qgIl-6oCQvuqAq_8qgJMBKsCHgarAjkGqwLBB6sCowurAt8LqwLpC6sC6wurAsMMqwLjDasCHhCrAmMcqwJAH6sCqR-rAvUfqwIMI6sC1iOrAg4mqwJUKKsCXSirAvsrqwL-LqsC1zCrAvEwqwKLMqsC9DOrAm80qwJWNqsChTarAow2qwJBN6sCHjirAlI5qwJCOqsCZDqrApA6qwKVOqsCDTyrAiM8qwKePKsCojyrAu4-qwL3PqsCQT-rAn4_qwI3QKsCMEGrAjZBqwLIQasC9kGrAnlEqwJmRasCvkWrAtYmEAOaOvoD2jNMBdGGIwoUyPsSItb7Elre-xI9-PsSUfv7Ev4A_BLzAfwStgL8EqQE_BJcBfwS9gX8ElwG_BINCPwSvwj8EuwI_BIpCfwSeQn8ErgJ_BLcCfwS-lZrGlsAkinWzrUu&awbid_c=AKAmf-CqBTCbbrAp9TWWWmd8lOAK2LPD-AmSig8iGDTKI_d2_NOW61guiniwzEgxqETsb7dKZdD7h4MnchETKHH6pmU7HGDbz00D_hzwljSKfPNMdB8p5d0EmdBJkfv7BYsO6TnE9_tra6IGw2Ez1SBDMOz-V2MipWWBk1zAoWUUcbMKVyjdILw&awbid_d=AKAmf-Bb4a6GySqsB4bVwmfASbmpSBxxBWIVS43iFklivLJ9cH_KAI6RiILTSuAJZpOXVYzqTImP09-yxj7G-TDJhSN08QwJgrnBNu_h0nYYkCYTW6yxGISXSje4spaRDf1k-eGkTAUzQIrlqPHDnTqIUOGMGfrdVb_t3kivsERoje6y8LNYYG3M6yXbF9YndT8pKmoI6QhlWnV4Si49tXUdLuuyI47_BxBBfrb5hPNbpsFcL3Lea6eGxCK26T3lrzlROviQ92D9S2hYvqfHqTuHWZi9HsVbWSbfghCGNSDdOMzoytBMt-5Kmo6zPkMSIZ2hrIzQjM414Hxpjv3bS_pEJMFukMU5PhYCYLNuA5uHTEtmHmDpkwjginuifn1Ce91sIRAnmW607RBo7W_xSqhyBoXmQC5h6ktX00WyXfdhymcoggjr5IgYYjHbjKl8HuL34UvfUWPf7IeBCNoM6TgxI2Da3738YKMRGqDAL-rmsqfXNsfOYmggPFx9aIfAJm-1cMK4XIf2aYvw3yYh4GzLD52JYtUevP2ByztBhdFf3M6BhGUGkk1EER8mOvoi7VRDMxq_EdKcndEx0PtAT9ty2ZKOq10bXWAMJJ9_oDCd3R2pY6cimlYztwf80sh9yxFWs13x8lvebkKLvAFkZ6mV-OfBfaXOKBBsVj99aurRPIdzE_1R-1w&cid=CAQSGwDq26N9zUq-YYyzFkmGlToE7kGlU1IsaYvOqBgBIAo&exk=713857248&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&a_pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
4a19c329e8dd04f09ed8f699d06c6b0dbae69ffd6eb7a9f1f2e6a53b0ad92c5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38522
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 03:58:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 16 Nov 2023 15:55:51 GMT
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 6E60 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.197&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&sub_client=bidder-693656&hl=en&aceid=MKwatACRbTQBDXg0AUZ8NAGafzQBvX80Aex_NAH2fzQBXoA0AXCANAHCgDQB14A0AeGANAHngDQB-oA0AQWBNAEPgTQBGYE0ARyBNAEfgTQBK4E0AUCBNAFPgTQBVIE0AVmBNAFlgTQBcIE0AXqBNAF7gTQBg4E0AYWBNAGJgTQBj4E0AZKBNAGYgTQBmYE0AZqBNAGmgTQBq4E0AbGBNAG1gTQBwYE0AcKBNAHNgTQB0YE0AdeBNAHagTQB34E0AUtzQQFTc0EBVXNBAVFG5gEBWA8CsB1cAgUfXAJHH1wCRTyqAug-qgInQqoCKEKqAitCqgIZTaoCr06qAg9WqgL9eKoCp4qqAoCbqgKBm6oCgpuqAhedqgKiqKoC6aiqArGrqgLkrKoClbGqAly2qgJ6uKoCuruqAjrZqgJO2aoCyOKqAqDlqgJd7qoCq_GqAm_4qgIl-6oCQvuqAq_8qgJMBKsCHgarAjkGqwLBB6sCowurAt8LqwLpC6sC6wurAsMMqwLjDasCHhCrAmMcqwJAH6sCqR-rAvUfqwIMI6sC1iOrAg4mqwJUKKsCXSirAvsrqwL-LqsC1zCrAvEwqwKLMqsC9DOrAm80qwJWNqsChTarAow2qwJBN6sCHjirAlI5qwJCOqsCZDqrApA6qwKVOqsCDTyrAiM8qwKePKsCojyrAu4-qwL3PqsCQT-rAn4_qwI3QKsCMEGrAjZBqwLIQasC9kGrAnlEqwJmRasCvkWrAtYmEAOaOvoD2jNMBdGGIwoUyPsSItb7Elre-xI9-PsSUfv7Ev4A_BLzAfwStgL8EqQE_BJcBfwS9gX8ElwG_BINCPwSvwj8EuwI_BIpCfwSeQn8ErgJ_BLcCfwS-lZrGlsAkinWzrUu&awbid_c=AKAmf-CqBTCbbrAp9TWWWmd8lOAK2LPD-AmSig8iGDTKI_d2_NOW61guiniwzEgxqETsb7dKZdD7h4MnchETKHH6pmU7HGDbz00D_hzwljSKfPNMdB8p5d0EmdBJkfv7BYsO6TnE9_tra6IGw2Ez1SBDMOz-V2MipWWBk1zAoWUUcbMKVyjdILw&awbid_d=AKAmf-Bb4a6GySqsB4bVwmfASbmpSBxxBWIVS43iFklivLJ9cH_KAI6RiILTSuAJZpOXVYzqTImP09-yxj7G-TDJhSN08QwJgrnBNu_h0nYYkCYTW6yxGISXSje4spaRDf1k-eGkTAUzQIrlqPHDnTqIUOGMGfrdVb_t3kivsERoje6y8LNYYG3M6yXbF9YndT8pKmoI6QhlWnV4Si49tXUdLuuyI47_BxBBfrb5hPNbpsFcL3Lea6eGxCK26T3lrzlROviQ92D9S2hYvqfHqTuHWZi9HsVbWSbfghCGNSDdOMzoytBMt-5Kmo6zPkMSIZ2hrIzQjM414Hxpjv3bS_pEJMFukMU5PhYCYLNuA5uHTEtmHmDpkwjginuifn1Ce91sIRAnmW607RBo7W_xSqhyBoXmQC5h6ktX00WyXfdhymcoggjr5IgYYjHbjKl8HuL34UvfUWPf7IeBCNoM6TgxI2Da3738YKMRGqDAL-rmsqfXNsfOYmggPFx9aIfAJm-1cMK4XIf2aYvw3yYh4GzLD52JYtUevP2ByztBhdFf3M6BhGUGkk1EER8mOvoi7VRDMxq_EdKcndEx0PtAT9ty2ZKOq10bXWAMJJ9_oDCd3R2pY6cimlYztwf80sh9yxFWs13x8lvebkKLvAFkZ6mV-OfBfaXOKBBsVj99aurRPIdzE_1R-1w&cid=CAQSGwDq26N9zUq-YYyzFkmGlToE7kGlU1IsaYvOqBgBIAo&exk=713857248&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&a_pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 15:58:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
86250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 15:58:21 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6E60 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.197&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&sub_client=bidder-693656&hl=en&aceid=MKwatACRbTQBDXg0AUZ8NAGafzQBvX80Aex_NAH2fzQBXoA0AXCANAHCgDQB14A0AeGANAHngDQB-oA0AQWBNAEPgTQBGYE0ARyBNAEfgTQBK4E0AUCBNAFPgTQBVIE0AVmBNAFlgTQBcIE0AXqBNAF7gTQBg4E0AYWBNAGJgTQBj4E0AZKBNAGYgTQBmYE0AZqBNAGmgTQBq4E0AbGBNAG1gTQBwYE0AcKBNAHNgTQB0YE0AdeBNAHagTQB34E0AUtzQQFTc0EBVXNBAVFG5gEBWA8CsB1cAgUfXAJHH1wCRTyqAug-qgInQqoCKEKqAitCqgIZTaoCr06qAg9WqgL9eKoCp4qqAoCbqgKBm6oCgpuqAhedqgKiqKoC6aiqArGrqgLkrKoClbGqAly2qgJ6uKoCuruqAjrZqgJO2aoCyOKqAqDlqgJd7qoCq_GqAm_4qgIl-6oCQvuqAq_8qgJMBKsCHgarAjkGqwLBB6sCowurAt8LqwLpC6sC6wurAsMMqwLjDasCHhCrAmMcqwJAH6sCqR-rAvUfqwIMI6sC1iOrAg4mqwJUKKsCXSirAvsrqwL-LqsC1zCrAvEwqwKLMqsC9DOrAm80qwJWNqsChTarAow2qwJBN6sCHjirAlI5qwJCOqsCZDqrApA6qwKVOqsCDTyrAiM8qwKePKsCojyrAu4-qwL3PqsCQT-rAn4_qwI3QKsCMEGrAjZBqwLIQasC9kGrAnlEqwJmRasCvkWrAtYmEAOaOvoD2jNMBdGGIwoUyPsSItb7Elre-xI9-PsSUfv7Ev4A_BLzAfwStgL8EqQE_BJcBfwS9gX8ElwG_BINCPwSvwj8EuwI_BIpCfwSeQn8ErgJ_BLcCfwS-lZrGlsAkinWzrUu&awbid_c=AKAmf-CqBTCbbrAp9TWWWmd8lOAK2LPD-AmSig8iGDTKI_d2_NOW61guiniwzEgxqETsb7dKZdD7h4MnchETKHH6pmU7HGDbz00D_hzwljSKfPNMdB8p5d0EmdBJkfv7BYsO6TnE9_tra6IGw2Ez1SBDMOz-V2MipWWBk1zAoWUUcbMKVyjdILw&awbid_d=AKAmf-Bb4a6GySqsB4bVwmfASbmpSBxxBWIVS43iFklivLJ9cH_KAI6RiILTSuAJZpOXVYzqTImP09-yxj7G-TDJhSN08QwJgrnBNu_h0nYYkCYTW6yxGISXSje4spaRDf1k-eGkTAUzQIrlqPHDnTqIUOGMGfrdVb_t3kivsERoje6y8LNYYG3M6yXbF9YndT8pKmoI6QhlWnV4Si49tXUdLuuyI47_BxBBfrb5hPNbpsFcL3Lea6eGxCK26T3lrzlROviQ92D9S2hYvqfHqTuHWZi9HsVbWSbfghCGNSDdOMzoytBMt-5Kmo6zPkMSIZ2hrIzQjM414Hxpjv3bS_pEJMFukMU5PhYCYLNuA5uHTEtmHmDpkwjginuifn1Ce91sIRAnmW607RBo7W_xSqhyBoXmQC5h6ktX00WyXfdhymcoggjr5IgYYjHbjKl8HuL34UvfUWPf7IeBCNoM6TgxI2Da3738YKMRGqDAL-rmsqfXNsfOYmggPFx9aIfAJm-1cMK4XIf2aYvw3yYh4GzLD52JYtUevP2ByztBhdFf3M6BhGUGkk1EER8mOvoi7VRDMxq_EdKcndEx0PtAT9ty2ZKOq10bXWAMJJ9_oDCd3R2pY6cimlYztwf80sh9yxFWs13x8lvebkKLvAFkZ6mV-OfBfaXOKBBsVj99aurRPIdzE_1R-1w&cid=CAQSGwDq26N9zUq-YYyzFkmGlToE7kGlU1IsaYvOqBgBIAo&exk=713857248&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&a_pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
bbeb9bef20e45478eff214445fd7c36c62f1cbdda84fefc809e475ad1372a6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 15:58:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
86250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1280
x-xss-protection
0
server
cafe
etag
8058174711348553767
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 15:58:21 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6E60 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.197&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&sub_client=bidder-693656&hl=en&aceid=MKwatACRbTQBDXg0AUZ8NAGafzQBvX80Aex_NAH2fzQBXoA0AXCANAHCgDQB14A0AeGANAHngDQB-oA0AQWBNAEPgTQBGYE0ARyBNAEfgTQBK4E0AUCBNAFPgTQBVIE0AVmBNAFlgTQBcIE0AXqBNAF7gTQBg4E0AYWBNAGJgTQBj4E0AZKBNAGYgTQBmYE0AZqBNAGmgTQBq4E0AbGBNAG1gTQBwYE0AcKBNAHNgTQB0YE0AdeBNAHagTQB34E0AUtzQQFTc0EBVXNBAVFG5gEBWA8CsB1cAgUfXAJHH1wCRTyqAug-qgInQqoCKEKqAitCqgIZTaoCr06qAg9WqgL9eKoCp4qqAoCbqgKBm6oCgpuqAhedqgKiqKoC6aiqArGrqgLkrKoClbGqAly2qgJ6uKoCuruqAjrZqgJO2aoCyOKqAqDlqgJd7qoCq_GqAm_4qgIl-6oCQvuqAq_8qgJMBKsCHgarAjkGqwLBB6sCowurAt8LqwLpC6sC6wurAsMMqwLjDasCHhCrAmMcqwJAH6sCqR-rAvUfqwIMI6sC1iOrAg4mqwJUKKsCXSirAvsrqwL-LqsC1zCrAvEwqwKLMqsC9DOrAm80qwJWNqsChTarAow2qwJBN6sCHjirAlI5qwJCOqsCZDqrApA6qwKVOqsCDTyrAiM8qwKePKsCojyrAu4-qwL3PqsCQT-rAn4_qwI3QKsCMEGrAjZBqwLIQasC9kGrAnlEqwJmRasCvkWrAtYmEAOaOvoD2jNMBdGGIwoUyPsSItb7Elre-xI9-PsSUfv7Ev4A_BLzAfwStgL8EqQE_BJcBfwS9gX8ElwG_BINCPwSvwj8EuwI_BIpCfwSeQn8ErgJ_BLcCfwS-lZrGlsAkinWzrUu&awbid_c=AKAmf-CqBTCbbrAp9TWWWmd8lOAK2LPD-AmSig8iGDTKI_d2_NOW61guiniwzEgxqETsb7dKZdD7h4MnchETKHH6pmU7HGDbz00D_hzwljSKfPNMdB8p5d0EmdBJkfv7BYsO6TnE9_tra6IGw2Ez1SBDMOz-V2MipWWBk1zAoWUUcbMKVyjdILw&awbid_d=AKAmf-Bb4a6GySqsB4bVwmfASbmpSBxxBWIVS43iFklivLJ9cH_KAI6RiILTSuAJZpOXVYzqTImP09-yxj7G-TDJhSN08QwJgrnBNu_h0nYYkCYTW6yxGISXSje4spaRDf1k-eGkTAUzQIrlqPHDnTqIUOGMGfrdVb_t3kivsERoje6y8LNYYG3M6yXbF9YndT8pKmoI6QhlWnV4Si49tXUdLuuyI47_BxBBfrb5hPNbpsFcL3Lea6eGxCK26T3lrzlROviQ92D9S2hYvqfHqTuHWZi9HsVbWSbfghCGNSDdOMzoytBMt-5Kmo6zPkMSIZ2hrIzQjM414Hxpjv3bS_pEJMFukMU5PhYCYLNuA5uHTEtmHmDpkwjginuifn1Ce91sIRAnmW607RBo7W_xSqhyBoXmQC5h6ktX00WyXfdhymcoggjr5IgYYjHbjKl8HuL34UvfUWPf7IeBCNoM6TgxI2Da3738YKMRGqDAL-rmsqfXNsfOYmggPFx9aIfAJm-1cMK4XIf2aYvw3yYh4GzLD52JYtUevP2ByztBhdFf3M6BhGUGkk1EER8mOvoi7VRDMxq_EdKcndEx0PtAT9ty2ZKOq10bXWAMJJ9_oDCd3R2pY6cimlYztwf80sh9yxFWs13x8lvebkKLvAFkZ6mV-OfBfaXOKBBsVj99aurRPIdzE_1R-1w&cid=CAQSGwDq26N9zUq-YYyzFkmGlToE7kGlU1IsaYvOqBgBIAo&exk=713857248&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&a_pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
890198226d0fa2755e670f66e533d7d78e52eca75788b2023029ad6407ad4664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 15:58:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
86250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9996
x-xss-protection
0
server
cafe
etag
15736932386263499371
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 15:58:21 GMT
l
www.google.com/ads/measurement/ Frame 6E60 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSenw_LM5Byc-9XHsXRaV_4fIeo_6PCU4fZxZ-z5YEz63RMyz7JbmYIhjrQ90TYhLj9rsMBQxiE2TzDeCEWM760hQpTPQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.197&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&sub_client=bidder-693656&hl=en&aceid=MKwatACRbTQBDXg0AUZ8NAGafzQBvX80Aex_NAH2fzQBXoA0AXCANAHCgDQB14A0AeGANAHngDQB-oA0AQWBNAEPgTQBGYE0ARyBNAEfgTQBK4E0AUCBNAFPgTQBVIE0AVmBNAFlgTQBcIE0AXqBNAF7gTQBg4E0AYWBNAGJgTQBj4E0AZKBNAGYgTQBmYE0AZqBNAGmgTQBq4E0AbGBNAG1gTQBwYE0AcKBNAHNgTQB0YE0AdeBNAHagTQB34E0AUtzQQFTc0EBVXNBAVFG5gEBWA8CsB1cAgUfXAJHH1wCRTyqAug-qgInQqoCKEKqAitCqgIZTaoCr06qAg9WqgL9eKoCp4qqAoCbqgKBm6oCgpuqAhedqgKiqKoC6aiqArGrqgLkrKoClbGqAly2qgJ6uKoCuruqAjrZqgJO2aoCyOKqAqDlqgJd7qoCq_GqAm_4qgIl-6oCQvuqAq_8qgJMBKsCHgarAjkGqwLBB6sCowurAt8LqwLpC6sC6wurAsMMqwLjDasCHhCrAmMcqwJAH6sCqR-rAvUfqwIMI6sC1iOrAg4mqwJUKKsCXSirAvsrqwL-LqsC1zCrAvEwqwKLMqsC9DOrAm80qwJWNqsChTarAow2qwJBN6sCHjirAlI5qwJCOqsCZDqrApA6qwKVOqsCDTyrAiM8qwKePKsCojyrAu4-qwL3PqsCQT-rAn4_qwI3QKsCMEGrAjZBqwLIQasC9kGrAnlEqwJmRasCvkWrAtYmEAOaOvoD2jNMBdGGIwoUyPsSItb7Elre-xI9-PsSUfv7Ev4A_BLzAfwStgL8EqQE_BJcBfwS9gX8ElwG_BINCPwSvwj8EuwI_BIpCfwSeQn8ErgJ_BLcCfwS-lZrGlsAkinWzrUu&awbid_c=AKAmf-CqBTCbbrAp9TWWWmd8lOAK2LPD-AmSig8iGDTKI_d2_NOW61guiniwzEgxqETsb7dKZdD7h4MnchETKHH6pmU7HGDbz00D_hzwljSKfPNMdB8p5d0EmdBJkfv7BYsO6TnE9_tra6IGw2Ez1SBDMOz-V2MipWWBk1zAoWUUcbMKVyjdILw&awbid_d=AKAmf-Bb4a6GySqsB4bVwmfASbmpSBxxBWIVS43iFklivLJ9cH_KAI6RiILTSuAJZpOXVYzqTImP09-yxj7G-TDJhSN08QwJgrnBNu_h0nYYkCYTW6yxGISXSje4spaRDf1k-eGkTAUzQIrlqPHDnTqIUOGMGfrdVb_t3kivsERoje6y8LNYYG3M6yXbF9YndT8pKmoI6QhlWnV4Si49tXUdLuuyI47_BxBBfrb5hPNbpsFcL3Lea6eGxCK26T3lrzlROviQ92D9S2hYvqfHqTuHWZi9HsVbWSbfghCGNSDdOMzoytBMt-5Kmo6zPkMSIZ2hrIzQjM414Hxpjv3bS_pEJMFukMU5PhYCYLNuA5uHTEtmHmDpkwjginuifn1Ce91sIRAnmW607RBo7W_xSqhyBoXmQC5h6ktX00WyXfdhymcoggjr5IgYYjHbjKl8HuL34UvfUWPf7IeBCNoM6TgxI2Da3738YKMRGqDAL-rmsqfXNsfOYmggPFx9aIfAJm-1cMK4XIf2aYvw3yYh4GzLD52JYtUevP2ByztBhdFf3M6BhGUGkk1EER8mOvoi7VRDMxq_EdKcndEx0PtAT9ty2ZKOq10bXWAMJJ9_oDCd3R2pY6cimlYztwf80sh9yxFWs13x8lvebkKLvAFkZ6mV-OfBfaXOKBBsVj99aurRPIdzE_1R-1w&cid=CAQSGwDq26N9zUq-YYyzFkmGlToE7kGlU1IsaYvOqBgBIAo&exk=713857248&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&a_pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6E60 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.197&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&sub_client=bidder-693656&hl=en&aceid=MKwatACRbTQBDXg0AUZ8NAGafzQBvX80Aex_NAH2fzQBXoA0AXCANAHCgDQB14A0AeGANAHngDQB-oA0AQWBNAEPgTQBGYE0ARyBNAEfgTQBK4E0AUCBNAFPgTQBVIE0AVmBNAFlgTQBcIE0AXqBNAF7gTQBg4E0AYWBNAGJgTQBj4E0AZKBNAGYgTQBmYE0AZqBNAGmgTQBq4E0AbGBNAG1gTQBwYE0AcKBNAHNgTQB0YE0AdeBNAHagTQB34E0AUtzQQFTc0EBVXNBAVFG5gEBWA8CsB1cAgUfXAJHH1wCRTyqAug-qgInQqoCKEKqAitCqgIZTaoCr06qAg9WqgL9eKoCp4qqAoCbqgKBm6oCgpuqAhedqgKiqKoC6aiqArGrqgLkrKoClbGqAly2qgJ6uKoCuruqAjrZqgJO2aoCyOKqAqDlqgJd7qoCq_GqAm_4qgIl-6oCQvuqAq_8qgJMBKsCHgarAjkGqwLBB6sCowurAt8LqwLpC6sC6wurAsMMqwLjDasCHhCrAmMcqwJAH6sCqR-rAvUfqwIMI6sC1iOrAg4mqwJUKKsCXSirAvsrqwL-LqsC1zCrAvEwqwKLMqsC9DOrAm80qwJWNqsChTarAow2qwJBN6sCHjirAlI5qwJCOqsCZDqrApA6qwKVOqsCDTyrAiM8qwKePKsCojyrAu4-qwL3PqsCQT-rAn4_qwI3QKsCMEGrAjZBqwLIQasC9kGrAnlEqwJmRasCvkWrAtYmEAOaOvoD2jNMBdGGIwoUyPsSItb7Elre-xI9-PsSUfv7Ev4A_BLzAfwStgL8EqQE_BJcBfwS9gX8ElwG_BINCPwSvwj8EuwI_BIpCfwSeQn8ErgJ_BLcCfwS-lZrGlsAkinWzrUu&awbid_c=AKAmf-CqBTCbbrAp9TWWWmd8lOAK2LPD-AmSig8iGDTKI_d2_NOW61guiniwzEgxqETsb7dKZdD7h4MnchETKHH6pmU7HGDbz00D_hzwljSKfPNMdB8p5d0EmdBJkfv7BYsO6TnE9_tra6IGw2Ez1SBDMOz-V2MipWWBk1zAoWUUcbMKVyjdILw&awbid_d=AKAmf-Bb4a6GySqsB4bVwmfASbmpSBxxBWIVS43iFklivLJ9cH_KAI6RiILTSuAJZpOXVYzqTImP09-yxj7G-TDJhSN08QwJgrnBNu_h0nYYkCYTW6yxGISXSje4spaRDf1k-eGkTAUzQIrlqPHDnTqIUOGMGfrdVb_t3kivsERoje6y8LNYYG3M6yXbF9YndT8pKmoI6QhlWnV4Si49tXUdLuuyI47_BxBBfrb5hPNbpsFcL3Lea6eGxCK26T3lrzlROviQ92D9S2hYvqfHqTuHWZi9HsVbWSbfghCGNSDdOMzoytBMt-5Kmo6zPkMSIZ2hrIzQjM414Hxpjv3bS_pEJMFukMU5PhYCYLNuA5uHTEtmHmDpkwjginuifn1Ce91sIRAnmW607RBo7W_xSqhyBoXmQC5h6ktX00WyXfdhymcoggjr5IgYYjHbjKl8HuL34UvfUWPf7IeBCNoM6TgxI2Da3738YKMRGqDAL-rmsqfXNsfOYmggPFx9aIfAJm-1cMK4XIf2aYvw3yYh4GzLD52JYtUevP2ByztBhdFf3M6BhGUGkk1EER8mOvoi7VRDMxq_EdKcndEx0PtAT9ty2ZKOq10bXWAMJJ9_oDCd3R2pY6cimlYztwf80sh9yxFWs13x8lvebkKLvAFkZ6mV-OfBfaXOKBBsVj99aurRPIdzE_1R-1w&cid=CAQSGwDq26N9zUq-YYyzFkmGlToE7kGlU1IsaYvOqBgBIAo&exk=713857248&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&a_pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 15:55:51 GMT
one_click_handler_one_afma.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6E60 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/one_click_handler_one_afma.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.197&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&sub_client=bidder-693656&hl=en&aceid=MKwatACRbTQBDXg0AUZ8NAGafzQBvX80Aex_NAH2fzQBXoA0AXCANAHCgDQB14A0AeGANAHngDQB-oA0AQWBNAEPgTQBGYE0ARyBNAEfgTQBK4E0AUCBNAFPgTQBVIE0AVmBNAFlgTQBcIE0AXqBNAF7gTQBg4E0AYWBNAGJgTQBj4E0AZKBNAGYgTQBmYE0AZqBNAGmgTQBq4E0AbGBNAG1gTQBwYE0AcKBNAHNgTQB0YE0AdeBNAHagTQB34E0AUtzQQFTc0EBVXNBAVFG5gEBWA8CsB1cAgUfXAJHH1wCRTyqAug-qgInQqoCKEKqAitCqgIZTaoCr06qAg9WqgL9eKoCp4qqAoCbqgKBm6oCgpuqAhedqgKiqKoC6aiqArGrqgLkrKoClbGqAly2qgJ6uKoCuruqAjrZqgJO2aoCyOKqAqDlqgJd7qoCq_GqAm_4qgIl-6oCQvuqAq_8qgJMBKsCHgarAjkGqwLBB6sCowurAt8LqwLpC6sC6wurAsMMqwLjDasCHhCrAmMcqwJAH6sCqR-rAvUfqwIMI6sC1iOrAg4mqwJUKKsCXSirAvsrqwL-LqsC1zCrAvEwqwKLMqsC9DOrAm80qwJWNqsChTarAow2qwJBN6sCHjirAlI5qwJCOqsCZDqrApA6qwKVOqsCDTyrAiM8qwKePKsCojyrAu4-qwL3PqsCQT-rAn4_qwI3QKsCMEGrAjZBqwLIQasC9kGrAnlEqwJmRasCvkWrAtYmEAOaOvoD2jNMBdGGIwoUyPsSItb7Elre-xI9-PsSUfv7Ev4A_BLzAfwStgL8EqQE_BJcBfwS9gX8ElwG_BINCPwSvwj8EuwI_BIpCfwSeQn8ErgJ_BLcCfwS-lZrGlsAkinWzrUu&awbid_c=AKAmf-CqBTCbbrAp9TWWWmd8lOAK2LPD-AmSig8iGDTKI_d2_NOW61guiniwzEgxqETsb7dKZdD7h4MnchETKHH6pmU7HGDbz00D_hzwljSKfPNMdB8p5d0EmdBJkfv7BYsO6TnE9_tra6IGw2Ez1SBDMOz-V2MipWWBk1zAoWUUcbMKVyjdILw&awbid_d=AKAmf-Bb4a6GySqsB4bVwmfASbmpSBxxBWIVS43iFklivLJ9cH_KAI6RiILTSuAJZpOXVYzqTImP09-yxj7G-TDJhSN08QwJgrnBNu_h0nYYkCYTW6yxGISXSje4spaRDf1k-eGkTAUzQIrlqPHDnTqIUOGMGfrdVb_t3kivsERoje6y8LNYYG3M6yXbF9YndT8pKmoI6QhlWnV4Si49tXUdLuuyI47_BxBBfrb5hPNbpsFcL3Lea6eGxCK26T3lrzlROviQ92D9S2hYvqfHqTuHWZi9HsVbWSbfghCGNSDdOMzoytBMt-5Kmo6zPkMSIZ2hrIzQjM414Hxpjv3bS_pEJMFukMU5PhYCYLNuA5uHTEtmHmDpkwjginuifn1Ce91sIRAnmW607RBo7W_xSqhyBoXmQC5h6ktX00WyXfdhymcoggjr5IgYYjHbjKl8HuL34UvfUWPf7IeBCNoM6TgxI2Da3738YKMRGqDAL-rmsqfXNsfOYmggPFx9aIfAJm-1cMK4XIf2aYvw3yYh4GzLD52JYtUevP2ByztBhdFf3M6BhGUGkk1EER8mOvoi7VRDMxq_EdKcndEx0PtAT9ty2ZKOq10bXWAMJJ9_oDCd3R2pY6cimlYztwf80sh9yxFWs13x8lvebkKLvAFkZ6mV-OfBfaXOKBBsVj99aurRPIdzE_1R-1w&cid=CAQSGwDq26N9zUq-YYyzFkmGlToE7kGlU1IsaYvOqBgBIAo&exk=713857248&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&a_pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8b7b3af39bc9c88790f0b2548a96f1055e5654837612f82ae31230f3ff044131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 17:09:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
81988
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18001
x-xss-protection
0
server
cafe
etag
5662655178730704539
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 17:09:23 GMT
usersync
usersync.gumgum.com/ Frame 9345
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2619822817631859109
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2619822817631859109
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:51 GMT
AN-X-Request-Uuid
d3405b22-e607-4d8e-bf8f-84fe76b60481
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=2619822817631859109
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9345
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_a636cbe7-8279-4958-b890-abe0dbbf1a49&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3D705b2411-319c-4b14-a843-22ef020...
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=HCIqNVSG1OVkLt5&expires=30&ssp=gumgum2&bsw_param=705b2411-319c-4b14-a843-22ef020a85ca
  • https://usersync.gumgum.com/usersync?b=bsw&i=705b2411-319c-4b14-a843-22ef020a85ca
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=705b2411-319c-4b14-a843-22ef020a85ca
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=705b2411-319c-4b14-a843-22ef020a85ca
Date
Wed, 16 Nov 2022 15:55:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 9345
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-188f12ba-dbfd-4929-63b3-9f0119446c8b$ip$116.90.74.197
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-188f12ba-dbfd-4929-63b3-9f0119446c8b$ip$116.90.74.197
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-188f12ba-dbfd-4929-63b3-9f0119446c8b$ip$116.90.74.197
Date
Wed, 16 Nov 2022 15:55:52 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
23178
stags.bluekai.com/site/ Frame 9345
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_a636cbe7-8279-4958-b890-abe0dbbf1a49&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=VxIyNl3vAOXIjjM_qlT5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
0
0
usersync
usersync.gumgum.com/ Frame 9345
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6095151003
  • https://sync.1rx.io/usersync/tradedesk/11fe43f3-fdaf-4e93-a99a-20f132d88aae
  • https://sync.targeting.unrulymedia.com/csync/RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
date
Wed, 16 Nov 2022 15:55:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2a46fe75a550453d90593a5278f7f8a6004
content-type
text/html
usersync
usersync.gumgum.com/ Frame 9345
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=HdfX6VhaSwVQ&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=HdfX6VhaSwVQ&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=HdfX6VhaSwVQ&ev=1&pid=558355
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d97b86c77-8kxs7
expires
-1
cookie-sync
sync.outbrain.com/ Frame 9345
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%285Wk5tO34SYujKQoTPcQttIMWAR3ddV9wyv3_2JnMi86VgXNUX3feGY0iszPRBZGz%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_a636cbe7-8279-4958-b890-abe0dbbf1a49&obuid=ENC(5Wk5tO34SYujKQoTPcQttIMWAR3ddV9wyv3_2JnMi86VgXNUX3feGY0iszPRBZGz)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://creativecdn.com/cm-notify?pi=outbrain&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=lUNiwk7HDFS1zHnbAq8u&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=lUNiwk7HDFS1zHnbAq8u&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
38.133.127.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:55:53 GMT
Cache-Control
no-cache
X-TraceId
8cf4c44fef7892d134694faae8cf3493
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=lUNiwk7HDFS1zHnbAq8u&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
pragma
no-cache
date
Wed, 16 Nov 2022 15:55:53 GMT, Wed, 16 Nov 2022 15:55:53 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9345
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=26898964-d862-4fc1-bd5a-581dfba67acc
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=26898964-d862-4fc1-bd5a-581dfba67acc
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 16 Nov 2022 15:55:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=26898964-d862-4fc1-bd5a-581dfba67acc
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 9345
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Y3nN_MFE2pcMTwGfFFj938QYIgkRMr2NfoHh~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-Y3nN_MFE2pcMTwGfFFj938QYIgkRMr2NfoHh~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-Y3nN_MFE2pcMTwGfFFj938QYIgkRMr2NfoHh~A
content-length
0
usersync
usersync.gumgum.com/ Frame 9345
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=921a6151-3110-4680-89a6-307395445772
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=921a6151-3110-4680-89a6-307395445772
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=921a6151-3110-4680-89a6-307395445772
Date
Wed, 16 Nov 2022 15:55:53 GMT
Connection
keep-alive
X-CI-RTID
64f3f7ef-633b-4546-8223-fe69862c014f
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 9345 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.158.42.199 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
404728424
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 9345 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 9345
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=0cd6dd90-289f-4e28-8225-ce4c1ecf1e22
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=0cd6dd90-289f-4e28-8225-ce4c1ecf1e22
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=0cd6dd90-289f-4e28-8225-ce4c1ecf1e22
access-control-allow-origin
*
date
Wed, 16 Nov 2022 15:55:53 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 9345
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4594210909283810098
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4594210909283810098
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:53 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4594210909283810098
date
Wed, 16 Nov 2022 15:55:52 GMT
content-length
0
sync
ads.servenobid.com/ Frame 9345 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_a636cbe7-8279-4958-b890-abe0dbbf1a49
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AD3E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.32.206 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-32-206.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=36643
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 15:55:51 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 17 Nov 2022 02:06:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame BFA3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=11fe43f3-fdaf-4e93-a99a-20f132d88aae
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=11fe43f3-fdaf-4e93-a99a-20f132d88aae
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 16 Nov 2022 15:55:52 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Wed, 16 Nov 2022 15:55:51 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=11fe43f3-fdaf-4e93-a99a-20f132d88aae
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 477B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 16 Nov 2022 15:55:52 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 16 Nov 2022 15:55:51 GMT
Expires
Wed, 16 Nov 2022 15:55:50 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4629 97bee97 master hkg-pixel-x20 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 7ED4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y3UIBwAIIFR7WQAW
  • https://usersync.gumgum.com/usersync?b=atm&i=Y3UIBwAIIFR7WQAW&gdpr=0&gdpr_consent=&_test=Y3UIBwAIIFR7WQAW
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y3UIBwAIIFR7WQAW&gdpr=0&gdpr_consent=&_test=Y3UIBwAIIFR7WQAW
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 16 Nov 2022 15:55:52 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 16 Nov 2022 15:55:52 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y3UIBwAIIFR7WQAW&gdpr=0&gdpr_consent=&_test=Y3UIBwAIIFR7WQAW
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11266-MEL
x-timer
S1668614152.091001,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame EA03 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hNjM2Y2JlNy04Mjc5LTQ5NTgtYjg5MC1hYmUwZGJiZjFhNDk=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:51 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame 97A2 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.33.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-33-18.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 16 Nov 2022 15:55:51 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 703B
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y3UIB8Co8YkAAFKwnfYAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y3UIB8Co8YkAAFKwnfYAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 16 Nov 2022 15:55:52 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 16 Nov 2022 15:55:51 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y3UIB8Co8YkAAFKwnfYAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
8
X-SO-Cluster-ID
41
X-SO-HostName
m-ad120.dc4p.scaleout.jp
X-SO-IP
116.90.74.197
X-SO-Key
Y3UIB8Co8YkAAFKwnfYAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":41,"gdpr":false,"ipv4":"116.90.74.197","key":"Y3UIB8Co8YkAAFKwnfYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad120"}
X-SO-LB-Hostname
m-tgng37.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad120
gumgum
cs.admanmedia.com/sync/ Frame 75A0 		0
0
usersync
usersync.gumgum.com/ Frame A478
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y3UIBqQdqjPD9BouCJPzsQAA%265332
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y3UIBqQdqjPD9BouCJPzsQAA%265332
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 16 Nov 2022 15:55:52 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76b169ce3837aaed-SYD
content-length
0
date
Wed, 16 Nov 2022 15:55:51 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y3UIBqQdqjPD9BouCJPzsQAA%265332
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXsh0fx0YAj4AI%2B1T3x5QXPhP9ptGoS2DSy1CdcKpEAdGc9%2B%2FyN7OFaCGFvn2y7TxazQ%2F3kwdor9KhSSGZQY9UjhI5eZiPadtpxUOq2esp7FK45DvW7ZDXRAb1lXftn%2B7AB90vQe1MBc2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame F488
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=lUNiwk7HDFS1zHnbAq8u&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=lUNiwk7HDFS1zHnbAq8u&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 16 Nov 2022 15:55:53 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 16 Nov 2022 15:55:52 GMT Wed, 16 Nov 2022 15:55:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=lUNiwk7HDFS1zHnbAq8u&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 3946
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 15:55:51 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 16 Nov 2022 15:55:51 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E7EB 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.128.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-128-115.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame E7EB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2619822817631859109
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2619822817631859109
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
AN-X-Request-Uuid
a8e33023-f624-46eb-b3fc-ee4a88dad40f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2619822817631859109
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E7EB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3732945120016780590
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3732945120016780590
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3732945120016780590
pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame E7EB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=98466375-0806-4f00-8e5d-7a4fc39ae493
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=98466375-0806-4f00-8e5d-7a4fc39ae493
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 16 Nov 2022 15:55:51 GMT
Server
MT3 169 32252b7 master hkg-pixel-x1 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=98466375-0806-4f00-8e5d-7a4fc39ae493
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Nov 2022 15:55:50 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E7EB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBVb-kyyvWcaSJXcAmGSOhc&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBVb-kyyvWcaSJXcAmGSOhc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
H3
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3atHM8Y6qUHLxfPjhd3crWcLShcUnC3DTe7fWlSMTdeEaaDyTuECrVPhawR4GkbBNPOfM8CIDwcx6gahbohxmlH4AF7fJnQYcACBnFKYSZOMXRszbtg6JCG1x1nzgkJ0uBQqxBB39C%2BPYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76b169d0597caaed-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBVb-kyyvWcaSJXcAmGSOhc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E7EB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=ZcRZoWPPXqJ-lAv3a5RD8jKSWKR-z1agNpRyp3OI
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=ZcRZoWPPXqJ-lAv3a5RD8jKSWKR-z1agNpRyp3OI
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=ZcRZoWPPXqJ-lAv3a5RD8jKSWKR-z1agNpRyp3OI
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame E7EB 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.242.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-242-203.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame E7EB
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_63750807f3fd6&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63750807f3fd6
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63750807f3fd6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Wed, 16 Nov 2022 15:55:52 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_63750807f3fd6
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
htw-pixel.gif
js-sec.indexww.com/ht/ Frame E7EB 		43 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Y3UIBqQdqjPD9BouCJPzsQAA%265332
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&us_privacy=&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
26
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
76b169cffcd91c60-AKL
content-length
43
expires
Wed, 16 Nov 2022 19:55:51 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 95CF 		210 B
405 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
8891087773f2889e09fade7d47139b145c017cf1b0292c2851a996f899c60a21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 95CF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 95CF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CB03 		33 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095027&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150350&bpp=13&bdt=393&idt=1001&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=2&ga_vid=1152364600.1668614150&ga_sid=1668614151&ga_hid=1706757183&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070923%2C44770880&oid=2&pvsid=4255099490561129&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.etkkt8rxbycr&fsb=1&dtd=1023
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
62480a29805346f20d8c43f7eeac1f0364f1071c706ca1a93ea4b5e12b91a308
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12730
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync
ads.servenobid.com/ Frame 8EAB
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LAJTS2X6-O-7T07
  • https://ads.servenobid.com/sync?pid=323&uid=LAJTS2X6-O-7T07
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LAJTS2X6-O-7T07
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LAJTS2X6-O-7T07
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
cksync.php
contextual.media.net/ Frame 8682
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LAJTS2X6-O-7T07
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAJTS2X6-O-7T07
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAJTS2X6-O-7T07
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 16 Nov 2022 15:55:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 16 Nov 2022 15:55:51 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAJTS2X6-O-7T07
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
css
fonts.googleapis.com/ Frame 36D5 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 16 Nov 2022 15:55:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 15:53:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Nov 2022 15:55:52 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 36D5 		2 KB
771 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:36:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
83984
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:36:07 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 36D5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtydLBgh1Y7LJB5qd3LUP15CigArT6NuvbYyxz6vYDcCNtwEQASC6hMAzYKvssYXgGKABg6OmzQPIAQmpAsvUh66jvaQ-4AIAqAMByAPLBKoE3gJP0D7hsEbEFjb1W7KPRqs7TF2H9ukDkCH71CdJInL-eUs30mTpowKnG6TLH-f8l_-XBFIGw6Ms5wyXwWz2BoO4AkL1tdtNXmTN_wtE00qBXnd16c8GXDh4CKkbYcAVcD_Cgt3K-yDPDRJLEqz_PEj9VJ5csjCIA5EqAOMwIa6gVY2z19WUhRsVg5fWlDddv1PHR3b9usZ6EupM4z3X_eF-4-3c-TvTFP2IJlaXFmQOk0I3jQoUFo98GLSpMZOlaGWCLuLoO96kBH6ArsobH7QYFhpgHSrJRNdkUNjbBVq2cNhRMHgaXJVU7xnFJpBOHfnqDkUQSYNi-QoNwCGWOUcrtvIixyaOpVdv6sIqG3jeoirPSaya4u3jB5T6NzNEJd8dcfMaYJO7EbqL5j-nM1ceFxPfpQI8zVKar_Cda6HV1H6BWYK00hHpTPjgWFLYIGPAeDGqPkRQ_jfLDs8rw8AEhLv0jroD4AQBkgUECAQYAZIFBAgFGASgBi6AB-Xc2TKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQs-wB0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDyAsB2BMKiBQD0BUBmBYBgBcBshceChwIABIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=wt8_V8FL8PM&uach_m=[UACH]&cid=CAQSOwDq26N9XBkVlfkQHu-YsVJ7Jk6Hil5eppjiLs5DpQfvSrAxJLdgivZ51Lr_WtnskhiiKiGFyg9nQJZVGAEgEw&template_id=494
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 36D5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:36:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
83984
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:36:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 36D5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
84751
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:23:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 36D5 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
84750
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:23:21 GMT
l
www.google.com/ads/measurement/ Frame 36D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzezaCdFkPg_RoMliJ47UG-aCok2t3MoZzdafOBIYXqF58ZHXihY9P78_l3r8z7h1NcyT16fv--rAngXn44K7glIWuAg
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 36D5 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 15:55:51 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame 36D5 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 19:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Fri, 11 Nov 2022 21:18:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 13 Feb 2023 19:04:54 GMT
11126570955585836825
tpc.googlesyndication.com/gpa_images/simgad/ Frame 36D5 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/11126570955585836825
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
2026ef4257b0142c5eb892e5f548c6a7ada42f909d7fe27c9a8ae84dd9a5fb5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:39:37 GMT
x-content-type-options
nosniff
age
974
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143639
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 15:39:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 16 Nov 2023 15:39:37 GMT
6439036728918433679
tpc.googlesyndication.com/gpa_images/simgad/ Frame 36D5 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/6439036728918433679
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
8b1fe3a55d0d5698f9573a1a0248177c9a899dcb14179cae60486deb0160abb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 11:34:11 GMT
x-content-type-options
nosniff
age
15700
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134339
x-xss-protection
0
last-modified
Fri, 11 Nov 2022 04:15:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 16 Nov 2023 11:34:11 GMT
14807583870035883141
tpc.googlesyndication.com/gpa_images/simgad/ Frame 36D5 		159 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/14807583870035883141
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
a694aa56811f0d9a09cf498af9bee57ff1d5912e00e52a70465913eaf9ba9ced
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 09:05:27 GMT
x-content-type-options
nosniff
age
24624
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163237
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 15:42:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 16 Nov 2023 09:05:27 GMT
14331007951979631480
tpc.googlesyndication.com/gpa_images/simgad/ Frame 36D5 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/14331007951979631480
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
df8f82c5e57971760b55b9015c958bc497ba21e1a92aaf2a10519683f00f5ad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 07:43:03 GMT
x-content-type-options
nosniff
age
29568
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124790
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 15:40:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 16 Nov 2023 07:43:03 GMT
1547460252900865510
tpc.googlesyndication.com/gpa_images/simgad/ Frame 36D5 		165 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/1547460252900865510
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
fb8d595b88eed1edd2e7179c8e50be37945cf2d9895801317d22bbab738c869f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
169116
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 18:09:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 16 Nov 2023 15:55:51 GMT
6221982920796084867
tpc.googlesyndication.com/simgad/ Frame 36D5
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnhtPIdhDRBBiVATIIiDiTMPPfvFo
  • https://tpc.googlesyndication.com/simgad/6221982920796084867
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6221982920796084867
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
33bcaaa35a2ba107eeedb9d3bea5c83f42a44067e50c02a651f997efd000fa91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 04:11:21 GMT
x-content-type-options
nosniff
age
42271
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5841
x-xss-protection
0
last-modified
Tue, 31 Mar 2020 01:25:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 16 Nov 2023 04:11:21 GMT

Redirect headers

date
Tue, 15 Nov 2022 18:19:11 GMT
x-content-type-options
nosniff
server
cafe
age
77800
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/6221982920796084867
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 18:19:11 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 8F04 		210 B
266 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
cf97289315e560dda99c804304e1f360563e3661a6c8333f380599d3f5284aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 8F04 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8F04 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 265E 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
3cfafee28766282303cae247fe7b71bc3878724932d23059ce051476da7dd5e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
13070
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=f923dc9a-6567-4b89-a6ec-3fb9ed616181
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21503&id=f923dc9a-6567-4b89-a6ec-3fb9ed616181
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:53 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Location
//cs.minutemedia-prebid.com/cs?aid=21503&id=f923dc9a-6567-4b89-a6ec-3fb9ed616181
Date
Wed, 16 Nov 2022 15:55:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212030491315847
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212030491315847
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:52 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212030491315847
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=deb4ef0b-d43b-5440-948c-f28df7f9fa85
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21505&id=deb4ef0b-d43b-5440-948c-f28df7f9fa85
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:52 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21505&id=deb4ef0b-d43b-5440-948c-f28df7f9fa85
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-d048e3e4-f726-324c-b4e7-cad8247aa29d
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-d048e3e4-f726-324c-b4e7-cad8247aa29d
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:52 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-d048e3e4-f726-324c-b4e7-cad8247aa29d
pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
services
sync.technoratimedia.com/ Frame ADEC 		0
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21483%26id%3D%5BUSER_ID%5D
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.158.42.199 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
934276718
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://cs.iqzone.com/3e1ed898b08f9e935ca99407796b46c0.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21508%26puid%3D[UID]
  • https://cs.minutemedia-prebid.com/cs?aid=21508&puid=854752fd-7b64-4b91-afd8-ee7fb5c719d7
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21508&puid=854752fd-7b64-4b91-afd8-ee7fb5c719d7
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:53 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Transfer-Encoding
chunked
Location
https://cs.minutemedia-prebid.com/cs?aid=21508&puid=854752fd-7b64-4b91-afd8-ee7fb5c719d7
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
minute_media
cs.admanmedia.com/sync/ Frame ADEC 		0
0
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y3UIBqQdqjPD9BouCJPzsQAA%265332
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y3UIBqQdqjPD9BouCJPzsQAA%265332
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:52 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fe2%2BGa7jSzvcS9%2B0M1krCnymsuxXtUlURLCCU4dP9szEDTsiM2TksZS6Aq3j8sANz%2FbkC%2Be%2FyYWXP%2BB23LkHRo3KXP0l51Q30iMmJjPb4%2FmJE86%2FWDfSv567ODnU3gnevYG%2FQTyDxUW7Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y3UIBqQdqjPD9BouCJPzsQAA%265332
cache-control
no-cache
cf-ray
76b169cfb909aaed-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=3824555865601848258201
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=3824555865601848258201
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:53 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=3824555865601848258201
date
Wed, 16 Nov 2022 15:55:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
19789
prebid.a-mo.net/cchain/7/ Frame ADEC
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F19789%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dcc4de2f7-fe76-4125-8caa-605e758cd934...
  • https://prebid.a-mo.net/cchain/0/19789?gdpr=&gdpr_consent=&us_privacy=&A=cc4de2f7-fe76-4125-8caa-605e758cd934&bidder=pubmatic&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F19789%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dcc4de2f...
  • https://prebid.a-mo.net/cchain/2/19789?gdpr=&gdpr_consent=&us_privacy=&A=cc4de2f7-fe76-4125-8caa-605e758cd934&bidder=index_rtb&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aW...
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F19789%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dcc4de2f7-fe76-4125-8caa-605e758cd934%26bidder%3Dtriplelift%26...
  • https://prebid.a-mo.net/cchain/3/19789?gdpr=&gdpr_consent=&us_privacy=&A=cc4de2f7-fe76-4125-8caa-605e758cd934&bidder=triplelift&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1a...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F19789%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dcc4de2f7-fe76-4125-8caa-605e758cd934%26bidder%3Dappnexus%26cbx%3DaHR...
  • https://prebid.a-mo.net/cchain/5/19789?gdpr=&gdpr_consent=&us_privacy=&A=cc4de2f7-fe76-4125-8caa-605e758cd934&bidder=appnexus&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ...
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F6%2F19789%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dcc4de2f7-...
  • https://prebid.a-mo.net/cchain/6/19789?gdpr=&gdpr_consent=&us_privacy=&A=cc4de2f7-fe76-4125-8caa-605e758cd934&bidder=zeta&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&ui...
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F19789%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3Dcc4de2f7-fe76-4125-8caa-605e75...
  • https://prebid.a-mo.net/cchain/7/19789?gdpr=&gdpr_consent=&us_privacy=&A=cc4de2f7-fe76-4125-8caa-605e758cd934&bidder=sovrn&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&u...
0
0
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=48edcf10-8fe5-48c3-a2b9-510773f5f16f
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=48edcf10-8fe5-48c3-a2b9-510773f5f16f
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:53 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

date
Wed, 16 Nov 2022 15:55:52 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=48edcf10-8fe5-48c3-a2b9-510773f5f16f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=0cd6dd90-289f-4e28-8225-ce4c1ecf1e22
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21489&id=0cd6dd90-289f-4e28-8225-ce4c1ecf1e22
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:54 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21489&id=0cd6dd90-289f-4e28-8225-ce4c1ecf1e22
access-control-allow-origin
*
date
Wed, 16 Nov 2022 15:55:53 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=1486928c-dd63-4acc-9bc7-833b807b2d20&gdpr=0
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21496&id=1486928c-dd63-4acc-9bc7-833b807b2d20&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:53 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21496&id=1486928c-dd63-4acc-9bc7-833b807b2d20&gdpr=0
date
Wed, 16 Nov 2022 15:55:53 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004&rndcb=1290774062
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=705b2411-319c-4b14-a843-22ef020a85ca&google_hm=NzA1YjI0MTEtMzE5Yy00YjE0LWE4NDMtMjJlZjAyMGE4...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENE0ZSlih2_0_Qtj-d71TSM&google_cver=1&ssp=adconductor&bsw_param=705b2411-319c-4b14-a843-22ef020a85ca
  • https://sync.1rx.io/usersync/bidswitch/705b2411-319c-4b14-a843-22ef020a85ca?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-2a46fe75-a550-453d-9059-3a5278f7f...
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:55 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
date
Wed, 16 Nov 2022 15:55:54 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2a46fe75a550453d90593a5278f7f8a6004
content-type
text/html
sync
sync.bfmio.com/ Frame ADEC
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=186
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
54.84.45.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-45-215.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 16 Nov 2022 15:55:54 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
183
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=HdfX6VhaSwVQ&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=HdfX6VhaSwVQ&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:53 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=HdfX6VhaSwVQ&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d97b86c77-8kxs7
expires
-1
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=4594210909283810098&gdpr=0&gdpr_consent=
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=4594210909283810098&gdpr=0&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:54 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=4594210909283810098&gdpr=0&gdpr_consent=
date
Wed, 16 Nov 2022 15:55:53 GMT
content-length
0
us
sync.go.sonobi.com/ Frame ADEC 		0
0
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=B9DA278A-8A84-4BF3-988A-978B8497E325
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=B9DA278A-8A84-4BF3-988A-978B8497E325
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:54 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=B9DA278A-8A84-4BF3-988A-978B8497E325
date
Wed, 16 Nov 2022 15:55:54 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER...
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=b30aa90c280450af725a35668da26886
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21502&id=b30aa90c280450af725a35668da26886
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:54 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:54 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs.minutemedia-prebid.com/cs?aid=21502&id=b30aa90c280450af725a35668da26886
x-kong-upstream-latency
5
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A&gdpr=0&gdpr_consent=
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A&gdpr=0&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:54 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A&gdpr=0&gdpr_consent=
date
Wed, 16 Nov 2022 15:55:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=ge2fd786148b14393a1b&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=ge2fd786148b14393a1b&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:55 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:54 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=ge2fd786148b14393a1b&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=FqV7CLZHjqU-OgFCQc6Tkmfl
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21488&id=FqV7CLZHjqU-OgFCQc6Tkmfl
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:55 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Date
Wed, 16 Nov 2022 15:55:55 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cs.minutemedia-prebid.com/cs?aid=21488&id=FqV7CLZHjqU-OgFCQc6Tkmfl
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21501&puid=61fe60c6-fc2a-4731-8fdd-4a5bd65a6cdb
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21501&puid=61fe60c6-fc2a-4731-8fdd-4a5bd65a6cdb
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:56 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:55 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.minutemedia-prebid.com/cs?aid=21501&puid=61fe60c6-fc2a-4731-8fdd-4a5bd65a6cdb
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.minutemedia-prebid.com/ Frame ADEC
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=2619822817631859109
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21484&id=2619822817631859109
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Wed, 16 Nov 2022 15:55:55 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:55 GMT
AN-X-Request-Uuid
941bd9f3-fd58-4377-92f2-e1513e9e676d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cs.minutemedia-prebid.com/cs?aid=21484&id=2619822817631859109
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame ADEC 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=F0BeZ0Zak_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
19fc6daa3a926256
ads.us.e-planning.net/uspd/1/ Frame 6542
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
872 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.120.110.136 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
08e134da8552a28d0118116ca5db7cb23b5a19960a989f864d15fd41aeafc99a

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-length
872
content-type
text/html
date
Wed, 16 Nov 2022 15:55:52 GMT
expires
Wed, 16 Nov 2022 15:55:52 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-726

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Wed, 16 Nov 2022 15:55:52 GMT
location
/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-726
/
onetag-sys.com/usync/ Frame 76CC 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
8b271e06b650cd8579cbb12aff74c3bd4a8d8829203badc08782ccdbe82df7e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1406
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame F96E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 15:55:51 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 16 Nov 2022 15:55:51 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
s
googleads.g.doubleclick.net/pagead/drt/ Frame 990A 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.197&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&sub_client=bidder-693656&hl=en&aceid=MKwatACRbTQBDXg0AUZ8NAGafzQBvX80Aex_NAH2fzQBXoA0AXCANAHCgDQB14A0AeGANAHngDQB-oA0AQWBNAEPgTQBGYE0ARyBNAEfgTQBK4E0AUCBNAFPgTQBVIE0AVmBNAFlgTQBcIE0AXqBNAF7gTQBg4E0AYWBNAGJgTQBj4E0AZKBNAGYgTQBmYE0AZqBNAGmgTQBq4E0AbGBNAG1gTQBwYE0AcKBNAHNgTQB0YE0AdeBNAHagTQB34E0AUtzQQFTc0EBVXNBAVFG5gEBWA8CsB1cAgUfXAJHH1wCRTyqAug-qgInQqoCKEKqAitCqgIZTaoCr06qAg9WqgL9eKoCp4qqAoCbqgKBm6oCgpuqAhedqgKiqKoC6aiqArGrqgLkrKoClbGqAly2qgJ6uKoCuruqAjrZqgJO2aoCyOKqAqDlqgJd7qoCq_GqAm_4qgIl-6oCQvuqAq_8qgJMBKsCHgarAjkGqwLBB6sCowurAt8LqwLpC6sC6wurAsMMqwLjDasCHhCrAmMcqwJAH6sCqR-rAvUfqwIMI6sC1iOrAg4mqwJUKKsCXSirAvsrqwL-LqsC1zCrAvEwqwKLMqsC9DOrAm80qwJWNqsChTarAow2qwJBN6sCHjirAlI5qwJCOqsCZDqrApA6qwKVOqsCDTyrAiM8qwKePKsCojyrAu4-qwL3PqsCQT-rAn4_qwI3QKsCMEGrAjZBqwLIQasC9kGrAnlEqwJmRasCvkWrAtYmEAOaOvoD2jNMBdGGIwoUyPsSItb7Elre-xI9-PsSUfv7Ev4A_BLzAfwStgL8EqQE_BJcBfwS9gX8ElwG_BINCPwSvwj8EuwI_BIpCfwSeQn8ErgJ_BLcCfwS-lZrGlsAkinWzrUu&awbid_c=AKAmf-CqBTCbbrAp9TWWWmd8lOAK2LPD-AmSig8iGDTKI_d2_NOW61guiniwzEgxqETsb7dKZdD7h4MnchETKHH6pmU7HGDbz00D_hzwljSKfPNMdB8p5d0EmdBJkfv7BYsO6TnE9_tra6IGw2Ez1SBDMOz-V2MipWWBk1zAoWUUcbMKVyjdILw&awbid_d=AKAmf-Bb4a6GySqsB4bVwmfASbmpSBxxBWIVS43iFklivLJ9cH_KAI6RiILTSuAJZpOXVYzqTImP09-yxj7G-TDJhSN08QwJgrnBNu_h0nYYkCYTW6yxGISXSje4spaRDf1k-eGkTAUzQIrlqPHDnTqIUOGMGfrdVb_t3kivsERoje6y8LNYYG3M6yXbF9YndT8pKmoI6QhlWnV4Si49tXUdLuuyI47_BxBBfrb5hPNbpsFcL3Lea6eGxCK26T3lrzlROviQ92D9S2hYvqfHqTuHWZi9HsVbWSbfghCGNSDdOMzoytBMt-5Kmo6zPkMSIZ2hrIzQjM414Hxpjv3bS_pEJMFukMU5PhYCYLNuA5uHTEtmHmDpkwjginuifn1Ce91sIRAnmW607RBo7W_xSqhyBoXmQC5h6ktX00WyXfdhymcoggjr5IgYYjHbjKl8HuL34UvfUWPf7IeBCNoM6TgxI2Da3738YKMRGqDAL-rmsqfXNsfOYmggPFx9aIfAJm-1cMK4XIf2aYvw3yYh4GzLD52JYtUevP2ByztBhdFf3M6BhGUGkk1EER8mOvoi7VRDMxq_EdKcndEx0PtAT9ty2ZKOq10bXWAMJJ9_oDCd3R2pY6cimlYztwf80sh9yxFWs13x8lvebkKLvAFkZ6mV-OfBfaXOKBBsVj99aurRPIdzE_1R-1w&cid=CAQSGwDq26N9zUq-YYyzFkmGlToE7kGlU1IsaYvOqBgBIAo&exk=713857248&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&a_pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.197&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&sub_client=bidder-693656&hl=en&aceid=MKwatACRbTQBDXg0AUZ8NAGafzQBvX80Aex_NAH2fzQBXoA0AXCANAHCgDQB14A0AeGANAHngDQB-oA0AQWBNAEPgTQBGYE0ARyBNAEfgTQBK4E0AUCBNAFPgTQBVIE0AVmBNAFlgTQBcIE0AXqBNAF7gTQBg4E0AYWBNAGJgTQBj4E0AZKBNAGYgTQBmYE0AZqBNAGmgTQBq4E0AbGBNAG1gTQBwYE0AcKBNAHNgTQB0YE0AdeBNAHagTQB34E0AUtzQQFTc0EBVXNBAVFG5gEBWA8CsB1cAgUfXAJHH1wCRTyqAug-qgInQqoCKEKqAitCqgIZTaoCr06qAg9WqgL9eKoCp4qqAoCbqgKBm6oCgpuqAhedqgKiqKoC6aiqArGrqgLkrKoClbGqAly2qgJ6uKoCuruqAjrZqgJO2aoCyOKqAqDlqgJd7qoCq_GqAm_4qgIl-6oCQvuqAq_8qgJMBKsCHgarAjkGqwLBB6sCowurAt8LqwLpC6sC6wurAsMMqwLjDasCHhCrAmMcqwJAH6sCqR-rAvUfqwIMI6sC1iOrAg4mqwJUKKsCXSirAvsrqwL-LqsC1zCrAvEwqwKLMqsC9DOrAm80qwJWNqsChTarAow2qwJBN6sCHjirAlI5qwJCOqsCZDqrApA6qwKVOqsCDTyrAiM8qwKePKsCojyrAu4-qwL3PqsCQT-rAn4_qwI3QKsCMEGrAjZBqwLIQasC9kGrAnlEqwJmRasCvkWrAtYmEAOaOvoD2jNMBdGGIwoUyPsSItb7Elre-xI9-PsSUfv7Ev4A_BLzAfwStgL8EqQE_BJcBfwS9gX8ElwG_BINCPwSvwj8EuwI_BIpCfwSeQn8ErgJ_BLcCfwS-lZrGlsAkinWzrUu&awbid_c=AKAmf-CqBTCbbrAp9TWWWmd8lOAK2LPD-AmSig8iGDTKI_d2_NOW61guiniwzEgxqETsb7dKZdD7h4MnchETKHH6pmU7HGDbz00D_hzwljSKfPNMdB8p5d0EmdBJkfv7BYsO6TnE9_tra6IGw2Ez1SBDMOz-V2MipWWBk1zAoWUUcbMKVyjdILw&awbid_d=AKAmf-Bb4a6GySqsB4bVwmfASbmpSBxxBWIVS43iFklivLJ9cH_KAI6RiILTSuAJZpOXVYzqTImP09-yxj7G-TDJhSN08QwJgrnBNu_h0nYYkCYTW6yxGISXSje4spaRDf1k-eGkTAUzQIrlqPHDnTqIUOGMGfrdVb_t3kivsERoje6y8LNYYG3M6yXbF9YndT8pKmoI6QhlWnV4Si49tXUdLuuyI47_BxBBfrb5hPNbpsFcL3Lea6eGxCK26T3lrzlROviQ92D9S2hYvqfHqTuHWZi9HsVbWSbfghCGNSDdOMzoytBMt-5Kmo6zPkMSIZ2hrIzQjM414Hxpjv3bS_pEJMFukMU5PhYCYLNuA5uHTEtmHmDpkwjginuifn1Ce91sIRAnmW607RBo7W_xSqhyBoXmQC5h6ktX00WyXfdhymcoggjr5IgYYjHbjKl8HuL34UvfUWPf7IeBCNoM6TgxI2Da3738YKMRGqDAL-rmsqfXNsfOYmggPFx9aIfAJm-1cMK4XIf2aYvw3yYh4GzLD52JYtUevP2ByztBhdFf3M6BhGUGkk1EER8mOvoi7VRDMxq_EdKcndEx0PtAT9ty2ZKOq10bXWAMJJ9_oDCd3R2pY6cimlYztwf80sh9yxFWs13x8lvebkKLvAFkZ6mV-OfBfaXOKBBsVj99aurRPIdzE_1R-1w&cid=CAQSGwDq26N9zUq-YYyzFkmGlToE7kGlU1IsaYvOqBgBIAo&exk=713857248&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&a_pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
1525
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:30:26 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
match
c1.adform.net/serving/cookie/ Frame A833
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 16 Nov 2022 15:55:52 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 16 Nov 2022 15:55:52 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame C17A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=0&gdpr_consent=
42 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 15:55:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 16 Nov 2022 15:55:51 GMT
Expires
Wed, 16 Nov 2022 15:55:50 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4629 97bee97 master hkg-pixel-x27 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=0&gdpr_consent=
/
onetag-sys.com/match/ Frame F9D9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3UIBwAIIE57jAAW&gdpr=0&gdpr_consent=&_test=Y3UIBwAIIE57jAAW
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
108
content-type
text/html; charset=utf-8
date
Wed, 16 Nov 2022 15:55:52 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 078A
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xu7mybg2wp1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
108
content-type
text/html; charset=utf-8
date
Wed, 16 Nov 2022 15:55:52 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 4EDD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8kcuDvRMKQ3pF3xY_Bc0XaURLwvpTCEPoRepltCf
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8kcuDvRMKQ3pF3xY_Bc0XaURLwvpTCEPoRepltCf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 15:55:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 16 Nov 2022 15:55:51 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8kcuDvRMKQ3pF3xY_Bc0XaURLwvpTCEPoRepltCf
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
/
onetag-sys.com/match/ Frame C4E4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2619822817631859109&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
108
content-type
text/html; charset=utf-8
date
Wed, 16 Nov 2022 15:55:52 GMT
location
https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync.aspx
dis.criteo.com/dis/ Frame 3526 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:51 GMT
expires
Wed, 16 Nov 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
607966
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 2007
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eOQJjkANSEtOqZH-bP8om3RaSsU
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Wed, 16 Nov 2022 15:55:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 16 Nov 2022 15:55:52 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 0A4B
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=qgkN3Z13Cr2A-srsBAh1Yw
42 B
455 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=qgkN3Z13Cr2A-srsBAh1Yw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 15:55:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Wed, 16 Nov 2022 15:55:51 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=qgkN3Z13Cr2A-srsBAh1Yw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 7339 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 16 Nov 2022 15:55:52 GMT
Pragma
no-cache
Server
nginx
expires
-1
cm
ipac.ctnsnet.com/int/ Frame 0B21 		43 B
313 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 16 Nov 2022 15:55:51 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 83ED
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2efa6d9d710d4719bfbe9d1fb3130b25
42 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2efa6d9d710d4719bfbe9d1fb3130b25
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 15:55:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Wed, 16 Nov 2022 15:55:51 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=2efa6d9d710d4719bfbe9d1fb3130b25
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
pxd
dps.jp.cinarra.com/ Frame 74FD 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=B9DA278A-8A84-4BF3-988A-978B8497E325
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.132.235 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-132-235.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Wed, 16 Nov 2022 15:55:52 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1AF7
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:HCIqNVSG1OVkLt5&gdpr=0&gdpr_consent=
42 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:HCIqNVSG1OVkLt5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 15:55:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 16 Nov 2022 15:55:51 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:HCIqNVSG1OVkLt5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0f480a28e4fc74ebe@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
sync.targeting.unrulymedia.com/csync/ Frame 24EB
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6324319043
  • https://sync.1rx.io/usersync/tradedesk/11fe43f3-fdaf-4e93-a99a-20f132d88aae
  • https://sync.targeting.unrulymedia.com/csync/RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
43 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.44 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
43
date
Wed, 16 Nov 2022 15:55:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 16 Nov 2022 15:55:52 GMT
expires
0
location
https://sync.targeting.unrulymedia.com/csync/RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004
pragma
no-cache
bridge
cm.adgrx.com/ Frame 3A91 		0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.118.249 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-118-249.ap-southeast-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
date
Wed, 16 Nov 2022 15:55:53 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1b-delivery-2
i.match
s.tribalfusion.com/z/ Frame 7486
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76b169d3cf791c57-AKL
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 15:55:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76b169d17ecd1c57-AKL
content-type
text/html
date
Wed, 16 Nov 2022 15:55:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
15
cookiesync
core.iprom.net/ Frame 0CBF 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 16 Nov 2022 15:55:53 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-06a03b7ef3dd@version_1.530v3
X-core-time
0ms
X-server-arch
v2
/
csync.loopme.me/ Frame F675 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.223.115 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
115.223.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
server
_
141
match.deepintent.com/usersync/ Frame BDBB 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Wed, 16 Nov 2022 15:55:51 GMT
server
c
cksync.php
contextual.media.net/ Frame 4BEA 		45 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3116157497443797000V10&type=pba&refUrl=&vid=86141500903116157497443797000V10&ovsid=B9DA278A-8A84-4BF3-988A-978B8497E325
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Wed, 16 Nov 2022 15:55:51 GMT
expires
Wed, 16 Nov 2022 15:55:51 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D9BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=udonioqES_OYipeLhJfjJQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.40.32.206 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-32-206.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=36642
accept-ranges
bytes
content-length
5549
expires
Thu, 17 Nov 2022 02:06:34 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
px
p.adsymptotic.com/d/ Frame D9BA
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=B9DA278A-8A84-4BF3-988A-978B8497E325
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8a192713d59282b76d7a0cb4ad339a5686352375c8caff40aebe1af83f26c670791426b5417dce21&_=2
  • https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
43 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Server
104.18.102.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Wed, 16 Nov 2022 15:55:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76b169d5fc9aa941-SYD
content-length
43
content-type
image/gif

Redirect headers

date
Wed, 16 Nov 2022 15:55:52 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame D9BA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=98466375-0806-4f00-8e5d-7a4fc39ae493
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=98466375-0806-4f00-8e5d-7a4fc39ae493
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 16 Nov 2022 15:55:51 GMT
Server
MT3 169 32252b7 master hkg-pixel-x1 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=98466375-0806-4f00-8e5d-7a4fc39ae493
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Nov 2022 15:55:50 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D9BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjlEQTI3OEEtOEE4NC00QkYzLTk4OEEtOTc4Qjg0OTdFMzI1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 15:55:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D9BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHm-udfz-8Bx-wXuBrZQYEo&google_cver=1
42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHm-udfz-8Bx-wXuBrZQYEo&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 15:55:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHm-udfz-8Bx-wXuBrZQYEo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame D9BA
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E547AB7B174C4CEEB075D3465A32E5D7
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
date
Wed, 16 Nov 2022 15:55:15 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
B9DA278A-8A84-4BF3-988A-978B8497E325
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D9BA 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B9DA278A-8A84-4BF3-988A-978B8497E325?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.128.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-128-115.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame D9BA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
42 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 15:55:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame D9BA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B9DA278A-8A84-4BF3-988A-978B8497E325&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7h8CPYhE2uXn32hd6D0XQXyPIKVmeBM-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7h8CPYhE2uXn32hd6D0XQXyPIKVmeBM-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7h8CPYhE2uXn32hd6D0XQXyPIKVmeBM-~A&gdpr=0&gdpr_consent=
date
Wed, 16 Nov 2022 15:55:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame D9BA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=705b2411-319c-4b14-a843-22ef020a85ca&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525334544038896284&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10525334544038896284&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=672e7c2f-6f33-41e2-a9f7-921b60972fc6&ssp=pubmatic&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10525334544038896284&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209510804337004603120&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10525334544038896284&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 16 Nov 2022 15:55:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Wed, 16 Nov 2022 15:55:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame D9BA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8442255637575501824
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8442255637575501824
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 15:55:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8442255637575501824
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ImgSync
image8.pubmatic.com/AdServer/ Frame D9BA
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2619822817631859109
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:53 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 16 Nov 2022 15:55:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame D9BA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3732945120016780590&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3732945120016780590&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 16 Nov 2022 15:55:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3732945120016780590&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame D9BA
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=59e9d1c63e842266&is_secure=true&networkId=17100&version=1&nuid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMQiLXkAWVogM8IfPvAAAAAAA&expiration=1668700553&nuid=B9DA278A-8A84-4BF3-988A-978B8497E325&...
42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMQiLXkAWVogM8IfPvAAAAAAA&expiration=1668700553&nuid=B9DA278A-8A84-4BF3-988A-978B8497E325&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 15:55:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:53 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMQiLXkAWVogM8IfPvAAAAAAA&expiration=1668700553&nuid=B9DA278A-8A84-4BF3-988A-978B8497E325&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 9331 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4594210909283810098&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 9331
Redirect Chain
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=ce90507737&gdpr=0&gdpr_consent=
43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=ce90507737&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Wed, 16 Nov 2022 15:55:51 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=ce90507737&gdpr=0&gdpr_consent=
Connection
keep-alive
X-XSS-Protection
1; mode=block
/
rtb-csync.smartadserver.com/redir/ Frame 9331
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=d76406e9-6013-4519-9243-ffa17fb64165&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=d76406e9-6013-4519-9243-ffa17fb64165&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=d76406e9-6013-4519-9243-ffa17fb64165&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
867415
content-length
0
expires
Wed, 16 Nov 2022 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 9331
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dsmar...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=615cda2e756a42b0a3a43ad001103551&ssp=smartadserver&bsw_param=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=705b2411-319c-4b14-a843-22ef020a85ca&gdpr=0&gdpr_consent=
Date
Wed, 16 Nov 2022 15:55:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
redir
rtb-csync.smartadserver.com/ Frame 9331
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEhN07G6hAAAB9n8RVSnQ&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEhN07G6hAAAB9n8RVSnQ&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEhN07G6hAAAB9n8RVSnQ&gdpr=0
Date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8647 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
4945
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 14:33:26 GMT
etag
48472445140208031
expires
Thu, 17 Nov 2022 14:33:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 36D5 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
173fb93323bf2f9333e071b24ea18121e5d402f0addc06cb4885c679943c2f7f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 3946 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
29d366523891287dbebb8df15b3603b9472e47000ae63ad749508a16b060b5d4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 12:43:24 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=74878
content-length
10066
expires
Thu, 17 Nov 2022 12:43:49 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2347 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEcfHBwh1Y8D_HoHovgTR5pjABP--iZltnZy51YoKwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBK4CT9Duy86SXnfGfmyBxh3T6bwbmL3_uPw3MHcKr0V8fuWYOwPOd32Sz0SJupghUxPZLOsMG8ShGOzQ5IgJdfOLEVaB78bKsW8gKLCyxn3wBUAaPfSF-JA2WHwI_ymjqlD_-1Fa2Zy9kMdeCLgjtAxVWb6g3VGWTp_lQjgmHvEz0VtNjbCCEUASzDCilmEWR8imB9-LEhAxU3n3t5L6D3GhSYxOR3lK6PMH2pSrmSMH1eEEyOxipQ1HpPtQYrpbwSB8ko5H4QPzaSfuHu_f7VfvbP5sKcFiOTNky5Yts8FsYm7ZNirVLGoxhzUnsteujkuhXhMnV_eSZiJeNO0xREsKOmqzWFemAt4abJy4heoQLvi1kEOoWkJwbubt08sZCEEu9QS-jKkkGfPObfQ6JdyABszoi6enmM30KKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=XILPsdhFPcc&uach_m=[UACH]&cid=CAQSOwDq26N9AmrM0d_otEJ_jio4_u_thRhDEr_vcea2UWtuaQflsYqgqBgDyM6yw62q16IGMs-jZBaNueuGGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095027&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150350&bpp=13&bdt=393&idt=1001&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=2&ga_vid=1152364600.1668614150&ga_sid=1668614151&ga_hid=1706757183&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070923%2C44770880&oid=2&pvsid=4255099490561129&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.etkkt8rxbycr&fsb=1&dtd=1023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Nov 2022 15:55:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
/
b1-sindc1.zemanta.com/bidder/win/googleadx_display/2536ebac-65c7-11ed-86a5-c1cc541d072d/Y3UIBwAHv8AKj7QBAAYzUbCniZ70mNRULUQgAw/QGV7HF6L2DKFCSEWSVUY4ZSXJY3GLPHAUNMQABU6NKE4N3Z5V4EOOPV6UODVMIBWZQ2MXS... Frame 2347 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1-sindc1.zemanta.com/bidder/win/googleadx_display/2536ebac-65c7-11ed-86a5-c1cc541d072d/Y3UIBwAHv8AKj7QBAAYzUbCniZ70mNRULUQgAw/QGV7HF6L2DKFCSEWSVUY4ZSXJY3GLPHAUNMQABU6NKE4N3Z5V4EOOPV6UODVMIBWZQ2MXSU737SI25JQIQHBZWSO7LYYU5ROG4HHOER63VF6PSIMVQ4JL6F6ID7SWYMHOZ5SOXJAFH3MLV2H4TPQPLAIFKYNJ7FHWDVOBWNCN3F36QLYVVY457GRUGE4RLGMCBUHJ5XY3UJ3YIT5NXF227Q2K572FJUSA5Q7KFKKOOI7JBCS4JH6BP6HOMJNXHYH4AQWBSMLCYPHYUVT3UXBKZADG6W6W7MCVQRVDGZZ7KBGB365TBMBTP5CHGI4KRURVMMQFNHGAP2XYKU424TWT7SWANYBTGWNQRTFC2SLLYO2U5SZCPEBVGSPJWED326D4PYIIP46K2TBB6P7MIRKFI2QYUMVRP2B23SXVLDXDKQC3B5IXO4QT2EB5UBSFADV36PINPP3GQJMVYFPLCAL2YL7OIKIZR64KUPM3OPFRUK4YGBWOZVQ/?
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 16 Nov 2022 15:55:52 GMT
Content-Length
0
/
asia.adform.net/adfscript/ Frame 2347 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asia.adform.net/adfscript/?bn=56367626;click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKdOWBwh1Y8D_HoHovgTR5pjABP--iZltnZy51YoKwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBLECT9Duy86SXnfGfmyBxh3T6bwbmL3_uPw3MHcKr0V8fuWYOwPOd32Sz0SJupghUxPZLOsMG8ShGOzQ5IgJdfOLEVaB78bKsW8gKLCyxn3wBUAaPfSF-JA2WHwI_ymjqlD_-1Fa2Zy9kMdeCLgjtAxVWb6g3VGWTp_lQjgmHvEz0VtNjbCCEUASzDCilmEWR8imB9-LEhAxU3n3t5L6D3GhSYxOR3lK6PMH2pSrmSMH1eEEyOxipQ1HpPtQYrpbwSB8ko5H4QPzaSfuHu_f7VfvbP5sKcFiOTNky5Yts8FsYm7ZNirVLGoxhzUnsteujkuhXhMnV_eSZiJeNO0xREsKOmqzWFemAt4aLp6ZF1fe9Z5KS3QHj1Ltk5zM2U8QJlnATMmuEV7aMd_W0h_5QyPaLiCABszoi6enmM30KKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0vHXBrxssnPtBEOlTX3YtwDNKNsA%26client%3Dca-pub-4485239425924787%26adurl%3Dhttps%253A%252F%252Fr1-usc1.zemanta.com%252Frp2%252Fb1_googleadx_display%252F27660748%252F92404976%252FAGKG7OXTSH5KTK63ZZYKHD4KJKEB5BAJXESCUJ5ER23NP5DE77ATKDBZXBGGSXW2XJBJBOVECXVVQCFWRCBWLTOFTMJXJ6VUB4TMEA4EKMQX2ZR5R7VBVA5736E7Y43TUPWSACGS6CGDMQRGR3EXFAOYVXYSICVJBS6LQ53AO6GB34MEUQALZ47WET6WVIKHU7GNPAZNG2XT2H3PPLPUA62O3UZPB4BIKER3EUP36FJI26LQXARPLDHCLHOCLSM4A75GFQMZNAZDZEEMCVLBR7A3TAO2J4K4AGVIQIRHGJS5DUEQAFKKXMIWGDYOPYFFXLSFFYMSZHBJ4N2NEHJESLCGI4AHXJ2EHUKFTIPMWZ27HMU3X6SZLBUCRQKS3WQ2DULRVTOEWJPIOSBSAGU7IKHMX5FMQLARBDNRBZBF7VT6K6Z37NFZUYZTEIANMMOTN5QRQAPYNC26JCVBMFENBK2NBE2F52U3HXWQLRDUOHQNWMFOK2DIHQMROGVOBI3WCORPFVYKDCGQAIU2IAW7WA3JMP4IK4C6PQSJAY4CEW7XNIL6LZK2KKD6N7GLIB7G%252F%253Frurl%253D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095027&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150350&bpp=13&bdt=393&idt=1001&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=2&ga_vid=1152364600.1668614150&ga_sid=1668614151&ga_hid=1706757183&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070923%2C44770880&oid=2&pvsid=4255099490561129&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.etkkt8rxbycr&fsb=1&dtd=1023
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f1f3e60a70188f05c0c3f4ef5b2e445f6531c71e627c28b8671b3e4e1878b96a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2081
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2347 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095027&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150350&bpp=13&bdt=393&idt=1001&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=2&ga_vid=1152364600.1668614150&ga_sid=1668614151&ga_hid=1706757183&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070923%2C44770880&oid=2&pvsid=4255099490561129&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.etkkt8rxbycr&fsb=1&dtd=1023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
84751
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:23:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2347 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095027&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150350&bpp=13&bdt=393&idt=1001&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=2&ga_vid=1152364600.1668614150&ga_sid=1668614151&ga_hid=1706757183&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070923%2C44770880&oid=2&pvsid=4255099490561129&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.etkkt8rxbycr&fsb=1&dtd=1023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
84750
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:23:21 GMT
l
www.google.com/ads/measurement/ Frame 2347 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTB8tDa389TeK-xQYgJRDlUBvFRBjC1el_e3PlVvfPQZUELPudxeHOGwmqjaGRPSI2LH2isOW4d59g6EfjNYUDHU6zfaQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095027&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150350&bpp=13&bdt=393&idt=1001&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=2&ga_vid=1152364600.1668614150&ga_sid=1668614151&ga_hid=1706757183&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070923%2C44770880&oid=2&pvsid=4255099490561129&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.etkkt8rxbycr&fsb=1&dtd=1023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2347 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095027&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150350&bpp=13&bdt=393&idt=1001&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=2&ga_vid=1152364600.1668614150&ga_sid=1668614151&ga_hid=1706757183&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070923%2C44770880&oid=2&pvsid=4255099490561129&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.etkkt8rxbycr&fsb=1&dtd=1023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 15:55:52 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 990A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.197&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&sub_client=bidder-693656&hl=en&aceid=MKwatACRbTQBDXg0AUZ8NAGafzQBvX80Aex_NAH2fzQBXoA0AXCANAHCgDQB14A0AeGANAHngDQB-oA0AQWBNAEPgTQBGYE0ARyBNAEfgTQBK4E0AUCBNAFPgTQBVIE0AVmBNAFlgTQBcIE0AXqBNAF7gTQBg4E0AYWBNAGJgTQBj4E0AZKBNAGYgTQBmYE0AZqBNAGmgTQBq4E0AbGBNAG1gTQBwYE0AcKBNAHNgTQB0YE0AdeBNAHagTQB34E0AUtzQQFTc0EBVXNBAVFG5gEBWA8CsB1cAgUfXAJHH1wCRTyqAug-qgInQqoCKEKqAitCqgIZTaoCr06qAg9WqgL9eKoCp4qqAoCbqgKBm6oCgpuqAhedqgKiqKoC6aiqArGrqgLkrKoClbGqAly2qgJ6uKoCuruqAjrZqgJO2aoCyOKqAqDlqgJd7qoCq_GqAm_4qgIl-6oCQvuqAq_8qgJMBKsCHgarAjkGqwLBB6sCowurAt8LqwLpC6sC6wurAsMMqwLjDasCHhCrAmMcqwJAH6sCqR-rAvUfqwIMI6sC1iOrAg4mqwJUKKsCXSirAvsrqwL-LqsC1zCrAvEwqwKLMqsC9DOrAm80qwJWNqsChTarAow2qwJBN6sCHjirAlI5qwJCOqsCZDqrApA6qwKVOqsCDTyrAiM8qwKePKsCojyrAu4-qwL3PqsCQT-rAn4_qwI3QKsCMEGrAjZBqwLIQasC9kGrAnlEqwJmRasCvkWrAtYmEAOaOvoD2jNMBdGGIwoUyPsSItb7Elre-xI9-PsSUfv7Ev4A_BLzAfwStgL8EqQE_BJcBfwS9gX8ElwG_BINCPwSvwj8EuwI_BIpCfwSeQn8ErgJ_BLcCfwS-lZrGlsAkinWzrUu&awbid_c=AKAmf-CqBTCbbrAp9TWWWmd8lOAK2LPD-AmSig8iGDTKI_d2_NOW61guiniwzEgxqETsb7dKZdD7h4MnchETKHH6pmU7HGDbz00D_hzwljSKfPNMdB8p5d0EmdBJkfv7BYsO6TnE9_tra6IGw2Ez1SBDMOz-V2MipWWBk1zAoWUUcbMKVyjdILw&awbid_d=AKAmf-Bb4a6GySqsB4bVwmfASbmpSBxxBWIVS43iFklivLJ9cH_KAI6RiILTSuAJZpOXVYzqTImP09-yxj7G-TDJhSN08QwJgrnBNu_h0nYYkCYTW6yxGISXSje4spaRDf1k-eGkTAUzQIrlqPHDnTqIUOGMGfrdVb_t3kivsERoje6y8LNYYG3M6yXbF9YndT8pKmoI6QhlWnV4Si49tXUdLuuyI47_BxBBfrb5hPNbpsFcL3Lea6eGxCK26T3lrzlROviQ92D9S2hYvqfHqTuHWZi9HsVbWSbfghCGNSDdOMzoytBMt-5Kmo6zPkMSIZ2hrIzQjM414Hxpjv3bS_pEJMFukMU5PhYCYLNuA5uHTEtmHmDpkwjginuifn1Ce91sIRAnmW607RBo7W_xSqhyBoXmQC5h6ktX00WyXfdhymcoggjr5IgYYjHbjKl8HuL34UvfUWPf7IeBCNoM6TgxI2Da3738YKMRGqDAL-rmsqfXNsfOYmggPFx9aIfAJm-1cMK4XIf2aYvw3yYh4GzLD52JYtUevP2ByztBhdFf3M6BhGUGkk1EER8mOvoi7VRDMxq_EdKcndEx0PtAT9ty2ZKOq10bXWAMJJ9_oDCd3R2pY6cimlYztwf80sh9yxFWs13x8lvebkKLvAFkZ6mV-OfBfaXOKBBsVj99aurRPIdzE_1R-1w&cid=CAQSGwDq26N9zUq-YYyzFkmGlToE7kGlU1IsaYvOqBgBIAo&exk=713857248&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&a_pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:52 GMT
expires
Wed, 16 Nov 2022 15:55:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:52 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 76CC
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhIEnX_ENGRaDJHkjd4O50XRejhQYSrlQ5g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhIEnX_ENGRaDJHkjd4O50XRejhQYSrlQ5g
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhIEnX_ENGRaDJHkjd4O50XRejhQYSrlQ5g
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 76CC 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
ecm3
s.amazon-adsystem.com/ Frame 76CC
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=46qQidORhfV6JbEkUQHEa_Zu23vExwvrtyHoIJYO6wE
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=46qQidORhfV6JbEkUQHEa_Zu23vExwvrtyHoIJYO6wE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K936TPZKHABCZ8ZDZVBM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=46qQidORhfV6JbEkUQHEa_Zu23vExwvrtyHoIJYO6wE
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
x.bidswitch.net/ Frame 76CC 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:55:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 76CC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 16 Nov 2022 15:55:52 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x21 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=98466375-0806-4f00-8e5d-7a4fc39ae493&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Nov 2022 15:55:51 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 76CC 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 76CC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2619822817631859109
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2619822817631859109
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
AN-X-Request-Uuid
672b7945-c54b-4f62-a495-ab82adced130
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2619822817631859109
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 76CC 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=dVSKn1ZeobcaNRi32RqjqNk0ScQ1hCtdv27hb86fgCQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame 76CC 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:51 GMT
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 76CC 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
content-length
0
/
onetag-sys.com/match/ Frame 76CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJiiV_xra4XZZ2pe0JTGUGE&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJiiV_xra4XZZ2pe0JTGUGE&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJiiV_xra4XZZ2pe0JTGUGE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 76CC 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 76CC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=11fe43f3-fdaf-4e93-a99a-20f132d88aae&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
cs
cs.minutemedia-prebid.com/ Frame 76CC 		0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21493&id=dVSKn1ZeobcaNRi32RqjqNk0ScQ1hCtdv27hb86fgCQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://onetag-sys.com/
date
Wed, 16 Nov 2022 15:55:52 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame 6363 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssp94dRW_8MmNNFYNJSuNfLadX4nr2YgGqx-vfiPeyKC8ncb58pkUDfqI3nXnIUjmRq5LN2Q6_SRJdO1Ox10wlQxUTgKAzQlMH73MU6C9x3dBN8aZ0QiQBmsMhRdI-HP001mnGBioY0sicFloSfq8mjhD4mKHSO9Rz9hyD8TBbYORLoj5ufCCt-gUcATvtmwZcaet-B8i3qe7CDn1hAHEYe6cacV5gR8wuhoOrwolKXvenCchRzmy-NYmik9dvcEaz95v_cc-pnuKOmdBz3B44r7KL4qcxVLJCEen4AzRLE9zFNG9s49jFI3BG92_M&sai=AMfl-YS3VBk44eyomfg_99W6TZv57mjtoGm1VX7ctAycitP-pM3_AyNo-n2qxtH0s3sI6FbvHFmHfDJWpo9efi0zmC3qXcQkVrmgTJjm2KSPP0QIHoIsONdQYXZVDXCiSsRM&sig=Cg0ArKJSzAkVlJthbgPTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 16 Nov 2022 15:55:52 GMT
truncated
/ Frame 6363 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9d1eae3f5ee9cac0cc63ba3e1ea00c13fde67a9af803414f78e2253e3076670

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 77BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C42GGBwh1Y8rQKLWN9fwP5oOlgA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJqSn6p-K2mPqgDAaoEtAJP0Bw-0Pcli1B7XXAlB8oy6VYgHR5pc7wOKqUBVnR06Ix38_Vnv18ILgWNAzBrGF67BzdM_rvZ3KuYY3ZjCsm_5g6HCEYi2ueyb__h4bYyjkPRC3yPnB4eCnaF_oaU2A-uUVV2SQ_JJvxN789FmhuT9YOLfivXd8_f2B2ZKYL47bAZbAy-8_vnAVdzyep27Qr5cQ0-qWRkI2VQeTU9nVk9kVR1l4ThBVWmn__JWlMObnqbHdOjyeTJU3xZuVGzoY21TdFbNslwMmCA8Mm33Z7bnbITmYsozf2o2EHNiqk5RyKCHFl9FGpwN7PPFz-kUZlzZgRDXsbErOXw3mLE4Kq7qdOt94upRKoYMLYfjxw_0EEzl-0olIqIpQBScZYt8qZ8lmJcSNhPoS-2eSoiHNjpeZqYo4AG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=_mZNSARIWa0&uach_m=[UACH]&cid=CAQSOwDq26N97bIndMp5PXJBSdK5IS1ISUx0vzEr7-HHVnqKrp8XrTUd4kChIbOLAXwfRfaU7b6tShcNVfPzGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Nov 2022 15:55:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 77BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k8z_FPz1BqwC-gFi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQBwh1Ywnch6oGEOvxaXCsABIAAA&wp=Y3UIBwAKKEoJnUa1AAlB5rMIlUNxfCuAJbqaiQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
176202
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 1E91 		48 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y3UIBwAKKEoJnUa1AAlB5rMIlUNxfCuAJbqaiQ&u=%7CT%2FaWT8rIpropSBH7062x2SgL1kVyo6Z%2FPVuPyjBqaP0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq9RW7f92aDsJAFO9dBzkeQNFN5BR1Vgob7TsNRk99YtT4vYtJqcLC1QOOC9LkMQtrjhZ5xxHggLOd3rCbHb_9BE87YmyL31r5U2YElwczLOxNVMmHIe0AXLXhzjX-51B-tU7oPRlMTmWqkE0qM97wnuKRy7tFOvxDEm8zxqRLyUvb2iI7iFBqvhIJdKRZFd0vLVGVAm4PcSdQ8I_YDHtuYRudTWmft6FPyroWx2kp8vjutolsg0GAVwtMiEXspNDgGIPQNqu2NmvxDITWGjJBQ_JDzLG5HoCkSdyb0Garp6R2nWK0-Yn7iJgdi_ssos8CDc-Fs1FNBrQslTVfVJCCTNveGZT3zmundlf0QNI0-OYXe7JlzqNmG0CDWd8MMtdd2M_8yXi1g037UzjlgsyiZP_VW8e7iVGyWe5C2lINATACTsbARTP0kQK-QY33dmWADqLcXaCFpQXxLZggqFZJQjnJLu-q7pBrBHcCAIopGe7H7uAXGhOA1cQ_xY45F_8uypByhPznq4BDgCDoks3_hxUXCdr_HrfB9wY_0Yc3nq4SCxHL8MV1eE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHFXEBwh1Y8rQKLWN9fwP5oOlgA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJqSn6p-K2mPqgDAaoEtwJP0Bw-0Pcli1B7XXAlB8oy6VYgHR5pc7wOKqUBVnR06Ix38_Vnv18ILgWNAzBrGF67BzdM_rvZ3KuYY3ZjCsm_5g6HCEYi2ueyb__h4bYyjkPRC3yPnB4eCnaF_oaU2A-uUVV2SQ_JJvxN789FmhuT9YOLfivXd8_f2B2ZKYL47bAZbAy-8_vnAVdzyep27Qr5cQ0-qWRkI2VQeTU9nVk9kVR1l4ThBVWmn__JWlMObnqbHdOjyeTJU3xZuVGzoY21TdFbNslwMmCA8Mm33Z7bnbITmYsozf2o2EHNiqk5RyKCHFl9FGpwN7PPFz-kUZlzZgRDXsbErOXw3mLE4Kq7qdOt94upRKoYMLYfjxx90mChciOh6nUB1J65Jwzu27J2AWhyUDDHUnkssJQ8MMAOkgvmXEPkGoAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2M-nfxe0udhxLEpg65e5sgBKftFQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
1188f1fdb99a80cb9fb8a4117abb79ea301cadbdb0e00f2a14b94972f8507502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=XwlEdWfk0DUvWuc2sygjvUkD-CQpBY7vrXO8MQ3VAnO3XNo4JdE226ziLVnKcYRSrdCsYSa1ucpg5yWBfS_iGd9tgsXM5Rcgu9-F0QeH6JQmEQHX1hQckUgyy1n_p4b5KaE7I0ga0Opk6YtriIlek7SC1HyNab-Dh9rLbOHQjFaHKgvMehB3-vtsL7lh6Lodv57SNepcunNZvCIzVyrgdYkzByq5C_8cCNLCwyLPBmGyGtdsxVHpPUg4PNvPPH7a95-e9WTcB_ypxY-C"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
9919957
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 77BF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
84751
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:23:21 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 595C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
4946
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 14:33:26 GMT
etag
48472445140208031
expires
Thu, 17 Nov 2022 14:33:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 77BF 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
84751
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:23:21 GMT
l
www.google.com/ads/measurement/ Frame 77BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLlDfDdQSvVxf72RlBJTSYLVTDz47VvFInKt8ojQ6wfTwkL483-VOstZhymWJgtMU9IoiqU0PuqcGmcIYzuymh9OSOTw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 77BF 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 15:55:52 GMT
usync.js
eus.rubiconproject.com/ Frame F96E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
29d366523891287dbebb8df15b3603b9472e47000ae63ad749508a16b060b5d4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 12:43:24 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=74877
content-length
10066
expires
Thu, 17 Nov 2022 12:43:49 GMT
dpixel
cms.quantserve.com/ Frame 8647 		35 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOYTXF36AJv_pvMOu2fmdOM&google_cver=1&google_push=ASkJ3FYW14ETHn35lUfMpIjvuwj1GdLzj7AldNPIFRgz7YUIfVQV1SoGzEPjkwYAEMMGeI09Ld56JpF43oCu0x4oePy09-Txtni0sI5rPAnR1kyonzh76R0_FFi9uIE-R69ZkR5JPH3UGxkdwnsHZiDYbkA
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8647
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=ASkJ3Fa-LYthhlzqMAD-fIj_N7v6u0peyvtGmjZUwqHiB2LN5aoTC0NH77-LTRO7Ubev7dKXuOdZgEjoYP3YSTbph4pEcxILe57nhN4bpzwAPR5AvAUHKk6DStTy-gbNsSnJTwTtKeShaXEeYB...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3Fa-LYthhlzqMAD-fIj_N7v6u0peyvtGmjZUwqHiB2LN5aoTC0NH77-LTRO7Ubev7dKXuOdZgEjoYP3YSTbph4pEcxILe57nhN4bpzwAPR5AvAUHKk6DStTy-gbNsSnJT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3Fa-LYthhlzqMAD-fIj_N7v6u0peyvtGmjZUwqHiB2LN5aoTC0NH77-LTRO7Ubev7dKXuOdZgEjoYP3YSTbph4pEcxILe57nhN4bpzwAPR5AvAUHKk6DStTy-gbNsSnJTwTtKeShaXEeYBweJzrmCSQ&google_hm=AZ9yX7jNRq94ks8ADv76RGwpcMA
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
via
1.1 3c5649f7d49e8f5b916e18a72b919074.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3Fa-LYthhlzqMAD-fIj_N7v6u0peyvtGmjZUwqHiB2LN5aoTC0NH77-LTRO7Ubev7dKXuOdZgEjoYP3YSTbph4pEcxILe57nhN4bpzwAPR5AvAUHKk6DStTy-gbNsSnJTwTtKeShaXEeYBweJzrmCSQ&google_hm=AZ9yX7jNRq94ks8ADv76RGwpcMA
cache-control
no-cache
content-length
0
x-amz-cf-id
rrACDlPkIhZ-l_7bcIsO8CU9MS3mOaL7J241GtFGU-_niHAeJ2silg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 8647
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELgUJBQADQVj0iqjBPDCcyQ&google_cver=1&google_push=ASkJ3FaRJ-1iXqc9zCPar6eRScUaKvMGIcEtpq1jKA5J6CrTkLqbylM_hQhBLcJDJFnxqUIGvMN30UK49IXFQRd1CeQ0...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaRJ-1iXqc9zCPar6eRScUaKvMGIcEtpq1jKA5J6CrTkLqbylM_hQhBLcJDJFnxqUIGvMN30UK49IXFQRd1CeQ0nx3UmmYuuCOk8jT4h2OKWRoexhHmUuKkw5bDQWtaYC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaRJ-1iXqc9zCPar6eRScUaKvMGIcEtpq1jKA5J6CrTkLqbylM_hQhBLcJDJFnxqUIGvMN30UK49IXFQRd1CeQ0nx3UmmYuuCOk8jT4h2OKWRoexhHmUuKkw5bDQWtaYCdJSqkH1Lx8KQ6wYGk15j0&google_hm=cFskETGcSxSoQyLvAgqFyg==
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaRJ-1iXqc9zCPar6eRScUaKvMGIcEtpq1jKA5J6CrTkLqbylM_hQhBLcJDJFnxqUIGvMN30UK49IXFQRd1CeQ0nx3UmmYuuCOk8jT4h2OKWRoexhHmUuKkw5bDQWtaYCdJSqkH1Lx8KQ6wYGk15j0&google_hm=cFskETGcSxSoQyLvAgqFyg==
Date
Wed, 16 Nov 2022 15:55:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8647
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELdrmG_SXp58ngf-9QbNnYM&google_cver=1&google_push=ASkJ3FbJJib4X6NWz5PWNOD26oq8WVy0Gfl98wSxtrM_HaG_Y-me9g7jZhn2cR0kqsva9QbiJhAkJ7Dc...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELdrmG_SXp58ngf-9QbNnYM&google_cver=1&google_push=ASkJ3FbJJib4X6NWz5PWNOD26oq8WVy0Gfl98wSxtrM_HaG_Y-me9g7jZhn2cR0kqsva9QbiJhA...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA5OTk0MjU2MTc3NDI0MDIxOQ&google_push=ASkJ3FbJJib4X6NWz5PWNOD26oq8WVy0Gfl98wSxtrM_HaG_Y-me9g7jZhn2cR0kqsva9QbiJhAkJ7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA5OTk0MjU2MTc3NDI0MDIxOQ&google_push=ASkJ3FbJJib4X6NWz5PWNOD26oq8WVy0Gfl98wSxtrM_HaG_Y-me9g7jZhn2cR0kqsva9QbiJhAkJ7DcwvpUUfjXcgcKa5XZHGFCgnRI_fQckGhuGjP5RLZH7l9RT29Cyg4aavr_57_vEIscJ9rb8dpgu98
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA5OTk0MjU2MTc3NDI0MDIxOQ&google_push=ASkJ3FbJJib4X6NWz5PWNOD26oq8WVy0Gfl98wSxtrM_HaG_Y-me9g7jZhn2cR0kqsva9QbiJhAkJ7DcwvpUUfjXcgcKa5XZHGFCgnRI_fQckGhuGjP5RLZH7l9RT29Cyg4aavr_57_vEIscJ9rb8dpgu98
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 8647
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOrLVcGCGrXsXFDd_g7_GV4&google_cver=1&google_push=ASkJ3FZWfscVvWrnxRids5cg0vLaQmD5p1hjFYf98ePzAQl7TWz-B5CEPsJi4yprYIVa--Y1YKi...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKVFMyWDYtTy03VDA3&google_push=ASkJ3FZWfscVvWrnxRids5cg0vLaQmD5p1hjFYf98ePzAQl7TWz-B5CEPsJi4yprYIVa--Y1YKiQNFGBhjEDTuSCZ5QAbM_EHDxerTiaW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKVFMyWDYtTy03VDA3&google_push=ASkJ3FZWfscVvWrnxRids5cg0vLaQmD5p1hjFYf98ePzAQl7TWz-B5CEPsJi4yprYIVa--Y1YKiQNFGBhjEDTuSCZ5QAbM_EHDxerTiaWe-2MPa_lKEUGkE4Ja0b8_ILmzJP9hTkLsgz4vY3Mvyk188y3AE
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKVFMyWDYtTy03VDA3&google_push=ASkJ3FZWfscVvWrnxRids5cg0vLaQmD5p1hjFYf98ePzAQl7TWz-B5CEPsJi4yprYIVa--Y1YKiQNFGBhjEDTuSCZ5QAbM_EHDxerTiaWe-2MPa_lKEUGkE4Ja0b8_ILmzJP9hTkLsgz4vY3Mvyk188y3AE
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
spacer.gif
an.yandex.ru/resource/ Frame 8647
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEK4T3fPaQ309T5f9XBrtg3o?ext-param=ASkJ3FbN6UVynKUY1wu-ViPTZVGKsBrRpHn9pF0jK5dhXcZvJEN2oVA4Jtulh-iXIm_ZUprEe3VMwa5kTmodrhHWhut-AARHAEpkm7IfVWjHZBb3iqogbrv-6iIE...
  • https://an.yandex.ru/mapuid/google/CAESEK4T3fPaQ309T5f9XBrtg3o?redir-setuniq=1&ext-param=ASkJ3FbN6UVynKUY1wu-ViPTZVGKsBrRpHn9pF0jK5dhXcZvJEN2oVA4Jtulh-iXIm_ZUprEe3VMwa5kTmodrhHWhut-AARHAEpkm7IfVWjH...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEK4T3fPaQ309T5f9XBrtg3o&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 01 Nov 2023 15:55:54 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8647
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJiW2SeJuNExUOFyeekRd64&google_cver=1&google_push=ASkJ3Fbio9je5Fbzg...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjYxOTgyMjgxNzYzMTg1OTEwOQ%3D%3D&google_gid=CAESEJiW2SeJuNExUOFyeekRd64&google_cver=1&google_push=ASkJ3Fbio9je5FbzgB5gHACB7rduhHaF4D...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjYxOTgyMjgxNzYzMTg1OTEwOQ%3D%3D&google_gid=CAESEJiW2SeJuNExUOFyeekRd64&google_cver=1&google_push=ASkJ3Fbio9je5FbzgB5gHACB7rduhHaF4Dv0TLr1WH8i6OcZB_wbXA7dhVSNV8xkTrAi4kHDF4ylR-8izOTjyZqIZiUnTxhnii1NF4_Td9pxyurXjlFBDYA_JZIdJpCiQxe8FMW0HVT70g9NDgF36icLNiU
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
AN-X-Request-Uuid
f1375cac-960e-462d-a5f7-028ddfedd05f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjYxOTgyMjgxNzYzMTg1OTEwOQ%3D%3D&google_gid=CAESEJiW2SeJuNExUOFyeekRd64&google_cver=1&google_push=ASkJ3Fbio9je5FbzgB5gHACB7rduhHaF4Dv0TLr1WH8i6OcZB_wbXA7dhVSNV8xkTrAi4kHDF4ylR-8izOTjyZqIZiUnTxhnii1NF4_Td9pxyurXjlFBDYA_JZIdJpCiQxe8FMW0HVT70g9NDgF36icLNiU
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8647 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgY-K6D8EksxX9UbX5WOSzTMAhGLuVSy6wNvrP5v7gG4j9kVclkfrPG4Zzwd48TyamYESA3Vk
Requested by
Host: a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
URL: https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
usersync
usersync.gumgum.com/ Frame 3946
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LAJTS2X6-O-7T07
  • https://usersync.gumgum.com/usersync?b=mag&i=LAJTS2X6-O-7T07
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LAJTS2X6-O-7T07
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LAJTS2X6-O-7T07
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
pixel
cm.g.doubleclick.net/ Frame 595C
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOYTXF36AJv_pvMOu2fmdOM&google_cver=1&google_push=ASkJ3FYbt1S8sfcyD6YNkUsCpcUDBHauGVebaHMwG7rj3prYi-EXwLwU16...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FYbt1S8sfcyD6YNkUsCpcUDBHauGVebaHMwG7rj3prYi-EXwLwU16YqKisiP_u6M0TeOgRjybW1YusdkubqvbpG-XMFzOmkzCP1sF3uSyi62NMBt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FYbt1S8sfcyD6YNkUsCpcUDBHauGVebaHMwG7rj3prYi-EXwLwU16YqKisiP_u6M0TeOgRjybW1YusdkubqvbpG-XMFzOmkzCP1sF3uSyi62NMBtOjt_1LH90aNs1piUuf4ZP0-vT7Etp_h7RvVqNw&google_hm=5GJ6CM65pnJEXa5kiw5qQA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FYbt1S8sfcyD6YNkUsCpcUDBHauGVebaHMwG7rj3prYi-EXwLwU16YqKisiP_u6M0TeOgRjybW1YusdkubqvbpG-XMFzOmkzCP1sF3uSyi62NMBtOjt_1LH90aNs1piUuf4ZP0-vT7Etp_h7RvVqNw&google_hm=5GJ6CM65pnJEXa5kiw5qQA
pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 595C
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEEQyoKeKr5ldmDCznCiOXBg&google_cver=1&google_push=ASkJ3FYECpq3f2i4daxAXXfoMs0eDF-k1t5XlLWf1N1ccYoeeHe2rM62Dyk2l6bScWpAyy0MN8AwAPl...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FYECpq3f2i4daxAXXfoMs0eDF-k1t5XlLWf1N1ccYoeeHe2rM62Dyk2l6bScWpAyy0MN8AwAPldMj0WLXie4k-aBsnGVOqk437WZzh1XwIVEP7waEkSu2g2y7wF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FYECpq3f2i4daxAXXfoMs0eDF-k1t5XlLWf1N1ccYoeeHe2rM62Dyk2l6bScWpAyy0MN8AwAPldMj0WLXie4k-aBsnGVOqk437WZzh1XwIVEP7waEkSu2g2y7wFybHRqtHWvUPjoLs4UR3QeMQGvA&google_hm=LvptnXENRxm_vp0fsxMLJcU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FYECpq3f2i4daxAXXfoMs0eDF-k1t5XlLWf1N1ccYoeeHe2rM62Dyk2l6bScWpAyy0MN8AwAPldMj0WLXie4k-aBsnGVOqk437WZzh1XwIVEP7waEkSu2g2y7wFybHRqtHWvUPjoLs4UR3QeMQGvA&google_hm=LvptnXENRxm_vp0fsxMLJcU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 595C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOOYIX5mdZNZPMSbONiLpTs&google_cver=1&google_push=ASkJ3FYQcOsGkE5CNN4-bA2DjNve4tG8Q8XGM7DiKoGzWjDCwlBvgKQrbc0VKJqtPhRIPSiQg5t1DHa50N8DcFKfora7bLJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYQcOsGkE5CNN4-bA2DjNve4tG8Q8XGM7DiKoGzWjDCwlBvgKQrbc0VKJqtPhRIPSiQg5t1DHa50N8DcFKfora7bLJvQWmVt6xtjqSzmRLfl-yLuxPU0f9tpibpS8Pe7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYQcOsGkE5CNN4-bA2DjNve4tG8Q8XGM7DiKoGzWjDCwlBvgKQrbc0VKJqtPhRIPSiQg5t1DHa50N8DcFKfora7bLJvQWmVt6xtjqSzmRLfl-yLuxPU0f9tpibpS8Pe7GR1cv7b2tN7SPGqpVrHPw&google_hm=NTgyNDA1NDE3ODc2MDM3NjQzNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYQcOsGkE5CNN4-bA2DjNve4tG8Q8XGM7DiKoGzWjDCwlBvgKQrbc0VKJqtPhRIPSiQg5t1DHa50N8DcFKfora7bLJvQWmVt6xtjqSzmRLfl-yLuxPU0f9tpibpS8Pe7GR1cv7b2tN7SPGqpVrHPw&google_hm=NTgyNDA1NDE3ODc2MDM3NjQzNg%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 595C
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPZLkrtwYZJY8e3MmK7VZvE&google_cver=1&google_push=ASkJ3FbJVH0cIEfEGy0faiddR3JsQHeS72NcBZzfuEWgRCuuHstAckGP5-g23gWr8q0g1f-2yiFOr9DXdfxuG0JF6HcwG8XJudwVL...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbJVH0cIEfEGy0faiddR3JsQHeS72NcBZzfuEWgRCuuHstAckGP5-g23gWr8q0g1f-2yiFOr9DXdfxuG0JF6HcwG8XJudwVLV2ZHv5wM5SR3s5gjz4hh4fRPaUZNodnHi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbJVH0cIEfEGy0faiddR3JsQHeS72NcBZzfuEWgRCuuHstAckGP5-g23gWr8q0g1f-2yiFOr9DXdfxuG0JF6HcwG8XJudwVLV2ZHv5wM5SR3s5gjz4hh4fRPaUZNodnHiDsIs6LoStXxLCaBpnm2TI&google_hm=DuKnKFnxzrk8VQRH4O9BMA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbJVH0cIEfEGy0faiddR3JsQHeS72NcBZzfuEWgRCuuHstAckGP5-g23gWr8q0g1f-2yiFOr9DXdfxuG0JF6HcwG8XJudwVLV2ZHv5wM5SR3s5gjz4hh4fRPaUZNodnHiDsIs6LoStXxLCaBpnm2TI&google_hm=DuKnKFnxzrk8VQRH4O9BMA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
pj7l0o52501o63jeplc2idomsu7s3jhg
pixel
cm.g.doubleclick.net/ Frame 595C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEL3iywBimSG3dJp2ngpVNVY&google_cver=1&google_push=ASkJ3FaSJs54lhYlGIc_-NR03htMYwXUi-Q5Ei0Pld4yoyy4nPLpHHGD4rAprj3CsvvlOR38baLVASJWqME1Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FaSJs54lhYlGIc_-NR03htMYwXUi-Q5Ei0Pld4yoyy4nPLpHHGD4rAprj3CsvvlOR38baLVASJWqME1QS8rjGdJ3couduF5Ge9k_6ZGRm0Ge5zO9qoxx2V3M6UrOgN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FaSJs54lhYlGIc_-NR03htMYwXUi-Q5Ei0Pld4yoyy4nPLpHHGD4rAprj3CsvvlOR38baLVASJWqME1QS8rjGdJ3couduF5Ge9k_6ZGRm0Ge5zO9qoxx2V3M6UrOgNMANToQ4DguiGJBvEEjLNXcec&google_hm=VnhJeU5sM3ZBT1hJampNX3FsVDU=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ASkJ3FaSJs54lhYlGIc_-NR03htMYwXUi-Q5Ei0Pld4yoyy4nPLpHHGD4rAprj3CsvvlOR38baLVASJWqME1QS8rjGdJ3couduF5Ge9k_6ZGRm0Ge5zO9qoxx2V3M6UrOgNMANToQ4DguiGJBvEEjLNXcec&google_hm=VnhJeU5sM3ZBT1hJampNX3FsVDU=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 595C
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=udonioqES_OYipeLhJfjJQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=udonioqES_OYipeLhJfjJQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYtFO1mh1SzcfOI17w4RR8R_zuqlDnjfq_Ib95hNMA85vY2F9uLyVzgxRonfQl8KYHLlTMou5Uuz6PG8SxQqkbs45vz8pDiKgBilau3IXxI8-XdEjcltIAepMM3zfzxRoPjoTiqEJzTETMX46XXmA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=udonioqES_OYipeLhJfjJQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYtFO1mh1SzcfOI17w4RR8R_zuqlDnjfq_Ib95hNMA85vY2F9uLyVzgxRonfQl8KYHLlTMou5Uuz6PG8SxQqkbs45vz8pDiKgBilau3IXxI8-XdEjcltIAepMM3zfzxRoPjoTiqEJzTETMX46XXmA
date
Wed, 16 Nov 2022 15:55:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 595C
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEP2CI5erNsghygCFIOgHDXA&google_cver=1&google_push=ASkJ3Fb0_7Cjgipt_8VsqGHqP1rdfxRvzaHay1WTdTVrCATtDjvfbl6BGKaY19KpLpz5DcsAfdCKYkv1Er64wVC4ZlkTcKrgpgm...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3Fb0_7Cjgipt_8VsqGHqP1rdfxRvzaHay1WTdTVrCATtDjvfbl6BGKaY19KpLpz5DcsAfdCKYkv1Er64wVC4ZlkTcKrgpgmnCE9hjgliX07uOMv0rHs1MvgkPn8cFz0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3Fb0_7Cjgipt_8VsqGHqP1rdfxRvzaHay1WTdTVrCATtDjvfbl6BGKaY19KpLpz5DcsAfdCKYkv1Er64wVC4ZlkTcKrgpgmnCE9hjgliX07uOMv0rHs1MvgkPn8cFz0trmQPh3Alr4YCuT6TLfOA1A&google_hm=Z2UyZmQ3ODYxNDhiMTQzOTNhMWI=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3Fb0_7Cjgipt_8VsqGHqP1rdfxRvzaHay1WTdTVrCATtDjvfbl6BGKaY19KpLpz5DcsAfdCKYkv1Er64wVC4ZlkTcKrgpgmnCE9hjgliX07uOMv0rHs1MvgkPn8cFz0trmQPh3Alr4YCuT6TLfOA1A&google_hm=Z2UyZmQ3ODYxNDhiMTQzOTNhMWI=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 595C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLwHgwseOlA0_a7KKvzSPuZlyeNUu4Zrd174SgnhKai-O-W4iy5EomwA2HTsFarDQc5HG1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
cs
cs.minutemedia-prebid.com/ Frame F96E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LAJTS2X6-O-7T07
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LAJTS2X6-O-7T07
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LAJTS2X6-O-7T07
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://eus.rubiconproject.com/
date
Wed, 16 Nov 2022 15:55:53 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LAJTS2X6-O-7T07
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
truncated
/ Frame 77BF 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5303f4149f866caa98d2b4fda82b827695160a53f89071c1b1eb33ac350aef5a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
um
u-sin01.e-planning.net/ Frame 6542
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3De9d1b7ccc2fd8d4d%26uid%3D%24%7BUID%7D
  • https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e9d1b7ccc2fd8d4d&uid=e86aa2db-49e8-447e-b1ad-88e5b2adb907
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e9d1b7ccc2fd8d4d&uid=e86aa2db-49e8-447e-b1ad-88e5b2adb907
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Protocol
H2
Server
64.120.110.137 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Wed, 16 Nov 2022 15:55:53 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:51 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e9d1b7ccc2fd8d4d&uid=e86aa2db-49e8-447e-b1ad-88e5b2adb907
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
c5kag5fqdda1937hosm2mpim77sq5m48
ptag
a.audrte.com/ Frame 6542 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.87.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-87-63.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
c7a8a9a950a4985bda817f570c10c46b689b2c020d722f0ec55267c5ac11cdbf

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:55:53 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1647
um
u-sin01.e-planning.net/ Frame 6542
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3De9d1b7ccc2fd8d4d%26uid%3D%24UID
  • https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=e9d1b7ccc2fd8d4d&uid=2619822817631859109
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=e9d1b7ccc2fd8d4d&uid=2619822817631859109
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Protocol
H2
Server
64.120.110.137 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Wed, 16 Nov 2022 15:55:53 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:52 GMT
AN-X-Request-Uuid
61f04a84-d430-4ce1-9fe7-fb886c90b854
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=e9d1b7ccc2fd8d4d&uid=2619822817631859109
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame 6542 		478 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.206.157.241 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:53 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 15 Nov 2027 15:55:53 GMT
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 3988 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.88.158.176 , Singapore, ASN30081 (CACHENETWORKS, US),
Reverse DNS
unknown.scnet.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
974542
cf4ttl
157680000.000
content-length
1525
content-type
text/html
date
Wed, 16 Nov 2022 15:55:54 GMT
etag
"61ddbb71-5f5"
expires
Wed, 07 Jul 2027 16:09:28 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
3.384
x-cf-reqid
f00b130768c949f306a78bb15566fc8f
x-cf-tsc
1658271112
x-cf1
29080:fB.sin1:co:1585621119:cacheA.sin1-01:H
x-cf2
H
x-cf3
H
x-cff
B
truncated
/ Frame 6E60 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c16121d60f96440cc5ff1422d5be34f5a03927d91da40818be4d160eb967b7c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1E91 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3UIBwAKKEoJnUa1AAlB5rMIlUNxfCuAJbqaiQ&u=%7CT%2FaWT8rIpropSBH7062x2SgL1kVyo6Z%2FPVuPyjBqaP0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq9RW7f92aDsJAFO9dBzkeQNFN5BR1Vgob7TsNRk99YtT4vYtJqcLC1QOOC9LkMQtrjhZ5xxHggLOd3rCbHb_9BE87YmyL31r5U2YElwczLOxNVMmHIe0AXLXhzjX-51B-tU7oPRlMTmWqkE0qM97wnuKRy7tFOvxDEm8zxqRLyUvb2iI7iFBqvhIJdKRZFd0vLVGVAm4PcSdQ8I_YDHtuYRudTWmft6FPyroWx2kp8vjutolsg0GAVwtMiEXspNDgGIPQNqu2NmvxDITWGjJBQ_JDzLG5HoCkSdyb0Garp6R2nWK0-Yn7iJgdi_ssos8CDc-Fs1FNBrQslTVfVJCCTNveGZT3zmundlf0QNI0-OYXe7JlzqNmG0CDWd8MMtdd2M_8yXi1g037UzjlgsyiZP_VW8e7iVGyWe5C2lINATACTsbARTP0kQK-QY33dmWADqLcXaCFpQXxLZggqFZJQjnJLu-q7pBrBHcCAIopGe7H7uAXGhOA1cQ_xY45F_8uypByhPznq4BDgCDoks3_hxUXCdr_HrfB9wY_0Yc3nq4SCxHL8MV1eE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHFXEBwh1Y8rQKLWN9fwP5oOlgA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJqSn6p-K2mPqgDAaoEtwJP0Bw-0Pcli1B7XXAlB8oy6VYgHR5pc7wOKqUBVnR06Ix38_Vnv18ILgWNAzBrGF67BzdM_rvZ3KuYY3ZjCsm_5g6HCEYi2ueyb__h4bYyjkPRC3yPnB4eCnaF_oaU2A-uUVV2SQ_JJvxN789FmhuT9YOLfivXd8_f2B2ZKYL47bAZbAy-8_vnAVdzyep27Qr5cQ0-qWRkI2VQeTU9nVk9kVR1l4ThBVWmn__JWlMObnqbHdOjyeTJU3xZuVGzoY21TdFbNslwMmCA8Mm33Z7bnbITmYsozf2o2EHNiqk5RyKCHFl9FGpwN7PPFz-kUZlzZgRDXsbErOXw3mLE4Kq7qdOt94upRKoYMLYfjxx90mChciOh6nUB1J65Jwzu27J2AWhyUDDHUnkssJQ8MMAOkgvmXEPkGoAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2M-nfxe0udhxLEpg65e5sgBKftFQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 15:55:52 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 1E91 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3UIBwAKKEoJnUa1AAlB5rMIlUNxfCuAJbqaiQ&u=%7CT%2FaWT8rIpropSBH7062x2SgL1kVyo6Z%2FPVuPyjBqaP0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq9RW7f92aDsJAFO9dBzkeQNFN5BR1Vgob7TsNRk99YtT4vYtJqcLC1QOOC9LkMQtrjhZ5xxHggLOd3rCbHb_9BE87YmyL31r5U2YElwczLOxNVMmHIe0AXLXhzjX-51B-tU7oPRlMTmWqkE0qM97wnuKRy7tFOvxDEm8zxqRLyUvb2iI7iFBqvhIJdKRZFd0vLVGVAm4PcSdQ8I_YDHtuYRudTWmft6FPyroWx2kp8vjutolsg0GAVwtMiEXspNDgGIPQNqu2NmvxDITWGjJBQ_JDzLG5HoCkSdyb0Garp6R2nWK0-Yn7iJgdi_ssos8CDc-Fs1FNBrQslTVfVJCCTNveGZT3zmundlf0QNI0-OYXe7JlzqNmG0CDWd8MMtdd2M_8yXi1g037UzjlgsyiZP_VW8e7iVGyWe5C2lINATACTsbARTP0kQK-QY33dmWADqLcXaCFpQXxLZggqFZJQjnJLu-q7pBrBHcCAIopGe7H7uAXGhOA1cQ_xY45F_8uypByhPznq4BDgCDoks3_hxUXCdr_HrfB9wY_0Yc3nq4SCxHL8MV1eE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHFXEBwh1Y8rQKLWN9fwP5oOlgA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJqSn6p-K2mPqgDAaoEtwJP0Bw-0Pcli1B7XXAlB8oy6VYgHR5pc7wOKqUBVnR06Ix38_Vnv18ILgWNAzBrGF67BzdM_rvZ3KuYY3ZjCsm_5g6HCEYi2ueyb__h4bYyjkPRC3yPnB4eCnaF_oaU2A-uUVV2SQ_JJvxN789FmhuT9YOLfivXd8_f2B2ZKYL47bAZbAy-8_vnAVdzyep27Qr5cQ0-qWRkI2VQeTU9nVk9kVR1l4ThBVWmn__JWlMObnqbHdOjyeTJU3xZuVGzoY21TdFbNslwMmCA8Mm33Z7bnbITmYsozf2o2EHNiqk5RyKCHFl9FGpwN7PPFz-kUZlzZgRDXsbErOXw3mLE4Kq7qdOt94upRKoYMLYfjxx90mChciOh6nUB1J65Jwzu27J2AWhyUDDHUnkssJQ8MMAOkgvmXEPkGoAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2M-nfxe0udhxLEpg65e5sgBKftFQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 15:55:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1E91 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3UIBwAKKEoJnUa1AAlB5rMIlUNxfCuAJbqaiQ&u=%7CT%2FaWT8rIpropSBH7062x2SgL1kVyo6Z%2FPVuPyjBqaP0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq9RW7f92aDsJAFO9dBzkeQNFN5BR1Vgob7TsNRk99YtT4vYtJqcLC1QOOC9LkMQtrjhZ5xxHggLOd3rCbHb_9BE87YmyL31r5U2YElwczLOxNVMmHIe0AXLXhzjX-51B-tU7oPRlMTmWqkE0qM97wnuKRy7tFOvxDEm8zxqRLyUvb2iI7iFBqvhIJdKRZFd0vLVGVAm4PcSdQ8I_YDHtuYRudTWmft6FPyroWx2kp8vjutolsg0GAVwtMiEXspNDgGIPQNqu2NmvxDITWGjJBQ_JDzLG5HoCkSdyb0Garp6R2nWK0-Yn7iJgdi_ssos8CDc-Fs1FNBrQslTVfVJCCTNveGZT3zmundlf0QNI0-OYXe7JlzqNmG0CDWd8MMtdd2M_8yXi1g037UzjlgsyiZP_VW8e7iVGyWe5C2lINATACTsbARTP0kQK-QY33dmWADqLcXaCFpQXxLZggqFZJQjnJLu-q7pBrBHcCAIopGe7H7uAXGhOA1cQ_xY45F_8uypByhPznq4BDgCDoks3_hxUXCdr_HrfB9wY_0Yc3nq4SCxHL8MV1eE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHFXEBwh1Y8rQKLWN9fwP5oOlgA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJqSn6p-K2mPqgDAaoEtwJP0Bw-0Pcli1B7XXAlB8oy6VYgHR5pc7wOKqUBVnR06Ix38_Vnv18ILgWNAzBrGF67BzdM_rvZ3KuYY3ZjCsm_5g6HCEYi2ueyb__h4bYyjkPRC3yPnB4eCnaF_oaU2A-uUVV2SQ_JJvxN789FmhuT9YOLfivXd8_f2B2ZKYL47bAZbAy-8_vnAVdzyep27Qr5cQ0-qWRkI2VQeTU9nVk9kVR1l4ThBVWmn__JWlMObnqbHdOjyeTJU3xZuVGzoY21TdFbNslwMmCA8Mm33Z7bnbITmYsozf2o2EHNiqk5RyKCHFl9FGpwN7PPFz-kUZlzZgRDXsbErOXw3mLE4Kq7qdOt94upRKoYMLYfjxx90mChciOh6nUB1J65Jwzu27J2AWhyUDDHUnkssJQ8MMAOkgvmXEPkGoAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2M-nfxe0udhxLEpg65e5sgBKftFQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 11 Nov 2023 15:55:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 1E91 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3UIBwAKKEoJnUa1AAlB5rMIlUNxfCuAJbqaiQ&u=%7CT%2FaWT8rIpropSBH7062x2SgL1kVyo6Z%2FPVuPyjBqaP0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq9RW7f92aDsJAFO9dBzkeQNFN5BR1Vgob7TsNRk99YtT4vYtJqcLC1QOOC9LkMQtrjhZ5xxHggLOd3rCbHb_9BE87YmyL31r5U2YElwczLOxNVMmHIe0AXLXhzjX-51B-tU7oPRlMTmWqkE0qM97wnuKRy7tFOvxDEm8zxqRLyUvb2iI7iFBqvhIJdKRZFd0vLVGVAm4PcSdQ8I_YDHtuYRudTWmft6FPyroWx2kp8vjutolsg0GAVwtMiEXspNDgGIPQNqu2NmvxDITWGjJBQ_JDzLG5HoCkSdyb0Garp6R2nWK0-Yn7iJgdi_ssos8CDc-Fs1FNBrQslTVfVJCCTNveGZT3zmundlf0QNI0-OYXe7JlzqNmG0CDWd8MMtdd2M_8yXi1g037UzjlgsyiZP_VW8e7iVGyWe5C2lINATACTsbARTP0kQK-QY33dmWADqLcXaCFpQXxLZggqFZJQjnJLu-q7pBrBHcCAIopGe7H7uAXGhOA1cQ_xY45F_8uypByhPznq4BDgCDoks3_hxUXCdr_HrfB9wY_0Yc3nq4SCxHL8MV1eE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHFXEBwh1Y8rQKLWN9fwP5oOlgA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJqSn6p-K2mPqgDAaoEtwJP0Bw-0Pcli1B7XXAlB8oy6VYgHR5pc7wOKqUBVnR06Ix38_Vnv18ILgWNAzBrGF67BzdM_rvZ3KuYY3ZjCsm_5g6HCEYi2ueyb__h4bYyjkPRC3yPnB4eCnaF_oaU2A-uUVV2SQ_JJvxN789FmhuT9YOLfivXd8_f2B2ZKYL47bAZbAy-8_vnAVdzyep27Qr5cQ0-qWRkI2VQeTU9nVk9kVR1l4ThBVWmn__JWlMObnqbHdOjyeTJU3xZuVGzoY21TdFbNslwMmCA8Mm33Z7bnbITmYsozf2o2EHNiqk5RyKCHFl9FGpwN7PPFz-kUZlzZgRDXsbErOXw3mLE4Kq7qdOt94upRKoYMLYfjxx90mChciOh6nUB1J65Jwzu27J2AWhyUDDHUnkssJQ8MMAOkgvmXEPkGoAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2M-nfxe0udhxLEpg65e5sgBKftFQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 11 Nov 2023 15:55:52 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 1E91 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=KqyQtzmL6mWA-AVkm3KuWvHIGhGlIvSDpQK_LxCr04ZdJA4kjNBl4n6Ya8-niYiflfUBQQ2udM9C4I8YBs1Emqhs8Tcb8H17ZPugcMwTmAVfJI7mxhGco_uTCXWP37k-YillMjPzBNTwXfAU1O0R2RsZtAThQZB2b1-D84QhpQMOaxXWkNbtYZGyX2g-P4O3qnsGlu7aFUUmxDRlMpfp75zVIExLYjD3aWs1Gw0yfce-qkyntsQK6kskBoF3WjaJo-1pQlW0T-Hmz2Me0pv1QKEafe0hy9whMplTyWuUdM2wxlTbOxbLKSh39rwGEPPi84tX7XdJ_wsVSInMUrqx59bXjMKg0JXiLM5qw3mbK9q8AntHAtzQsLwxV06KQbGpd-dDYNmTfsQnyzRrWoHkaP6dO5ByI2_KrENzIwyaydtG-8Pu
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3UIBwAKKEoJnUa1AAlB5rMIlUNxfCuAJbqaiQ&u=%7CT%2FaWT8rIpropSBH7062x2SgL1kVyo6Z%2FPVuPyjBqaP0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq9RW7f92aDsJAFO9dBzkeQNFN5BR1Vgob7TsNRk99YtT4vYtJqcLC1QOOC9LkMQtrjhZ5xxHggLOd3rCbHb_9BE87YmyL31r5U2YElwczLOxNVMmHIe0AXLXhzjX-51B-tU7oPRlMTmWqkE0qM97wnuKRy7tFOvxDEm8zxqRLyUvb2iI7iFBqvhIJdKRZFd0vLVGVAm4PcSdQ8I_YDHtuYRudTWmft6FPyroWx2kp8vjutolsg0GAVwtMiEXspNDgGIPQNqu2NmvxDITWGjJBQ_JDzLG5HoCkSdyb0Garp6R2nWK0-Yn7iJgdi_ssos8CDc-Fs1FNBrQslTVfVJCCTNveGZT3zmundlf0QNI0-OYXe7JlzqNmG0CDWd8MMtdd2M_8yXi1g037UzjlgsyiZP_VW8e7iVGyWe5C2lINATACTsbARTP0kQK-QY33dmWADqLcXaCFpQXxLZggqFZJQjnJLu-q7pBrBHcCAIopGe7H7uAXGhOA1cQ_xY45F_8uypByhPznq4BDgCDoks3_hxUXCdr_HrfB9wY_0Yc3nq4SCxHL8MV1eE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHFXEBwh1Y8rQKLWN9fwP5oOlgA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJqSn6p-K2mPqgDAaoEtwJP0Bw-0Pcli1B7XXAlB8oy6VYgHR5pc7wOKqUBVnR06Ix38_Vnv18ILgWNAzBrGF67BzdM_rvZ3KuYY3ZjCsm_5g6HCEYi2ueyb__h4bYyjkPRC3yPnB4eCnaF_oaU2A-uUVV2SQ_JJvxN789FmhuT9YOLfivXd8_f2B2ZKYL47bAZbAy-8_vnAVdzyep27Qr5cQ0-qWRkI2VQeTU9nVk9kVR1l4ThBVWmn__JWlMObnqbHdOjyeTJU3xZuVGzoY21TdFbNslwMmCA8Mm33Z7bnbITmYsozf2o2EHNiqk5RyKCHFl9FGpwN7PPFz-kUZlzZgRDXsbErOXw3mLE4Kq7qdOt94upRKoYMLYfjxx90mChciOh6nUB1J65Jwzu27J2AWhyUDDHUnkssJQ8MMAOkgvmXEPkGoAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2M-nfxe0udhxLEpg65e5sgBKftFQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3869821
expires
Mon, 26 Jul 1997 05:00:00 GMT
589fa18543d74401a7e1a7bbcfd58f8e_image_ad_300x250.jpeg
static.criteo.net/design/dt/99951/221025/ Frame 1E91 		249 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/99951/221025/589fa18543d74401a7e1a7bbcfd58f8e_image_ad_300x250.jpeg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3UIBwAKKEoJnUa1AAlB5rMIlUNxfCuAJbqaiQ&u=%7CT%2FaWT8rIpropSBH7062x2SgL1kVyo6Z%2FPVuPyjBqaP0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq9RW7f92aDsJAFO9dBzkeQNFN5BR1Vgob7TsNRk99YtT4vYtJqcLC1QOOC9LkMQtrjhZ5xxHggLOd3rCbHb_9BE87YmyL31r5U2YElwczLOxNVMmHIe0AXLXhzjX-51B-tU7oPRlMTmWqkE0qM97wnuKRy7tFOvxDEm8zxqRLyUvb2iI7iFBqvhIJdKRZFd0vLVGVAm4PcSdQ8I_YDHtuYRudTWmft6FPyroWx2kp8vjutolsg0GAVwtMiEXspNDgGIPQNqu2NmvxDITWGjJBQ_JDzLG5HoCkSdyb0Garp6R2nWK0-Yn7iJgdi_ssos8CDc-Fs1FNBrQslTVfVJCCTNveGZT3zmundlf0QNI0-OYXe7JlzqNmG0CDWd8MMtdd2M_8yXi1g037UzjlgsyiZP_VW8e7iVGyWe5C2lINATACTsbARTP0kQK-QY33dmWADqLcXaCFpQXxLZggqFZJQjnJLu-q7pBrBHcCAIopGe7H7uAXGhOA1cQ_xY45F_8uypByhPznq4BDgCDoks3_hxUXCdr_HrfB9wY_0Yc3nq4SCxHL8MV1eE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHFXEBwh1Y8rQKLWN9fwP5oOlgA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJqSn6p-K2mPqgDAaoEtwJP0Bw-0Pcli1B7XXAlB8oy6VYgHR5pc7wOKqUBVnR06Ix38_Vnv18ILgWNAzBrGF67BzdM_rvZ3KuYY3ZjCsm_5g6HCEYi2ueyb__h4bYyjkPRC3yPnB4eCnaF_oaU2A-uUVV2SQ_JJvxN789FmhuT9YOLfivXd8_f2B2ZKYL47bAZbAy-8_vnAVdzyep27Qr5cQ0-qWRkI2VQeTU9nVk9kVR1l4ThBVWmn__JWlMObnqbHdOjyeTJU3xZuVGzoY21TdFbNslwMmCA8Mm33Z7bnbITmYsozf2o2EHNiqk5RyKCHFl9FGpwN7PPFz-kUZlzZgRDXsbErOXw3mLE4Kq7qdOt94upRKoYMLYfjxx90mChciOh6nUB1J65Jwzu27J2AWhyUDDHUnkssJQ8MMAOkgvmXEPkGoAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2M-nfxe0udhxLEpg65e5sgBKftFQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
59137467b97878a05285b5b6ccb9a0e0d0b3453b550ddbb712b220a53e26fb5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 25 Oct 2022 22:30:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6358637d-3e208"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
254472
expires
Sat, 11 Nov 2023 15:55:52 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 36D5 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 06:06:47 GMT
x-content-type-options
nosniff
age
35346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 06:06:47 GMT
bootstrap.js
s2.adform.net/stoat/626/s2.adform.net/ Frame 2347 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Requested by
Host: asia.adform.net
URL: https://asia.adform.net/adfscript/?bn=56367626;click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKdOWBwh1Y8D_HoHovgTR5pjABP--iZltnZy51YoKwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBLECT9Duy86SXnfGfmyBxh3T6bwbmL3_uPw3MHcKr0V8fuWYOwPOd32Sz0SJupghUxPZLOsMG8ShGOzQ5IgJdfOLEVaB78bKsW8gKLCyxn3wBUAaPfSF-JA2WHwI_ymjqlD_-1Fa2Zy9kMdeCLgjtAxVWb6g3VGWTp_lQjgmHvEz0VtNjbCCEUASzDCilmEWR8imB9-LEhAxU3n3t5L6D3GhSYxOR3lK6PMH2pSrmSMH1eEEyOxipQ1HpPtQYrpbwSB8ko5H4QPzaSfuHu_f7VfvbP5sKcFiOTNky5Yts8FsYm7ZNirVLGoxhzUnsteujkuhXhMnV_eSZiJeNO0xREsKOmqzWFemAt4aLp6ZF1fe9Z5KS3QHj1Ltk5zM2U8QJlnATMmuEV7aMd_W0h_5QyPaLiCABszoi6enmM30KKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0vHXBrxssnPtBEOlTX3YtwDNKNsA%26client%3Dca-pub-4485239425924787%26adurl%3Dhttps%253A%252F%252Fr1-usc1.zemanta.com%252Frp2%252Fb1_googleadx_display%252F27660748%252F92404976%252FAGKG7OXTSH5KTK63ZZYKHD4KJKEB5BAJXESCUJ5ER23NP5DE77ATKDBZXBGGSXW2XJBJBOVECXVVQCFWRCBWLTOFTMJXJ6VUB4TMEA4EKMQX2ZR5R7VBVA5736E7Y43TUPWSACGS6CGDMQRGR3EXFAOYVXYSICVJBS6LQ53AO6GB34MEUQALZ47WET6WVIKHU7GNPAZNG2XT2H3PPLPUA62O3UZPB4BIKER3EUP36FJI26LQXARPLDHCLHOCLSM4A75GFQMZNAZDZEEMCVLBR7A3TAO2J4K4AGVIQIRHGJS5DUEQAFKKXMIWGDYOPYFFXLSFFYMSZHBJ4N2NEHJESLCGI4AHXJ2EHUKFTIPMWZ27HMU3X6SZLBUCRQKS3WQ2DULRVTOEWJPIOSBSAGU7IKHMX5FMQLARBDNRBZBF7VT6K6Z37NFZUYZTEIANMMOTN5QRQAPYNC26JCVBMFENBK2NBE2F52U3HXWQLRDUOHQNWMFOK2DIHQMROGVOBI3WCORPFVYKDCGQAIU2IAW7WA3JMP4IK4C6PQSJAY4CEW7XNIL6LZK2KKD6N7GLIB7G%252F%253Frurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a515795368da20708b7d71fb05939d8da243774b50aab2662af4e763c766bf26

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:53 GMT
content-encoding
gzip
last-modified
Mon, 14 Nov 2022 10:47:37 GMT
server
nginx
x-cache-status
HIT, HIT, HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 16 Nov 2022 04:00:04 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 2BFF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3853246281&adsafe=medium&client=ca-pub-5722610347565274&format=300x250_as&ip=116.90.74.197&output=html&unviewed_position_start=1&url=https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&sub_client=bidder-693656&hl=en&aceid=MKwatACRbTQBDXg0AUZ8NAGafzQBvX80Aex_NAH2fzQBXoA0AXCANAHCgDQB14A0AeGANAHngDQB-oA0AQWBNAEPgTQBGYE0ARyBNAEfgTQBK4E0AUCBNAFPgTQBVIE0AVmBNAFlgTQBcIE0AXqBNAF7gTQBg4E0AYWBNAGJgTQBj4E0AZKBNAGYgTQBmYE0AZqBNAGmgTQBq4E0AbGBNAG1gTQBwYE0AcKBNAHNgTQB0YE0AdeBNAHagTQB34E0AUtzQQFTc0EBVXNBAVFG5gEBWA8CsB1cAgUfXAJHH1wCRTyqAug-qgInQqoCKEKqAitCqgIZTaoCr06qAg9WqgL9eKoCp4qqAoCbqgKBm6oCgpuqAhedqgKiqKoC6aiqArGrqgLkrKoClbGqAly2qgJ6uKoCuruqAjrZqgJO2aoCyOKqAqDlqgJd7qoCq_GqAm_4qgIl-6oCQvuqAq_8qgJMBKsCHgarAjkGqwLBB6sCowurAt8LqwLpC6sC6wurAsMMqwLjDasCHhCrAmMcqwJAH6sCqR-rAvUfqwIMI6sC1iOrAg4mqwJUKKsCXSirAvsrqwL-LqsC1zCrAvEwqwKLMqsC9DOrAm80qwJWNqsChTarAow2qwJBN6sCHjirAlI5qwJCOqsCZDqrApA6qwKVOqsCDTyrAiM8qwKePKsCojyrAu4-qwL3PqsCQT-rAn4_qwI3QKsCMEGrAjZBqwLIQasC9kGrAnlEqwJmRasCvkWrAtYmEAOaOvoD2jNMBdGGIwoUyPsSItb7Elre-xI9-PsSUfv7Ev4A_BLzAfwStgL8EqQE_BJcBfwS9gX8ElwG_BINCPwSvwj8EuwI_BIpCfwSeQn8ErgJ_BLcCfwS-lZrGlsAkinWzrUu&awbid_c=AKAmf-CqBTCbbrAp9TWWWmd8lOAK2LPD-AmSig8iGDTKI_d2_NOW61guiniwzEgxqETsb7dKZdD7h4MnchETKHH6pmU7HGDbz00D_hzwljSKfPNMdB8p5d0EmdBJkfv7BYsO6TnE9_tra6IGw2Ez1SBDMOz-V2MipWWBk1zAoWUUcbMKVyjdILw&awbid_d=AKAmf-Bb4a6GySqsB4bVwmfASbmpSBxxBWIVS43iFklivLJ9cH_KAI6RiILTSuAJZpOXVYzqTImP09-yxj7G-TDJhSN08QwJgrnBNu_h0nYYkCYTW6yxGISXSje4spaRDf1k-eGkTAUzQIrlqPHDnTqIUOGMGfrdVb_t3kivsERoje6y8LNYYG3M6yXbF9YndT8pKmoI6QhlWnV4Si49tXUdLuuyI47_BxBBfrb5hPNbpsFcL3Lea6eGxCK26T3lrzlROviQ92D9S2hYvqfHqTuHWZi9HsVbWSbfghCGNSDdOMzoytBMt-5Kmo6zPkMSIZ2hrIzQjM414Hxpjv3bS_pEJMFukMU5PhYCYLNuA5uHTEtmHmDpkwjginuifn1Ce91sIRAnmW607RBo7W_xSqhyBoXmQC5h6ktX00WyXfdhymcoggjr5IgYYjHbjKl8HuL34UvfUWPf7IeBCNoM6TgxI2Da3738YKMRGqDAL-rmsqfXNsfOYmggPFx9aIfAJm-1cMK4XIf2aYvw3yYh4GzLD52JYtUevP2ByztBhdFf3M6BhGUGkk1EER8mOvoi7VRDMxq_EdKcndEx0PtAT9ty2ZKOq10bXWAMJJ9_oDCd3R2pY6cimlYztwf80sh9yxFWs13x8lvebkKLvAFkZ6mV-OfBfaXOKBBsVj99aurRPIdzE_1R-1w&cid=CAQSGwDq26N9zUq-YYyzFkmGlToE7kGlU1IsaYvOqBgBIAo&exk=713857248&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&a_pr=13:Y3UIAQAAAADxoladmGtq4sbVMLD5BUI9-Biewg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:08:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6363 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-vHRjtgBSscRouuS91JQ_w7OIv9qYNGhB7LIX78kgo-eWcY49fWkzhEzbhXGGniXfK4kKjaGDdx6qtv-gPtDmwKg2e6Oa1EAjphFWVHTnShY0IqrWIIEG9SDRqf046BfbptKxm-OD73PR8pw67suLY2jBLah3L7pnsljvtAadD6kU64biYpaDS78mCWy4pp1yC1NqIHTuzXmyy95l2g4N7MhysvDeUQS_UnQB7pl64B3E0AbUENCadcUooqDqowJpvSXmYAXM1HzLvhrYviGo9T1sbGbyBFh-Qk2qpG3x_nP_XISLq9z7cqO-e2skd_TR5H8&sai=AMfl-YQBhv6xQVzYrdLlaNFb9Pn8Ck6Rg8-vtzQTo3yN5z4-_VB4Fe0BrSnzLmW3pspIS97ZgbGoX4mACUuUtPIISntd-xzp0t0V1GxV7Xrvqe2fREMjmEyT6JvgYrP1zeuH&sig=Cg0ArKJSzGzA_6hxnBduEAE&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668614150740&rpt=1279&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 1E91 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=XwlEdWfk0DUvWuc2sygjvUkD-CQpBY7vrXO8MQ3VAnO3XNo4JdE226ziLVnKcYRSrdCsYSa1ucpg5yWBfS_iGd9tgsXM5Rcgu9-F0QeH6JQmEQHX1hQckUgyy1n_p4b5KaE7I0ga0Opk6YtriIlek7SC1HyNab-Dh9rLbOHQjFaHKgvMehB3-vtsL7lh6Lodv57SNepcunNZvCIzVyrgdYkzByq5C_8cCNLCwyLPBmGyGtdsxVHpPUg4PNvPPH7a95-e9WTcB_ypxY-C&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3UIBwAKKEoJnUa1AAlB5rMIlUNxfCuAJbqaiQ&u=%7CT%2FaWT8rIpropSBH7062x2SgL1kVyo6Z%2FPVuPyjBqaP0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq9RW7f92aDsJAFO9dBzkeQNFN5BR1Vgob7TsNRk99YtT4vYtJqcLC1QOOC9LkMQtrjhZ5xxHggLOd3rCbHb_9BE87YmyL31r5U2YElwczLOxNVMmHIe0AXLXhzjX-51B-tU7oPRlMTmWqkE0qM97wnuKRy7tFOvxDEm8zxqRLyUvb2iI7iFBqvhIJdKRZFd0vLVGVAm4PcSdQ8I_YDHtuYRudTWmft6FPyroWx2kp8vjutolsg0GAVwtMiEXspNDgGIPQNqu2NmvxDITWGjJBQ_JDzLG5HoCkSdyb0Garp6R2nWK0-Yn7iJgdi_ssos8CDc-Fs1FNBrQslTVfVJCCTNveGZT3zmundlf0QNI0-OYXe7JlzqNmG0CDWd8MMtdd2M_8yXi1g037UzjlgsyiZP_VW8e7iVGyWe5C2lINATACTsbARTP0kQK-QY33dmWADqLcXaCFpQXxLZggqFZJQjnJLu-q7pBrBHcCAIopGe7H7uAXGhOA1cQ_xY45F_8uypByhPznq4BDgCDoks3_hxUXCdr_HrfB9wY_0Yc3nq4SCxHL8MV1eE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHFXEBwh1Y8rQKLWN9fwP5oOlgA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJqSn6p-K2mPqgDAaoEtwJP0Bw-0Pcli1B7XXAlB8oy6VYgHR5pc7wOKqUBVnR06Ix38_Vnv18ILgWNAzBrGF67BzdM_rvZ3KuYY3ZjCsm_5g6HCEYi2ueyb__h4bYyjkPRC3yPnB4eCnaF_oaU2A-uUVV2SQ_JJvxN789FmhuT9YOLfivXd8_f2B2ZKYL47bAZbAy-8_vnAVdzyep27Qr5cQ0-qWRkI2VQeTU9nVk9kVR1l4ThBVWmn__JWlMObnqbHdOjyeTJU3xZuVGzoY21TdFbNslwMmCA8Mm33Z7bnbITmYsozf2o2EHNiqk5RyKCHFl9FGpwN7PPFz-kUZlzZgRDXsbErOXw3mLE4Kq7qdOt94upRKoYMLYfjxx90mChciOh6nUB1J65Jwzu27J2AWhyUDDHUnkssJQ8MMAOkgvmXEPkGoAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2M-nfxe0udhxLEpg65e5sgBKftFQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 16 Nov 2022 15:55:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1E91 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3UIBwAKKEoJnUa1AAlB5rMIlUNxfCuAJbqaiQ&u=%7CT%2FaWT8rIpropSBH7062x2SgL1kVyo6Z%2FPVuPyjBqaP0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq9RW7f92aDsJAFO9dBzkeQNFN5BR1Vgob7TsNRk99YtT4vYtJqcLC1QOOC9LkMQtrjhZ5xxHggLOd3rCbHb_9BE87YmyL31r5U2YElwczLOxNVMmHIe0AXLXhzjX-51B-tU7oPRlMTmWqkE0qM97wnuKRy7tFOvxDEm8zxqRLyUvb2iI7iFBqvhIJdKRZFd0vLVGVAm4PcSdQ8I_YDHtuYRudTWmft6FPyroWx2kp8vjutolsg0GAVwtMiEXspNDgGIPQNqu2NmvxDITWGjJBQ_JDzLG5HoCkSdyb0Garp6R2nWK0-Yn7iJgdi_ssos8CDc-Fs1FNBrQslTVfVJCCTNveGZT3zmundlf0QNI0-OYXe7JlzqNmG0CDWd8MMtdd2M_8yXi1g037UzjlgsyiZP_VW8e7iVGyWe5C2lINATACTsbARTP0kQK-QY33dmWADqLcXaCFpQXxLZggqFZJQjnJLu-q7pBrBHcCAIopGe7H7uAXGhOA1cQ_xY45F_8uypByhPznq4BDgCDoks3_hxUXCdr_HrfB9wY_0Yc3nq4SCxHL8MV1eE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHFXEBwh1Y8rQKLWN9fwP5oOlgA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJqSn6p-K2mPqgDAaoEtwJP0Bw-0Pcli1B7XXAlB8oy6VYgHR5pc7wOKqUBVnR06Ix38_Vnv18ILgWNAzBrGF67BzdM_rvZ3KuYY3ZjCsm_5g6HCEYi2ueyb__h4bYyjkPRC3yPnB4eCnaF_oaU2A-uUVV2SQ_JJvxN789FmhuT9YOLfivXd8_f2B2ZKYL47bAZbAy-8_vnAVdzyep27Qr5cQ0-qWRkI2VQeTU9nVk9kVR1l4ThBVWmn__JWlMObnqbHdOjyeTJU3xZuVGzoY21TdFbNslwMmCA8Mm33Z7bnbITmYsozf2o2EHNiqk5RyKCHFl9FGpwN7PPFz-kUZlzZgRDXsbErOXw3mLE4Kq7qdOt94upRKoYMLYfjxx90mChciOh6nUB1J65Jwzu27J2AWhyUDDHUnkssJQ8MMAOkgvmXEPkGoAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2M-nfxe0udhxLEpg65e5sgBKftFQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 15:55:53 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 1E91 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3UIBwAKKEoJnUa1AAlB5rMIlUNxfCuAJbqaiQ&u=%7CT%2FaWT8rIpropSBH7062x2SgL1kVyo6Z%2FPVuPyjBqaP0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq9RW7f92aDsJAFO9dBzkeQNFN5BR1Vgob7TsNRk99YtT4vYtJqcLC1QOOC9LkMQtrjhZ5xxHggLOd3rCbHb_9BE87YmyL31r5U2YElwczLOxNVMmHIe0AXLXhzjX-51B-tU7oPRlMTmWqkE0qM97wnuKRy7tFOvxDEm8zxqRLyUvb2iI7iFBqvhIJdKRZFd0vLVGVAm4PcSdQ8I_YDHtuYRudTWmft6FPyroWx2kp8vjutolsg0GAVwtMiEXspNDgGIPQNqu2NmvxDITWGjJBQ_JDzLG5HoCkSdyb0Garp6R2nWK0-Yn7iJgdi_ssos8CDc-Fs1FNBrQslTVfVJCCTNveGZT3zmundlf0QNI0-OYXe7JlzqNmG0CDWd8MMtdd2M_8yXi1g037UzjlgsyiZP_VW8e7iVGyWe5C2lINATACTsbARTP0kQK-QY33dmWADqLcXaCFpQXxLZggqFZJQjnJLu-q7pBrBHcCAIopGe7H7uAXGhOA1cQ_xY45F_8uypByhPznq4BDgCDoks3_hxUXCdr_HrfB9wY_0Yc3nq4SCxHL8MV1eE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHFXEBwh1Y8rQKLWN9fwP5oOlgA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJqSn6p-K2mPqgDAaoEtwJP0Bw-0Pcli1B7XXAlB8oy6VYgHR5pc7wOKqUBVnR06Ix38_Vnv18ILgWNAzBrGF67BzdM_rvZ3KuYY3ZjCsm_5g6HCEYi2ueyb__h4bYyjkPRC3yPnB4eCnaF_oaU2A-uUVV2SQ_JJvxN789FmhuT9YOLfivXd8_f2B2ZKYL47bAZbAy-8_vnAVdzyep27Qr5cQ0-qWRkI2VQeTU9nVk9kVR1l4ThBVWmn__JWlMObnqbHdOjyeTJU3xZuVGzoY21TdFbNslwMmCA8Mm33Z7bnbITmYsozf2o2EHNiqk5RyKCHFl9FGpwN7PPFz-kUZlzZgRDXsbErOXw3mLE4Kq7qdOt94upRKoYMLYfjxx90mChciOh6nUB1J65Jwzu27J2AWhyUDDHUnkssJQ8MMAOkgvmXEPkGoAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2M-nfxe0udhxLEpg65e5sgBKftFQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 15:55:53 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame D9BA 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3116157497443797000V10%26type%3Dpba%26refUrl%3D%26vid%3D86141500903116157497443797000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame DDCD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstm523rV72F0QRF3k-Wr0szJMh5ULPv4Dg5bVJo6RtOVQJGaXyyps0NX61VnnSOmFslpaIsNzrXTnqz62JPfVc3IZZkFFqud35BDi_tQ1Ukc1SBjzNd2zu98Y4rXFSE-_pyQhnY6CL2PzQ4XO0fx3pbgSZ3SOnZsA&sai=AMfl-YTQ9gQa-_n2n4IRR_-8N_Fk0q6D-7zi-cfa7cw-uY20vfa0g15FiDuJC7gFv9o8mMiWhRa4kQxrWQDV00U0B2sY0nCYyqEo6sFWE8d2qPKuPQWCq2Fq35yPGenT2Q&sig=Cg0ArKJSzAr7JE0-bOetEAE&cid=CAQSOwDq26N9XBkVlfkQHu-YsVJ7Jk6Hil5eppjiLs5DpQfvSrAxJLdgivZ51Lr_WtnskhiiKiGFyg9nQJZVGAEgEw&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=1839&tls=2841&g=100&h=100&tt=2841&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8F04 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
db8d4f3193eee53830a7af5c0ec3f7a7cfa4519811dbf9a1137a9d89569eaab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12466
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6E60 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuwb98gNWQCBu1SmzYnE54kPfL_zgQebK2925D1Bb7ur3TN2fTpfEawxycDakqUXgCrWttZUrvmQPN-TmwlfUAfm8lTQbiNAGyAwOeCVsEvnvtIEz0VGyw9U5S9xzWV173ISg&sig=Cg0ArKJSzEL-adkqIQHfEAE&cid=CAASFeRoPiGkL3DHC-CZMhbe_ojpuIBSQA&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3853246281&rs=5&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668614150757&rpt=2074&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame CF13 		636 B
578 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.206.157.241 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Wed, 16 Nov 2022 15:55:53 GMT
etag
W/"601b131c-27c"
expires
Mon, 15 Nov 2027 15:55:53 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
cs
cs.minutemedia-prebid.com/ Frame 7939 		0
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21506&id=AOMZZHoP0mUaSIRU
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.us.e-planning.net/
content-length
0
content-type
application/javascript
date
Wed, 16 Nov 2022 15:55:54 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 8DB9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:08:01 GMT
/
asia.adform.net/adfserve/ Frame 2347 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asia.adform.net/adfserve/?CC=1&bn=56367626;click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKdOWBwh1Y8D_HoHovgTR5pjABP--iZltnZy51YoKwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBLECT9Duy86SXnfGfmyBxh3T6bwbmL3_uPw3MHcKr0V8fuWYOwPOd32Sz0SJupghUxPZLOsMG8ShGOzQ5IgJdfOLEVaB78bKsW8gKLCyxn3wBUAaPfSF-JA2WHwI_ymjqlD_-1Fa2Zy9kMdeCLgjtAxVWb6g3VGWTp_lQjgmHvEz0VtNjbCCEUASzDCilmEWR8imB9-LEhAxU3n3t5L6D3GhSYxOR3lK6PMH2pSrmSMH1eEEyOxipQ1HpPtQYrpbwSB8ko5H4QPzaSfuHu_f7VfvbP5sKcFiOTNky5Yts8FsYm7ZNirVLGoxhzUnsteujkuhXhMnV_eSZiJeNO0xREsKOmqzWFemAt4aLp6ZF1fe9Z5KS3QHj1Ltk5zM2U8QJlnATMmuEV7aMd_W0h_5QyPaLiCABszoi6enmM30KKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0vHXBrxssnPtBEOlTX3YtwDNKNsA%26client%3Dca-pub-4485239425924787%26adurl%3Dhttps%253A%252F%252Fr1-usc1.zemanta.com%252Frp2%252Fb1_googleadx_display%252F27660748%252F92404976%252FAGKG7OXTSH5KTK63ZZYKHD4KJKEB5BAJXESCUJ5ER23NP5DE77ATKDBZXBGGSXW2XJBJBOVECXVVQCFWRCBWLTOFTMJXJ6VUB4TMEA4EKMQX2ZR5R7VBVA5736E7Y43TUPWSACGS6CGDMQRGR3EXFAOYVXYSICVJBS6LQ53AO6GB34MEUQALZ47WET6WVIKHU7GNPAZNG2XT2H3PPLPUA62O3UZPB4BIKER3EUP36FJI26LQXARPLDHCLHOCLSM4A75GFQMZNAZDZEEMCVLBR7A3TAO2J4K4AGVIQIRHGJS5DUEQAFKKXMIWGDYOPYFFXLSFFYMSZHBJ4N2NEHJESLCGI4AHXJ2EHUKFTIPMWZ27HMU3X6SZLBUCRQKS3WQ2DULRVTOEWJPIOSBSAGU7IKHMX5FMQLARBDNRBZBF7VT6K6Z37NFZUYZTEIANMMOTN5QRQAPYNC26JCVBMFENBK2NBE2F52U3HXWQLRDUOHQNWMFOK2DIHQMROGVOBI3WCORPFVYKDCGQAIU2IAW7WA3JMP4IK4C6PQSJAY4CEW7XNIL6LZK2KKD6N7GLIB7G%252F%253Frurl%253D;js=1;adfxid=1x;4168;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.bg3.co
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
012cceab1ce0a16b512fd12589580c6fbe263f1fd4ff69806a8dbc135cac5fff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3796
expires
-1
PugMaster
image6.pubmatic.com/AdServer/ Frame 3C53 		716 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16050594&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
41d859ca2e5e177d51e6b174decf32bd73427ccec4d1426e99d3e1d559efa17f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 16 Nov 2022 15:55:54 GMT
content-length
716
content-type
text/html; charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8F04 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 15:55:54 GMT
GS.d
js.cookieless-data.com/ Frame CF13 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1668614154184
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 15:55:55 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 34D6
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E547AB7B174C4CEEB075D3465A32E5D7&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=B9DA278A-8A84-4BF3-988A-978B8497E325
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=B9DA278A-8A84-4BF3-988A-978B8497E325
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.180.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-180-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Wed, 16 Nov 2022 15:55:55 GMT

Redirect headers

cache-control
private,max-age=86400
content-length
113
content-type
text/html; charset=utf-8
date
Wed, 16 Nov 2022 15:55:54 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=B9DA278A-8A84-4BF3-988A-978B8497E325
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.servenobid.com/ Frame AF2B 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=B9DA278A-8A84-4BF3-988A-978B8497E325
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.225.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-225-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Wed, 16 Nov 2022 15:55:54 GMT
info2
uipglob.semasio.net/pubmatic/1/ Frame 3C53
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B9DA278A-8A84-4BF3-988A-978B8497E325&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B9DA278A-8A84-4BF3-988A-978B8497E325&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B9DA278A-8A84-4BF3-988A-978B8497E325&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:50 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=B9DA278A-8A84-4BF3-988A-978B8497E325&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 3C53
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent=&ct=y
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.255.22.33 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-22-33.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:55 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.4.230
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B9DA278A-8A84-4BF3-988A-978B8497E325&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.0.160
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 3C53
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=B9DA278A-8A84-4BF3-988A-978B8497E325
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=672e7c2f-6f33-41e2-a9f7-921b60972fc6%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=11fe43f3-fdaf-4e93-a99a-20f132d88aae&ttd_puid=672e7c2f-6f33-41e2-a9f7-921b60972fc6%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=11fe43f3-fdaf-4e93-a99a-20f132d88aae&ttd_puid=672e7c2f-6f33-41e2-a9f7-921b60972fc6%2C
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:54 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=11fe43f3-fdaf-4e93-a99a-20f132d88aae&ttd_puid=672e7c2f-6f33-41e2-a9f7-921b60972fc6%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 097A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095027&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150350&bpp=13&bdt=393&idt=1001&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=2&ga_vid=1152364600.1668614150&ga_sid=1668614151&ga_hid=1706757183&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070923%2C44770880&oid=2&pvsid=4255099490561129&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.etkkt8rxbycr&fsb=1&dtd=1023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
4948
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 14:33:26 GMT
etag
48472445140208031
expires
Thu, 17 Nov 2022 14:33:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2347 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9dc3360157645659f353dda1fb2589f378f7e0dff833359687e11761a8d27307

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 316F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
109032
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 09:38:42 GMT
expires
Wed, 15 Nov 2023 09:38:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A667 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f105.1e100.net
Software
GSE /
Resource Hash
43c6e854328f5a8851cfa362424cdc8b96965448d4359c051c0973208662886b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-T_fCDLLwgZH3ZSW5sQ-kfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-T_fCDLLwgZH3ZSW5sQ-kfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:55:54 GMT
expires
Wed, 16 Nov 2022 15:55:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Standard
s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.224/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 2347 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.224/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5004bd622b5180f3ec1d4cdfa52104b601f6d18703e01a1b54acdde70dfa25ad

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:54 GMT
content-encoding
gzip
last-modified
Mon, 14 Nov 2022 10:47:37 GMT
server
nginx
x-cache-status
HIT, HIT, HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 15 Nov 2022 17:28:45 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame AD3E 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26687876&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 16 Nov 2022 15:55:54 GMT
content-length
47
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 097A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFtou_i2eTBgApv7waFyiPE&google_cver=1&google_push=ASkJ3FaXUlY714mLP0kym_QQjRyOyveR40k3GcAuToB7opRGL9GQrI2PtiX0XGXceIWpH1B3FyVwRUKvtDW7DNa3UI...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTFmZTQzZjMtZmRhZi00ZTkzLWE5OWEtMjBmMTMyZDg4YWFl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=11fe43f3-fdaf-4e93-a99a-20f132d88aae
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTFmZTQzZjMtZmRhZi00ZTkzLWE5OWEtMjBmMTMyZDg4YWFl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=11fe43f3-fdaf-4e93-a99a-20f132d88aae
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095027&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150350&bpp=13&bdt=393&idt=1001&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=2&ga_vid=1152364600.1668614150&ga_sid=1668614151&ga_hid=1706757183&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070923%2C44770880&oid=2&pvsid=4255099490561129&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.etkkt8rxbycr&fsb=1&dtd=1023
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTFmZTQzZjMtZmRhZi00ZTkzLWE5OWEtMjBmMTMyZDg4YWFl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=11fe43f3-fdaf-4e93-a99a-20f132d88aae
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame 097A
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEJR2dA5uZbkxgdoHtrQYFfA&google_cver=1&google_push=ASkJ3FYlsTU7G0lkKnF-uQXx1B2O42JC5sFveelNLonCMgRBDTkZQzPpwdy3g9J6fRDZeB3OF90Df3lzYs1Xn1AKInjbd-eUquTj
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cWdrTjNaMTNDcjJBLXNyc0JBaDFZdw%3D%3D&google_push=ASkJ3FYlsTU7G0lkKnF-uQXx1B2O42JC5sFveelNLonCMgRBDTkZQzPpwdy3g9J6fRDZeB3OF90Df3lzYs1Xn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cWdrTjNaMTNDcjJBLXNyc0JBaDFZdw%3D%3D&google_push=ASkJ3FYlsTU7G0lkKnF-uQXx1B2O42JC5sFveelNLonCMgRBDTkZQzPpwdy3g9J6fRDZeB3OF90Df3lzYs1Xn1AKInjbd-eUquTj
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=cWdrTjNaMTNDcjJBLXNyc0JBaDFZdw%3D%3D&google_push=ASkJ3FYlsTU7G0lkKnF-uQXx1B2O42JC5sFveelNLonCMgRBDTkZQzPpwdy3g9J6fRDZeB3OF90Df3lzYs1Xn1AKInjbd-eUquTj
date
Wed, 16 Nov 2022 15:55:55 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 097A
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPZLkrtwYZJY8e3MmK7VZvE&google_cver=1&google_push=ASkJ3FZpnENpGa5HsCv4i6axcr9Ur-v-tltDtPxX_4CAa2xOUT5JRs5EIhEyQgiuqeicg_jj4_btw2s8lUQzco4FC9leNfBGteOc
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FZpnENpGa5HsCv4i6axcr9Ur-v-tltDtPxX_4CAa2xOUT5JRs5EIhEyQgiuqeicg_jj4_btw2s8lUQzco4FC9leNfBGteOc&google_hm=DuKnKFnxzrk8VQRH4O9BMA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FZpnENpGa5HsCv4i6axcr9Ur-v-tltDtPxX_4CAa2xOUT5JRs5EIhEyQgiuqeicg_jj4_btw2s8lUQzco4FC9leNfBGteOc&google_hm=DuKnKFnxzrk8VQRH4O9BMA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095027&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150350&bpp=13&bdt=393&idt=1001&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=2&ga_vid=1152364600.1668614150&ga_sid=1668614151&ga_hid=1706757183&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070923%2C44770880&oid=2&pvsid=4255099490561129&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.etkkt8rxbycr&fsb=1&dtd=1023
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:54 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FZpnENpGa5HsCv4i6axcr9Ur-v-tltDtPxX_4CAa2xOUT5JRs5EIhEyQgiuqeicg_jj4_btw2s8lUQzco4FC9leNfBGteOc&google_hm=DuKnKFnxzrk8VQRH4O9BMA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
togqa2n9dcts0vnr05u01r846ps457lh
pixel
cm.g.doubleclick.net/ Frame 097A
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEN_IqjfskY-KO4DqBUMtxy0&google_cver=1&google_push=ASkJ3FZEACLQrcxXe2UIEXU7l0IMUcGFMMg7sKnP480wuYPDd1UZUwUkGPXehfiJ2cJDVhU1ZSIwsfyt9Ue7m5m15E...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTgzNDkzMTk0MzgyNDMzNjQxMTU&google_push=ASkJ3FZEACLQrcxXe2UIEXU7l0IMUcGFMMg7sKnP480wuYPDd1UZUwUkGPXehfiJ2cJDVhU1ZSIwsfyt9Ue7m5m15EFF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTgzNDkzMTk0MzgyNDMzNjQxMTU&google_push=ASkJ3FZEACLQrcxXe2UIEXU7l0IMUcGFMMg7sKnP480wuYPDd1UZUwUkGPXehfiJ2cJDVhU1ZSIwsfyt9Ue7m5m15EFF6Yiwq26w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTgzNDkzMTk0MzgyNDMzNjQxMTU&google_push=ASkJ3FZEACLQrcxXe2UIEXU7l0IMUcGFMMg7sKnP480wuYPDd1UZUwUkGPXehfiJ2cJDVhU1ZSIwsfyt9Ue7m5m15EFF6Yiwq26w
Date
Wed, 16 Nov 2022 15:55:55 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 097A
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESELwwdzH1sra3Q4UowpbuJnU&google_cver=1&google_push=ASkJ3FbPDayDZ31_um8YSp1Pvof3nZVfEmuVPlFgYXWDiyyiIOaGCFM2G24FIrKgJTjE7m-Gj6hvBVqnoP94P8_aX...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FbPDayDZ31_um8YSp1Pvof3nZVfEmuVPlFgYXWDiyyiIOaGCFM2G24FIrKgJTjE7m-Gj6hvBVqnoP94P8_aXWww05l3xc0Z&google_hm=AecTCrgKb0nHugQL8w6d0XI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FbPDayDZ31_um8YSp1Pvof3nZVfEmuVPlFgYXWDiyyiIOaGCFM2G24FIrKgJTjE7m-Gj6hvBVqnoP94P8_aXWww05l3xc0Z&google_hm=AecTCrgKb0nHugQL8w6d0XI
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FbPDayDZ31_um8YSp1Pvof3nZVfEmuVPlFgYXWDiyyiIOaGCFM2G24FIrKgJTjE7m-Gj6hvBVqnoP94P8_aXWww05l3xc0Z&google_hm=AecTCrgKb0nHugQL8w6d0XI
Date
Wed, 16 Nov 2022 15:55:55 GMT
Server
Apache
Connection
keep-alive
Content-Length
231
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 097A
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKaLAWuFzucV-jMxCScGRss&google_cver=1&google_push=ASkJ3FZYKx9FVWb6MmRAKytMfArsEMGY9buxHzh6AHHKg7pMyFp5TC2hYy4zlmoJx3g5_q_JyT4L2QveUQhsqUO3Naji5w5AETa3
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgyNDU1NTg2NTYwMTg0ODI1ODIwMQ%3D%3D&google_push=ASkJ3FZYKx9FVWb6MmRAKytMfArsEMGY9buxHzh6AHHKg7pMyFp5TC2h...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgyNDU1NTg2NTYwMTg0ODI1ODIwMQ%3D%3D&google_push=ASkJ3FZYKx9FVWb6MmRAKytMfArsEMGY9buxHzh6AHHKg7pMyFp5TC2hYy4zlmoJx3g5_q_JyT4L2QveUQhsqUO3Naji5w5AETa3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095027&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150350&bpp=13&bdt=393&idt=1001&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=2&ga_vid=1152364600.1668614150&ga_sid=1668614151&ga_hid=1706757183&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070923%2C44770880&oid=2&pvsid=4255099490561129&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.etkkt8rxbycr&fsb=1&dtd=1023
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzgyNDU1NTg2NTYwMTg0ODI1ODIwMQ%3D%3D&google_push=ASkJ3FZYKx9FVWb6MmRAKytMfArsEMGY9buxHzh6AHHKg7pMyFp5TC2hYy4zlmoJx3g5_q_JyT4L2QveUQhsqUO3Naji5w5AETa3
date
Wed, 16 Nov 2022 15:55:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 097A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEchoPkE_N6QL8cwhackGEA&google_cver=1&google_push=ASkJ3FZ8OiEVifiVCBjBIl8biwqYIiOW6RomgAK0Bdz8bUp14TtOgTE50poQlNE89Wy-lYt7D-...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BVHV6bkdoRTJ1SFY0T09wQTFaeUl3QjdNRFV5Qm5sMX5B&google_push=ASkJ3FZ8OiEVifiVCBjBIl8biwqYIiOW6RomgAK0Bdz8bUp14TtOgTE50...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BVHV6bkdoRTJ1SFY0T09wQTFaeUl3QjdNRFV5Qm5sMX5B&google_push=ASkJ3FZ8OiEVifiVCBjBIl8biwqYIiOW6RomgAK0Bdz8bUp14TtOgTE50poQlNE89Wy-lYt7D-ZVViiBtevlz6DgK1t2Lwdu7mkFIg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095027&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150350&bpp=13&bdt=393&idt=1001&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=2&ga_vid=1152364600.1668614150&ga_sid=1668614151&ga_hid=1706757183&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070923%2C44770880&oid=2&pvsid=4255099490561129&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.etkkt8rxbycr&fsb=1&dtd=1023
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BVHV6bkdoRTJ1SFY0T09wQTFaeUl3QjdNRFV5Qm5sMX5B&google_push=ASkJ3FZ8OiEVifiVCBjBIl8biwqYIiOW6RomgAK0Bdz8bUp14TtOgTE50poQlNE89Wy-lYt7D-ZVViiBtevlz6DgK1t2Lwdu7mkFIg
date
Wed, 16 Nov 2022 15:55:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 097A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L9Oqd05hTDE_kKhmg_b_FDN7VU13agFLxRG8uV6VzG9zS9U9LqwieIKWyshlODUiA8GZr6JA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095027&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150350&bpp=13&bdt=393&idt=1001&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=2&ga_vid=1152364600.1668614150&ga_sid=1668614151&ga_hid=1706757183&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070923%2C44770880&oid=2&pvsid=4255099490561129&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.etkkt8rxbycr&fsb=1&dtd=1023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame A667 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2147068560365098&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 316F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:08:01 GMT
usersync
usersync.gumgum.com/ Frame 0295 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=B9DA278A-8A84-4BF3-988A-978B8497E325
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 16 Nov 2022 15:55:54 GMT
Expires
0
Pragma
no-cache
activeview
pagead2.googlesyndication.com/pcs/ Frame 36D5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssF2VvhuinJnCQ4X8B23Vmhph1AEsqJ6xipPKUhzMYDx-prkhJlQE8BOzu2L7gblfKABxAumW3NgsBnWK5VrZ2-6adG2dcS3W1dRWX6ptlw9_YBYjVvlbpyIvDXYn7ran5nzFHXwPRcUJORLpXo0KNfxF_2q496Mw&sai=AMfl-YRfn9MTiIXKL_IN-uY7Jl05u1I14ACqSML2AyETvNxPDeH8BwkYCfcXwSVeHUAPYQIS-7BCwRozDq0a1LRbWDQQsNObH9dvCeenv4QjjOSbJleZ17b5F7MmCP4Aig&sig=Cg0ArKJSzJvW2Mn-fgBIEAE&cid=CAQSOwDq26N9XBkVlfkQHu-YsVJ7Jk6Hil5eppjiLs5DpQfvSrAxJLdgivZ51Lr_WtnskhiiKiGFyg9nQJZVGAEgEw&id=lidar2&mcvt=1007&p=300,5,900,125&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668614150801&rpt=3185&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
asia.adform.net/csimpr/ Frame 2347 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://asia.adform.net/csimpr/?bn=56367626&csi=Djg1zmjFejTCvXKv5s8sUNuDfmSzOvkro-Yc4GmGQEUJDwKV3Zer3OE9mmas7p9T5ASyYvU4KtrEisVxAqUsrN6vWmW1dlSa0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
sodar
pagead2.googlesyndication.com/getconfig/ Frame 95CF 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
28ed591fd81c63bc5fe5ac4b70c4ad2b0253f94d6fd8ffffa56db6acdd2dd847
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12509
x-xss-protection
0
11240091.js
s2.adform.net/Banners/Elements/Files/2111416/11240091/ Frame 537D 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/Banners/Elements/Files/2111416/11240091/11240091.js?ADFassetID=11240091&bv=513
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8c6af3eda3fb057943991e6f4cb4b09706f6fc422de9f6fd6130347e4446493e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:55 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 23:24:13 GMT
server
nginx
x-amz-request-id
tx0000044e7d0578aa04d11-006374028f-32941e2b-default
etag
W/"e4cbd12b65e1415d73b367e76b1a6327"
x-cache-status
MISS, HIT, HIT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
generate_204
tpc.googlesyndication.com/ Frame 316F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-x1ocQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Adform.DHTML.js
s2.adform.net/banners/scripts/rmb/ Frame 537D 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.224/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:55 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000f0871cceaacfc80b-00635ba2ec-32941e2b-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT, HIT, HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
createjs.min.js
code.createjs.com/1.0.0/ Frame 537D 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.224/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.235.208 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-235-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:56 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Wed, 16 Nov 2022 16:10:56 GMT
css
fonts.googleapis.com/ Frame 537D 		2 KB
624 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:600&subset=latin
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.224/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
a12f64cad3e3b6dbad5d094c5ec316e18b64cbab9b4a1481e46d0afe4d707110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 16 Nov 2022 15:55:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 15:55:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Nov 2022 15:55:55 GMT
index.js
s2.adform.net/Banners/Elements/Files/2111416/11240091/bvpath_513/ Frame 537D 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/Banners/Elements/Files/2111416/11240091/bvpath_513/index.js
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.224/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f8c6274be8ab5d7dafd695c4683723ea43bc60fa25fa75d6834b4aabadc0cb2e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:55 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 23:24:13 GMT
server
nginx
x-amz-request-id
tx0000053c0b9c2d4c5d7df-006374028f-329373d4-default
etag
W/"29b762426bc7904813be16876d37c7f6"
x-cache-status
MISS, HIT, HIT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 95CF 		0
0
ptrack
a.audrte.com/ Frame 6542 		368 B
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=116.90.74.197&p=M1353665098&artime=2022-11-16T15:55:55.391Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS8xOWZjNmRhYTNhOTI2MjU2P2N0PTEmcnVpZG09MSZkdT1odHRwcyUzQSUyRiUyRmNzLm1pbnV0ZW1lZGlhLXByZWJpZC5jb20lMkZjcyUzRmFpZCUzRDIxNTA2JTI2aWQlM0QkVUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=Y3MtcnRiLm1pbnV0ZW1lZGlhLXByZWJpZC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.87.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-87-63.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
5ca3a41549401f41fd7cf7a13ec8de8f7c4312ac4932df2f4722681e25756a82

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:55:56 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
262
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb90&_p=3870&cid=1152364600.1668614150&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1668614150&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&dt=%E8%94%A1%E5%AE%9B%E7%8F%8A%E8%AA%8D%E6%84%9B%E3%80%8C%E8%87%BA%E7%81%A3%E5%A5%B3%E8%97%9D%E4%BA%BA%E8%80%81%E5%85%AC%E3%80%8D%EF%BC%81%E3%80%80%E5%A4%B1%E5%A9%9A1%E5%B9%B4%E6%B7%AA%E5%B0%8F%E4%B8%89%E2%80%A6%E6%AD%A3%E5%AE%AE%E6%9E%97%E5%AE%B6%E7%92%9CFB%E7%8B%A0%E6%89%93%E8%87%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2347 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXdRstR6JEmgeh2rDMFRU-QwUtF4WcclV1yvMmvad6zcd5xNitbs0PFFgi29TGMq6xucmjwkaEzcM50nnTjybqqP5g&sig=Cg0ArKJSzLNj-HT8Ryn_EAE&cid=CAASFeRoUwzXueuTNEbTWhCdweNa9a_QJA&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2844491747&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668614151849&rpt=3197&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 3C53 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 537D 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 05:52:31 GMT
x-content-type-options
nosniff
age
36205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12700
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 05:52:31 GMT
Layer0.jpg
s2.adform.net/Banners/Elements/Files/2111416/11240091/bvpath_513/ Frame 537D 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.adform.net/Banners/Elements/Files/2111416/11240091/bvpath_513/Layer0.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
398b6ad3f27000beaa3dc741a62da981e585b46f9bb3f0c9de11cf08c7f9e30d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 15:55:56 GMT
last-modified
Sat, 28 May 2022 23:24:13 GMT
server
nginx
x-amz-request-id
tx00000aa9614341bbb2f32-0063749627-3293aae9-default
etag
"230a51b3460bd0d50f20fbd77b1e218e"
x-cache-status
MISS, HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
37583
/
ps.eyeota.net/pixel/bounce/ Frame 6542
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=d02jPelTCeJSSO9r28eX0mUSw&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=d02jPelTCeJSSO9r28eX0mUSw&gdpr=0&gdpr_consent=
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=d02jPelTCeJSSO9r28eX0mUSw&gdpr=0&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
54.251.140.206 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/javascript
Date
Wed, 16 Nov 2022 15:55:57 GMT
Content-Length
1314
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=kh51m51&t=ajs&uid=d02jPelTCeJSSO9r28eX0mUSw&gdpr=0&gdpr_consent=
Date
Wed, 16 Nov 2022 15:55:57 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 6542
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d02jPelTCeJSSO9r28eX0mUSw&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d02jPelTCeJSSO9r28eX0mUSw&gdpr=0&gdpr_consent=&google_gid=CAESEJlFliqOWn8ISt9KMss4qkM&google_cver=1
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Server
18.210.87.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-87-63.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 15:55:57 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 16 Nov 2022 15:55:56 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
a.audrte.com/ Frame 6542
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8442255637575501824
  • https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D{PUB_USER_ID}%26p%3D560038091
  • https://a.audrte.com/match?uid=0cd6dd90-289f-4e28-8225-ce4c1ecf1e22&p=560038091
0
0
Layer51.jpg
s2.adform.net/Banners/Elements/Files/2111416/11240091/bvpath_513/ Frame 537D 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 8F04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2147068560365098&bg=!iomlic3NAAbvMpMzzzI7ACkAdvg8Wq0UwCTO9wguGzJvvb_hYKpSjUFZPmsBQDpMc0YNho6grVd_rQIAAACZUgAAAAtoAQcKAI-0yfvBQVqfwcWBGBPtGW8ED87hbzGmI5giOkS8V2SIs2C_1EooJO-wUTzgR0_dmonXUfSvHucq7IF2Zq2p50ZTpc6OrJ6UFIRYcsYCo0QswjCPgCzeleViU3OZTr7YDmXpRhRxi9jerhZycPqg8fhQ22juKxDBSn85r_5Eg2kI3TeKAoaHdzGWRmaVXqdz-JkC7DGNU7_jgpImJKCqfeZ4rRwGPhMs0zpwfh4VTamJm_550P1XSncTokbBSJQf25aYFW8L3xAI0FfvC7ok3AazdH9BAdKBEZ2MdqIjmJuM9ZP-HPatBhWWfsXxbXFnUcPcQfZXHpquMxXrXZ_SL2_BeaMqyb1Z0GxILq2vITz75CarLYQgdWsaAfeoQGZXcp9NVRn_fNBt1ycjBcUtA1fDVOYVU2oW9KSXOt_5ecqo3pocfAnrPu1VVnejYdhnERqhHNbAgwpxUsP_3xKtyiQvTN01xG3vA4QUTxC-N7RP7_ujSRZ4JOUr04zgFRRKeuroelZlzs8XLJI-vTLZNc9fN0jfAKV0dmdgPrzLDVADF5ZejTJ6hJNAhA6K1f_1MBSX3gc5fIza7q-YSk3DChPI0yD9OHCpYS_DVkdV0R5unoxdHbYwg5fY_6YnMvw9QcRZt_JLwJHGScLyQvjlCq8eLuFCRBuAQ80Ku36AbiOv8BBvTlChl4b4aKkdV-O4gkwHidYfkrcMdBOwWN-7I5vWY1vVQFfBtjX9z4mbqfUE-JWsRyOatA3FZ5zPpVlZ5c3FULl7DenhGuTct07rh67CFLSlgzmOkKDhvH-MYuVw2ZiV3LWfm10XrTaE_YJvhd1YqnA9ZTtVN7rM9Dgng9EgnAZe5NcY2FVJFobuxMm3Qsg_0QKEa51xnMr40GeR3GobN2sn813q9iiPDzm-UXKWBMdTEJG-6pRqTlcIlgJXJYUX_rDY_MTlZ4GcC30H-Li9vux2azlAgWd7iP4CDdNrLm5TuKJJJ2xPNdABLLmudtyHlDr69ceY6889BcsnOWzhX5f6Sc0KI4rOJtiSlsaQ9D2St3yZpW0z77PRMGLTo1ce_0oAif4ykET7kwWlse88B7xM6LFaut0g_9QiWMskTHEQGuo66TuDrR5nUSbbNGJvgwx43kJC734H3JIoOvLXR_9x9ddzJg0aDto_Wb2hGryX1Fd2ajLmz-GUWpU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/cai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
asia.adform.net/serving/unload/ Frame 2347 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://asia.adform.net/serving/unload/?version=15&unload=8442255637575501824@@56367626,6716198156653618845,100|1181|0|0|0|0|0|0|0||46|1|||||1|0|0|V8acoBj0tXLxBx_RTJEBJxTZQaWQrP8WV4XS70N6uu0OneOMZxhT5vL_QlhaeLlf0|||11||0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 15:55:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=MsWwf8IHFHnZv0DRHR-J&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKNONLXOZRYJFEEMSDOLJ3DARCSJBJC2SRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4DMMJUGE2TAMBZGAZTCMJWGE2TONBZG42DIMZXHE3TAMBQKYYTAJTWONUWIPJTGEYTMMJVG42DSNZUGQZTOOJXGAYDAVRRGA
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=QxzamAmPTWC3jVM_z9vS&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2ULYPJQW2QLNKBKFOQZTNJLE2X32HF3FG
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=VxIyNl3vAOXIjjM_qlT5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VTYJF4U43BTOZAU6WCJNJVE2X3RNRKDKJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/cchain/7/19789?gdpr=&gdpr_consent=&us_privacy=&A=cc4de2f7-fe76-4125-8caa-605e758cd934&bidder=sovrn&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=FqV7CLZHjqU-OgFCQc6Tkmfl
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Domain
a.audrte.com
URL
https://a.audrte.com/match?uid=0cd6dd90-289f-4e28-8225-ce4c1ecf1e22&p=560038091
Domain
s2.adform.net
URL
https://s2.adform.net/Banners/Elements/Files/2111416/11240091/bvpath_513/Layer51.jpg

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover object| ucf object| request string| paramsString function| setImmediate function| clearImmediate number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter undefined| $ undefined| jQuery function| jqAlias string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| ggeac object| google_tag_data object| google_js_reporting_queue object| _qevents object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| criteo_syncframe_state boolean| noPreviewPage object| dataLayer function| gtag object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 function| quantserve function| __qc object| ezt object| _qoptions undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_reactive_ads_global_state object| google_tag_manager function| onYouTubeIframeAPIReady object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

231 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQm6-dicgwCgoIgQIQm6-dicgwCgoI4gEQm6-dicgwCgoI5gEQm6-dicgwCgoIhwIQm6-dicgwCgkICRCbr52JyDAKCQg6EJuvnYnIMAoKCIwCEJuvnYnIMAoJCF8Qm6-dicgwCgkIHxCbr52JyDA=
.aralego.com/ Name: sspid
Value: 0eab936f-e555-3ade-b0c8-6ca2d00c2fea
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: cc1343e9-dff0-40ca-ab33-66ced226b275
www.bg3.co/ Name: CFFPCKUUID
Value: 570-X3KhG7eyOpmy2LDd8OdcXVSXzMNpO4zD
.www.bg3.co/ Name: CFFPCKUUIDMAIN
Value: 693-8Hy8YUdj4rew9FuIuRJ76h7w71wD5GNk
.hinet.net/ Name: uuid
Value: f5f3f2ab-279a-42bb-bb87-e1b7945aa845
.adpushup.com/ Name: ap_uid
Value: 20b3b960-65c7-11ed-ad50-000d3aa242c0
.adpushup.com/ Name: ap_usid
Value: 20b3b961-65c7-11ed-ad50-000d3aa242c0
.holmesmind.com/ Name: Vision
Value: 20221116-23:59,20221117-02,20221117-02,20221116-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.holmesmind.com/ Name: P
Value: 959830-5XZkrmzYnL9UxNOrnbAr0fTswRuh1Qj7
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 0218124d-59f0-4860-80f7-801857d14877
.doubleclick.net/ Name: IDE
Value: AHWqTUmGZkfgfj3Df6TZ4uGABm5EszF4-cuP17MWjbdX_MCMnG6gMSpZK-09-x807QQ
.openx.net/ Name: i
Value: 0218124d-59f0-4860-80f7-801857d14877|1668614145
.omnitagjs.com/ Name: ayl_visitor
Value: b30aa90c280450af725a35668da26886
.rubiconproject.com/ Name: khaos
Value: LAJTS2X6-O-7T07
.teads.tv/ Name: tt_viewer
Value: 2365c019-f5d6-4640-986c-8801ef6edd5c
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwgZDUmwY4AUABSAEQgZDUmwYYAA..
.adnxs.com/ Name: uuid2
Value: 2619822817631859109
.c.appier.net/ Name: _auid
Value: qgkN3Z13Cr2A-srsBAh1Yw
.openx.net/ Name: pd
Value: v2|1668614149|jElYiuvOiahI
.bg3.co/ Name: __htid
Value: f5f3f2ab-279a-42bb-bb87-e1b7945aa845
.bg3.co/ Name: _ht_em
Value: 1
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22f881023e-14c9-45af-938b-e5624bfdf0cd%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-16T15%3A55%3A50%22%7D
.adsrvr.org/ Name: TDID
Value: 11fe43f3-fdaf-4e93-a99a-20f132d88aae
.3lift.com/ Name: tluid
Value: 3824555865601848258201
.media.net/ Name: visitor-id
Value: 3116157497443797000V10
.openx.net/ Name: univ_id
Value: 537072971|11fe43f3-fdaf-4e93-a99a-20f132d88aae|1668614149996843
.casalemedia.com/ Name: CMID
Value: Y3UIBqQdqjPD9BouCJPzsQAA
.casalemedia.com/ Name: CMPS
Value: 5332
.casalemedia.com/ Name: CMPRO
Value: 5332
.ladsp.com/ Name: cr
Value: 1
.turn.com/ Name: uid
Value: 3732945120016780590
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY4NjE0MTUwfQ
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1668614150.1.0.1668614150.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1152364600.1668614150
.ladsp.com/ Name: smn_uid
Value: wwruEJij_-tEq6f4D7neXw7--kRsKXA
.bg3.co/ Name: cto_bundle
Value: LXc9919GN2FROTNDYWw0c2JJSVVWTFpLemM4emVXTnNtcUdzSmROMG9GS2lVSUZvWUtnZkpXT1J4SzVRWHFFcXhNTExVeTV2eUpTSElvSHVPRmVoS09tUFpiJTJGSFJ2Y0dsaDk2N0pjVUh5V3paQVdRJTNE
.bg3.co/ Name: cto_bidid
Value: 2WzHLl9mSXFHbmxZZHI0dEdCdjU5SHdHMTVJeGJCZkNjczVGN3glMkI5MTZzOUlWNnBiQjVzTTlKVzl1bkJjWHlYYlptdlpEZDM4TXhhZmRVNWNsbWhxQTBKQ1FRJTNEJTNE
.bg3.co/ Name: __gpi
Value: UID=00000b7d329af514:T=1668614150:RT=1668614150:S=ALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q
.media.net/ Name: data-a
Value: 2619822817631859109~~8
.media.net/ Name: data-o
Value: 1998448b-5b77-4d77-b96e-369e8119e956~~8
.linkedin.com/ Name: li_sugr
Value: a8ab257c-0f44-4d07-bbdc-d834e408ba20
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&be67a767-5aa2-4e56-8e45-0a898391b186"
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2543:u=1:x=1:i=1668614150:t=1668700550:v=2:sig=AQFoeyDOAQKEkR9JWhlXJDuhQPoxy98o"
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.a-mo.net/ Name: amuid2
Value: cc4de2f7-fe76-4125-8caa-605e758cd934
.prebid.a-mo.net/ Name: sd_amuid2
Value: cc4de2f7-fe76-4125-8caa-605e758cd934
.mathtag.com/ Name: uuid
Value: 98466375-0806-4f00-8e5d-7a4fc39ae493
.media.net/ Name: data-g
Value: CAESENhFZN186qflJV34LBaGWD8~~8
.quantserve.com/ Name: mc
Value: 63750806-cec8c-fae60-884ec
.bg3.co/ Name: __qca
Value: P0-1491399323-1668614149815
.bing.com/ Name: MUID
Value: 3D0F087078AE64270A4B1A2E7954657B
.c.bing.com/ Name: MR
Value: 0
.media.net/ Name: data-mm
Value: 98466375-0806-4f00-8e5d-7a4fc39ae493~~8
.bidswitch.net/ Name: c
Value: 1668614151
.bidswitch.net/ Name: tuuid_lu
Value: 1668614151
.servenobid.com/ Name: pid_312
Value: 2619822817631859109
.yahoo.com/ Name: A3
Value: d=AQABBAcIdWMCECtRp7heS_WNa4kqEnWSC9oFEgEBAQFZdmN-YwAAAAAA_eMAAA&S=AQAAAgBT51gqRQ28Ht1uMuz3WNM
.gumgum.com/ Name: vst
Value: a_a636cbe7-8279-4958-b890-abe0dbbf1a49
.media.net/ Name: data-ttd
Value: 11fe43f3-fdaf-4e93-a99a-20f132d88aae~~1
.company-target.com/ Name: tuuid
Value: e2681fb2-698f-4fb6-8d88-fc0850f953e6
.company-target.com/ Name: tuuid_lu
Value: 1668614151
.servenobid.com/ Name: pid_333
Value: Y3UIBqQdqjPD9BouCJPzsQAAFNQAAAIB
.minutemedia-prebid.com/ Name: wrvUserID
Value: F0BeZ0Zak_mm
.w55c.net/ Name: matchmedianet
Value: 5
.w55c.net/ Name: wfivefivec
Value: HCIqNVSG1OVkLt5
.w55c.net/ Name: matchcasale
Value: 5
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B9DA278A-8A84-4BF3-988A-978B8497E325
.bidswitch.net/ Name: tuuid
Value: 705b2411-319c-4b14-a843-22ef020a85ca
.socdm.com/ Name: SOC
Value: Y3UIB8Co8YkAAFKwnfYAAAAA
.smartadserver.com/ Name: pid
Value: 4594210909283810098
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.lijit.com/ Name: ljt_reader
Value: FqV7CLZHjqU-OgFCQc6Tkmfl
.adsymptotic.com/ Name: U
Value: f07396575e40f920f1db22ee5985d64d
.media.net/ Name: data-xu
Value: 2U41HBD41OVkLs5~~8
.w55c.net/ Name: matchpubmatic
Value: 5
.w55c.net/ Name: matchbidswitch
Value: 5
.ctnsnet.com/ Name: cid
Value: 2efa6d9d710d4719bfbe9d1fb3130b25
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.criteo.com/ Name: uid
Value: d76406e9-6013-4519-9243-ffa17fb64165
.rlcdn.com/ Name: pxrc
Value: CIeQ1JsGEgUI6EcQAA==
.servenobid.com/ Name: pid_337
Value: y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A
.media.net/ Name: data-pba
Value: B9DA278A-8A84-4BF3-988A-978B8497E325~~8
.media.net/ Name: data-r
Value: LAJTS2X6-O-7T07~~1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y3UIBwAIIE57jAAW
.servenobid.com/ Name: pid_317
Value: 4594210909283810098
.dyntrk.com/ Name: dyn_u
Value: 07030002_63750807f3fd6
.servenobid.com/ Name: pid_310
Value: FqV7CLZHjqU-OgFCQc6Tkmfl
.contextweb.com/ Name: V
Value: HdfX6VhaSwVQ
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 36d150549085f4dc
.servenobid.com/ Name: pid_318
Value: _de8gIsRHuFd_pfGYDSOERxu3-VQR_fJHfhOVXbQf6Y
.sportradarserving.com/ Name: zuuid
Value: 04c0247e-e01b-4cc3-83cd-420f5cb029ca
.sportradarserving.com/ Name: c
Value: 1668614152
.sportradarserving.com/ Name: zuuid_lu
Value: 1668614152
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: tuuid
Value: deb4ef0b-d43b-5440-948c-f28df7f9fa85
.betweendigital.com/ Name: ss
Value: 1
ads.us.e-planning.net/ Name: CT
Value: 1
.rlcdn.com/ Name: rlas3
Value: 7Zf73e9uGRqlMLSNAG4MY8MIkraFKXKcFhySj1eGHQk=
.ambientdsp.com/ Name: _aGeoIp
Value: NZ-Auckland
.ambientdsp.com/ Name: _aUID
Value: xu7mybg2wp1
.bidr.io/ Name: bitoIsSecure
Value: ok
.mfadsrvr.com/ Name: c
Value: 1668614152
.mfadsrvr.com/ Name: tuuid_lu
Value: 1668614152
.zemanta.com/ Name: zuid
Value: VxIyNl3vAOXIjjM_qlT5
.quantserve.com/ Name: d
Value: ELQBDgHLJ4EO-TA
.adform.net/ Name: C
Value: 1
.bidr.io/ Name: bito
Value: AAEhN07G6hAAAB9n8RVSnQ
.bidswitch.net/ Name: google_push
Value: ASkJ3FaRJ-1iXqc9zCPar6eRScUaKvMGIcEtpq1jKA5J6CrTkLqbylM_hQhBLcJDJFnxqUIGvMN30UK49IXFQRd1CeQ0nx3UmmYuuCOk8jT4h2OKWRoexhHmUuKkw5bDQWtaYCdJSqkH1Lx8KQ6wYGk15j0
.simpli.fi/ Name: suid
Value: E547AB7B174C4CEEB075D3465A32E5D7
.ladsp.com/ Name: lum
Value: CPHAnYnIMBIFCAEQqAESBQgDEKgE
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-2efa6d9d710d4719bfbe9d1fb3130b25&KRTB&23139-2efa6d9d710d4719bfbe9d1fb3130b25&KRTB&23328-2efa6d9d710d4719bfbe9d1fb3130b25&KRTB&23427-2efa6d9d710d4719bfbe9d1fb3130b25
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y3UIBwAIIE57jAAW&KRTB&22978-Y3UIBwAIIE57jAAW&KRTB&23194-Y3UIBwAIIE57jAAW&KRTB&23209-Y3UIBwAIIE57jAAW
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-11fe43f3-fdaf-4e93-a99a-20f132d88aae&KRTB&22918-11fe43f3-fdaf-4e93-a99a-20f132d88aae&KRTB&23031-11fe43f3-fdaf-4e93-a99a-20f132d88aae
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:98466375-0806-4f00-8e5d-7a4fc39ae493&KRTB&16736-uid:98466375-0806-4f00-8e5d-7a4fc39ae493&KRTB&23019-uid:98466375-0806-4f00-8e5d-7a4fc39ae493&KRTB&23208-uid:98466375-0806-4f00-8e5d-7a4fc39ae493
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2619822817631859109&KRTB&23339-2619822817631859109
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:HCIqNVSG1OVkLt5&KRTB&23421-uid:HCIqNVSG1OVkLt5
.outbrain.com/ Name: obuid
Value: b17656bf-1ad8-464e-995e-55c991b1b82a
.betweendigital.com/ Name: ut
Value: Y3UICAANYcjHXtDpuQixK4pex5YjZAeTi3yUMw==
.33across.com/ Name: 33x_ps
Value: u%3D212030491315847%3As1%3D1668614152347%3Ats%3D1668614152347
.e-planning.net/ Name: E
Value: AOMZZHoP0mUaSIRU
.creativecdn.com/ Name: u
Value: lUNiwk7HDFS1zHnbAq8u
.creativecdn.com/ Name: ts
Value: 1668614152
.trafficroots.com/ Name: PARTNER_ID_3379
Value: ce90507737
.tribalfusion.com/ Name: ANON_ID
Value: a3nseFM0inh9PBmSUTpF1WgrvZdP1X3dgZcr1GfZdhH8GJr3X5q3IZbbkXwjNjdjZadoCVipDmZdy5K7VImI5jxmqE
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-d048e3e4-f726-324c-b4e7-cad8247aa29d
.pippio.com/ Name: did
Value: tiq_Y6l8ALefkJE6
.pippio.com/ Name: didts
Value: 1668614152
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CIiQ1JsGEgUI3k4QAA==
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-xu7mybg2wp1
.amazon-adsystem.com/ Name: ad-id
Value: A3wQ0hJptENxtzvymD1kHGM
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-qgkN3Z13Cr2A-srsBAh1Yw&KRTB&23130-qgkN3Z13Cr2A-srsBAh1Yw
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHm-udfz-8Bx-wXuBrZQYEo&KRTB&16514-CAESEHm-udfz-8Bx-wXuBrZQYEo&KRTB&23025-CAESEHm-udfz-8Bx-wXuBrZQYEo&KRTB&23386-CAESEHm-udfz-8Bx-wXuBrZQYEo
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-8kcuDvRMKQ3pF3xY_Bc0XaURLwvpTCEPoRepltCf&KRTB&19420-8kcuDvRMKQ3pF3xY_Bc0XaURLwvpTCEPoRepltCf&KRTB&22979-8kcuDvRMKQ3pF3xY_Bc0XaURLwvpTCEPoRepltCf&KRTB&23403-8kcuDvRMKQ3pF3xY_Bc0XaURLwvpTCEPoRepltCf
.servenobid.com/ Name: pid_339
Value: y-cvk6aTpE2uGU2.o17ws8yYg7MkPrd7SJDCD7qQw-~A
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.doubleclick.net/ Name: DSID
Value: NO_DATA
.admixer.net/ Name: am-uid
Value: 615cda2e756a42b0a3a43ad001103551
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:E547AB7B174C4CEEB075D3465A32E5D7
.bg3.co/ Name: __gads
Value: ID=53f3dfc5ff8051f8-22c318ba64d80011:T=1668614150:RT=1668614152:S=ALNI_MbnZchYnJjYiSglH_JMeR4ca-Z7dg
.adform.net/ Name: uid
Value: 8442255637575501824
.ctnsnet.com/ Name: gid_CAESEEQyoKeKr5ldmDCznCiOXBg
Value: 1
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1668614152
.ad-stir.com/ Name: uid
Value: 09b9dde9-74d8-44cc-a4e1-9a8158c2ef83
.ad-stir.com/ Name: d10000
Value: 705b2411-319c-4b14-a843-22ef020a85ca
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-eOQJjkANSEtOqZH-bP8om3RaSsU&KRTB&23334-eOQJjkANSEtOqZH-bP8om3RaSsU&KRTB&23417-eOQJjkANSEtOqZH-bP8om3RaSsU
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-188f12ba-dbfd-4929-63b3-9f0119446c8b.omDu2VmJXqGxYJ6NfEDZJSMDdeap6WOUWc%2FH7XhLzgY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AGI8Sutv9SSljs58BGURsi3RaSsU.YvX2xPH6ssq%2B1toSUrBWScaZF5RieMH930w4R9BMh8k
.servenobid.com/ Name: pid_346
Value: ua-d048e3e4-f726-324c-b4e7-cad8247aa29d
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8442255637575501824&KRTB&23263-8442255637575501824
.mfadsrvr.com/ Name: tuuid
Value: f923dc9a-6567-4b89-a6ec-3fb9ed616181
.mfadsrvr.com/ Name: ssh
Value: !minutemedia,1668614152
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJ0yrGdCgXhq3Xrd8oPN4aCnvH7UrtnZ0H7tGMyNIE0SitzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
ads.playground.xyz/ Name: connect.sid
Value: s%3AyWHdrCSSDkSEYkgOjCJiytLFICGkGjUg.fysy8D5rhiIefFHpISjIF127MypAcDPhqgUz8tkxSVg
.mookie1.com/ Name: id
Value: 10525334544038896284
.mookie1.com/ Name: mdata
Value: 1|10525334544038896284|1668614152867
.mookie1.com/ Name: ov
Value: a17735ecf31cfd7dbf26b9a338c1a6ad
.media.net/ Name: data-mf
Value: 10bd117c-8581-4213-9501-2a374f797a90~~1
.onetag-sys.com/ Name: OTP
Value: _de8gIsRHuFd_pfGYDSOERxu3-VQR_fJHfhOVXbQf6Y
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzW0MDCyNDA0MDEztbA0shDiM9TNqEzysShJTzbwdPMDAHMdEh0lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmZhZmhiaGpkaWQBAHpkf8IQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzW0MDCyNDA0MDEztbA0shDiM9TNqEzysShJTzbwdPMDAHMdEh0lAAAA
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3732945120016780590&KRTB&23150-3732945120016780590
.yieldmo.com/ Name: yieldmo_id
Value: ge2fd786148b14393a1b%7C1668614152989%7C0%7C
.servenobid.com/ Name: pid_323
Value: LAJTS2X6-O-7T07
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004%22%7D
.smartadserver.com/ Name: csync
Value: 31:705b2411-319c-4b14-a843-22ef020a85ca
.media.net/ Name: data-rk
Value: 1973209966069815918~~8
.yandex.ru/ Name: yuidss
Value: 8156287701668614153
.yandex.ru/ Name: yandexuid
Value: 8156287701668614153
.iqzone.com/ Name: iq_u_key
Value: 854752fd-7b64-4b91-afd8-ee7fb5c719d7
.iqzone.com/ Name: iq_r_key
Value: 161
.servenobid.com/ Name: pid_324
Value: 1975180290104658928
.tapad.com/ Name: TapAd_TS
Value: 1668614153429
.tapad.com/ Name: TapAd_DID
Value: 672e7c2f-6f33-41e2-a9f7-921b60972fc6
.servenobid.com/ Name: pid_309
Value: a_a636cbe7-8279-4958-b890-abe0dbbf1a49
.360yield.com/ Name: tuuid_lu
Value: 1668614153
.360yield.com/ Name: tuuid
Value: 0cd6dd90-289f-4e28-8225-ce4c1ecf1e22
.sharethrough.com/ Name: stx_user_id
Value: 1486928c-dd63-4acc-9bc7-833b807b2d20
.dotomi.com/ Name: DotomiTest
Value: 59e9d1c63e842266
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1h9m|8kt.0.1|7bq.0.1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMQiLXkAWVogM8IfPvAAAAAAA&KRTB&22713-AAAMQiLXkAWVogM8IfPvAAAAAAA&KRTB&22715-AAAMQiLXkAWVogM8IfPvAAAAAAA
.ipredictive.com/ Name: cu
Value: 921a6151-3110-4680-89a6-307395445772|1668614153982
.pubmatic.com/ Name: DPSync3
Value: 1669161600%3A248_164%7C1668643200%3A174%7C1669766400%3A245_201_197_226
.pubmatic.com/ Name: SyncRTB3
Value: 1669852800%3A35%7C1669420800%3A63%7C1669766400%3A22_99_54_233_176_247_21_5_96_214_220_204_179_231_234_238_3_165_71_7_8_13_56_107_209%7C1669161600%3A2_223_15%7C1673740800%3A69
.adform.net/ Name: TPC
Value: 1668614154202
.adotmob.com/ Name: uid
Value: 086122041975a554618cf97e
.adotmob.com/ Name: uuid
Value: 086122041975a554618cf97e
.adotmob.com/ Name: partners
Value: IX%3A1668614154120
.mookie1.com/ Name: syncdata_TAP
Value: 1
.servenobid.com/ Name: pid_316
Value: B9DA278A-8A84-4BF3-988A-978B8497E325
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2a46fe75-a550-453d-9059-3a5278f7f8a6-004%22%7D
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1668635754819
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCLKQ9ZCi_aM7EAUSFgoHcnViaWNvbhILCMjr85Ki_aM7EAUSFQoGY2FzYWxlEgsItpvxl6L9ozsQBRgBIAEoAjILCMS_iem4_aM7EAU4AVoHcnd1cTlueWAC
.analytics.yahoo.com/ Name: IDSYNC
Value: "196n~28br:198o~28br:1983~28br:18yx~28br"
.prebid.a-mo.net/ Name: _sv3_11
Value: 1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7695
.pubmatic.com/ Name: pi
Value: 161683:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 9
.semasio.net/ Name: SEUNCY
Value: CBD05330E85071D7
.bfmio.com/ Name: __106_cid
Value: 11fe43f3-fdaf-4e93-a99a-20f132d88aae
.bfmio.com/ Name: __io_cid
Value: 11fe43f3-fdaf-4e93-a99a-20f132d88aae
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 138ee71c5b50a6ec5f348ff4fac4f74a
.casalemedia.com/ Name: CMTS
Value: 4869
.c.appier.net/ Name: _gu
Value: CAESEJR2dA5uZbkxgdoHtrQYFfA
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.uncn.jp/ Name: t
Value: v_e7130ab8-0a6f-49c7-ba04-0bf30e9dd172
.agkn.com/ Name: ab
Value: 0001%3AL2JGvcqqEFOjWtpqy%2FJVs0ROVfeQQT2z
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A8349319438243364115
.servenobid.com/ Name: pid_348
Value: F0BeZ0Zak_mm
.mookie1.com/ Name: syncdata_NEU
Value: 1
.krushmedia.com/ Name: krm_usr
Value: 61fe60c6-fc2a-4731-8fdd-4a5bd65a6cdb
.krushmedia.com/ Name: krm_r
Value: 470
.prebid.a-mo.net/ Name: _sv3_10
Value: 1
.audrte.com/ Name: arcki2
Value: d02jPelTCeJSSO9r28eX0mUSw!20220908!1668614156256!ip#116.90.74.197
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-705b2411-319c-4b14-a843-22ef020a85ca
.pubmatic.com/ Name: PugT
Value: 1668614156
.pubmatic.com/ Name: SPugT
Value: 1668614156
.go.sonobi.com/ Name: __uis
Value: 5184bf1c-c6e7-4bf4-ac4a-e0d1237018c7

26 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/0f6b0cefd67b99648cb2fb5e0b9fe476.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/86eb2b9ea615508cb1902a091e573f4f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/889c303b7cac01cdd3166e8666685a04.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/12c303634911794c0d34619f4ceae117.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/dbeae2cc8ff77a4df58693e499dd6be7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/568f6fead4a24e80aad1469800d338b0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/8020d208ff4fa0f711d62222402ae6d9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202203/fdcb6de7abb68d73e5ef7ef166901526.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202109/10cb73f437d105af34fd5211a49be6c1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/938ca530357663fd5f753c634291cf40.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/4c2dc9b74a6bf183a8ee724dcd1c933d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/663c9b2170f04869eecc64d5ac21cd51.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/5085a289c5087b4a93838e6a68eb3674.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202201/b0f89624de2bfaa72aea9c034e64dde3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/39fe0591dea0f33e8d67c6ad9cf97f00.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/8b24d24bb9f71c84c9042ed7f86650d2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/f2049ca218c884f97a361b573e4d948e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/2ae423166fc2f34f8bc33e35f00787bb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/6c952786f70f004dff820f6f33a45a19.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.adpushup.com/42753/L2EvY2FpLXdhbi1zaGFuLXJlbi1haS10YWktd2FuLW51LXlpLXJlbi1sYW8tZ29uZy1zaGktaHVuLTFuaWFuLWx1bi14aWFvLXNhbi16aGVuZy1nb25nLWxpbi1qaWEtaHVhbmctZmJoZW4tZGEtbGlhbi5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://fcm.holmesmind.com/cm.php
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://fcm.holmesmind.com/cm.php
Message:
Failed to load resource: the server responded with a status of 502 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=56095024&pi=t.ma~as.3006%2F14006&w=336&lmt=1668614151&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fcai-wan-shan-ren-ai-tai-wan-nu-yi-ren-lao-gong-shi-hun-1nian-lun-xiao-san-zheng-gong-lin-jia-huang-fbhen-da-lian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668614150504&bpp=11&bdt=462&idt=1006&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&cookie=ID%3D53f3dfc5ff8051f8%3AT%3D1668614150%3AS%3DALNI_Ma8tJMNhr1Dj8W3Y-FnD_pVe2Erbw&gpic=UID%3D00000b7d329af514%3AT%3D1668614150%3ART%3D1668614150%3AS%3DALNI_MZEWYM6RFw73vIgH5WXVXk2VN_N2Q&correlator=7607862618653&frm=23&ife=1&pv=1&ga_vid=1152364600.1668614150&ga_sid=1668614152&ga_hid=1693571599&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1416&biw=1600&bih=1200&isw=336&ish=280&ifk=1331298503&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070923%2C44774606&oid=2&pvsid=2147068560365098&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nznglcqqomxr&btvi=1&fsb=1&dtd=1023
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6a7a8693510e64688d1984e88de707c8.safeframe.googlesyndication.com
a.audrte.com
a.c.appier.net
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a2b7974e99bd19c42a1ad40df3cdef0b.safeframe.googlesyndication.com
a4732.casalemedia.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.holmesmind.com
ad.turn.com
ad2.apx.appier.net
adcdn.holmesmind.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.us.e-planning.net
ads.yieldmo.com
adservice.google.co.nz
adservice.google.com
an.yandex.ru
ap.lijit.com
aplogger.adpushup.com
asia.adform.net
b1-sindc1.zemanta.com
b1sync.zemanta.com
b4b0f54f3550d95550aa07e3c00ab93e.safeframe.googlesyndication.com
bh.contextweb.com
bi.adpushup.com
bidder.criteo.com
c.bing.com
c.holmesmind.com
c1.adform.net
campaign.adpushup.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.holmesmind.com
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p1.ladsp.com
cr-p3.ladsp.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
cs.iqzone.com
cs.krushmedia.com
cs.media.net
cs.minutemedia-prebid.com
csm.as.criteo.net
csync.loopme.me
d-10192113413369493558.ampproject.net
d.adroll.com
delivery.adrecover.com
demand.trafficroots.com
dis.criteo.com
dps.jp.cinarra.com
ds.uncn.jp
dsp.adkernel.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gocm.c.appier.net
googleads.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
i.e-planning.net
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
js.cookieless-data.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.scupio.com
ps.eyeota.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.e-planning.net
s.tribalfusion.com
s2.adform.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.ad-stir.com
sync.adotmob.com
sync.aralego.com
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.ssp.hinet.net
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u-sin01.e-planning.net
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.omnitagjs.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
a.audrte.com
cs.admanmedia.com
prebid.a-mo.net
s2.adform.net
stags.bluekai.com
sync.go.sonobi.com
tpc.googlesyndication.com
103.132.192.30
103.229.10.180
103.229.206.240
103.231.98.194
103.231.98.196
104.16.85.20
104.18.102.194
104.18.24.173
104.18.33.19
104.18.36.94
104.211.156.162
104.26.2.91
104.26.5.103
107.178.244.193
107.178.254.65
119.9.108.191
124.146.215.45
129.158.42.199
13.107.21.200
13.107.42.14
13.115.132.235
13.229.175.198
13.33.33.38
13.33.33.43
13.33.88.118
13.33.88.98
13.76.45.37
139.162.40.113
139.162.58.205
139.5.84.243
139.5.86.202
139.99.49.250
142.250.4.155
142.250.4.94
142.251.10.154
142.251.12.132
142.251.12.155
142.251.12.95
145.40.89.200
151.101.194.49
151.101.65.108
152.199.39.108
162.254.186.187
167.88.158.176
172.217.194.132
172.217.194.154
172.253.118.105
172.64.151.162
172.64.154.237
174.137.133.49
18.138.18.111
18.140.22.207
18.141.128.115
18.155.68.27
18.155.68.41
18.177.71.222
18.179.87.8
18.210.87.63
182.161.73.129
182.161.73.132
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
184.28.235.208
185.183.112.148
185.184.8.90
185.84.60.23
185.84.60.30
185.84.60.57
195.5.165.20
198.206.157.241
198.8.71.130
20.212.157.225
202.131.200.84
203.195.121.141
203.75.214.136
209.191.163.208
209.191.163.210
210.59.219.181
213.180.204.90
23.106.127.52
23.106.127.53
23.106.69.72
23.108.101.160
23.108.103.8
23.15.148.136
23.195.152.23
23.195.153.54
23.23.180.179
23.40.32.206
3.113.228.209
3.114.40.184
3.228.33.18
34.102.253.54
34.107.148.139
34.199.170.64
34.95.67.231
34.96.119.68
34.96.71.22
34.98.64.218
35.156.8.143
35.186.193.173
35.186.253.211
35.190.60.146
35.201.76.93
35.213.117.18
35.213.12.39
35.213.93.179
35.214.223.115
35.227.202.26
35.230.38.116
35.244.159.8
35.71.178.8
37.157.4.23
38.133.127.159
38.91.45.7
42.99.140.144
42.99.140.200
44.240.78.82
50.116.239.135
51.15.145.115
52.192.208.41
52.205.53.251
52.222.144.13
52.223.40.198
52.46.130.91
52.74.118.249
52.74.13.196
52.74.74.2
52.76.242.203
52.76.94.174
54.199.9.21
54.208.133.106
54.228.225.243
54.238.120.71
54.239.38.253
54.251.140.206
54.255.22.33
54.255.40.83
54.84.45.215
64.120.110.136
64.120.110.137
64.120.88.131
64.202.112.95
67.199.150.82
67.199.150.85
67.202.105.23
68.67.179.153
68.67.181.211
69.16.175.42
69.173.144.165
69.173.158.64
69.173.158.65
72.34.250.75
74.118.186.44
74.125.200.94
74.125.200.97
74.125.24.102
74.125.24.156
74.125.24.157
74.125.68.94
74.214.196.131
8.2.110.134
8.2.111.13
8.43.72.98
84.17.37.44
89.207.22.73
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
012cceab1ce0a16b512fd12589580c6fbe263f1fd4ff69806a8dbc135cac5fff
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
03c4a1f49717bc4d5e766008fdcd359f0a7ea72eafb05bd0eaa53061ff5a5484
0535100df27c6d49a6d1c06b7f98455bf0cdef6ae63c4c168b5cf1f170c14c51
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0829f0bec070bc3be18699b31af784f50c9a1ba519fbcceea2a943f22445f3e9
08e134da8552a28d0118116ca5db7cb23b5a19960a989f864d15fd41aeafc99a
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e74fbb4c49a44d222a938012bf4284b6f9484ceb05c828d39b7c84828f1629e
0f57ea9f5f29b9656718ef9be86c181337417ba1344d50c7528549d9612cb4b0
107728d167373806ea160ecdd67ac67ca6cf824f2d660c63af29cfd9fd6fbebc
1188f1fdb99a80cb9fb8a4117abb79ea301cadbdb0e00f2a14b94972f8507502
11fc6c67c988bbe028cdcb1dddb6c99014ccdca2cee29efd835288caf8539996
14a15b9b179931b3755be7f019111567562bc0a808f2919740f70b2841f4b6ba
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
173fb93323bf2f9333e071b24ea18121e5d402f0addc06cb4885c679943c2f7f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a44ed70b0044bcfb598bb712e06e03e225d04cabe7751235612bf44243474d8
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c16121d60f96440cc5ff1422d5be34f5a03927d91da40818be4d160eb967b7c
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1d06186935333e9e0054906d58a51794a743376d1b71dc55df78e65debcc9820
1e4d882ca81a2ce1630e24189b783018b9b8ba14153f87a92862010cf662a618
2026ef4257b0142c5eb892e5f548c6a7ada42f909d7fe27c9a8ae84dd9a5fb5c
2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
28ed591fd81c63bc5fe5ac4b70c4ad2b0253f94d6fd8ffffa56db6acdd2dd847
29d366523891287dbebb8df15b3603b9472e47000ae63ad749508a16b060b5d4
2a718206c0a1374a552cfc99914e66bd6db9620789c5fda397f269f22129ea1b
2a8f21b1f9df7cf87c83463b52b33907feea6556eec0d0a674ba70b4da3d7609
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2c71445ec9538a4d031b32ba0f044ae793aac625896846f838f9c8abace99c08
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33bcaaa35a2ba107eeedb9d3bea5c83f42a44067e50c02a651f997efd000fa91
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
398b6ad3f27000beaa3dc741a62da981e585b46f9bb3f0c9de11cf08c7f9e30d
3cfafee28766282303cae247fe7b71bc3878724932d23059ce051476da7dd5e1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e76fa5f8f7b53855ef3a64bb458a6ff4a09da9a814e81d844c973008139f527
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d859ca2e5e177d51e6b174decf32bd73427ccec4d1426e99d3e1d559efa17f
43651d9987d330a8113243857b3e376194303e4ec962c2590676657b639ae99e
43c6e854328f5a8851cfa362424cdc8b96965448d4359c051c0973208662886b
4613bb4f7d48662c9e73eab55b9472acf5297f231427a56b2e7d5f05c9ee7d2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46ffabdd418bd0cbd0e0fbac9e7b30b46610565f95cad648b7b1edae0d359e77
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49750f175b3c7cf88b048b32de78eb481a0c89323d2f106ff5074f5078ad4659
4a19c329e8dd04f09ed8f699d06c6b0dbae69ffd6eb7a9f1f2e6a53b0ad92c5a
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4d7c43af356b9ba3a6a83a3e0b1842cb0d742a976c4fc46061b923c9774063
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5004bd622b5180f3ec1d4cdfa52104b601f6d18703e01a1b54acdde70dfa25ad
51c4f2cf0148b740f4713c5ed14c5e70f6efaa72bfbbe75f3cecc00be1bc2959
51ea63533ada918dc8595d04b77e0249c4144a65f8c819061d8f76bc0bd07985
5303f4149f866caa98d2b4fda82b827695160a53f89071c1b1eb33ac350aef5a
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55240e190af93c329c339c44aef4e37701f7cac83c65df0afb7e801b7eead39f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
59137467b97878a05285b5b6ccb9a0e0d0b3453b550ddbb712b220a53e26fb5f
5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3
5b67d33d90734fdc30d0a920c4de85ae0dfa1e3192e49c81b675dface0c11373
5ca3a41549401f41fd7cf7a13ec8de8f7c4312ac4932df2f4722681e25756a82
5d62b7e48d4569f97e16e5bd4d3249fa9bcc2f5a5f4b22036e779f59478783ff
5f3732c568ff129dfa2aa4349d5339128c0af4935fa125ca1482bf52c0dbe3ba
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62480a29805346f20d8c43f7eeac1f0364f1071c706ca1a93ea4b5e12b91a308
633b5e9411b1b53c04f0e4d698d1425ef66f89127c08596fc38402d510cc53d9
637c4bb2adc3df8cba2337b294af87e3b032c5da379e153a0038cc6ce5b075e6
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7b0c45fbd6eb19f2f12aec8168b7d2b852824bc0b9fa9f875d021ddf65c59d4b
7fdaa8146df6c4763e0d72e2983c245e49cc6e7ddbfd02b12c70cd0d88018013
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
814ee475a65ce4eb43748833478b05fcfca94039476fba20496dfd81e8cdb4b2
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839ae361d476afc38b42db367a9d014371e2eb9bd444cb089608b0de69cf1dbe
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
8784c9c9b992cce5fdabc30c9661fc996867ec8c30d6e1d4a7f5c10f0f4c8f2a
878674d3e2986e2a0da06a414498ebe39c165c2e22624600ee179ec9df149105
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
87f8018b7eae35a6ed27d2a22ed677bfb0e6cf6ba08175147aaf3f333dc9ae7b
8891087773f2889e09fade7d47139b145c017cf1b0292c2851a996f899c60a21
890198226d0fa2755e670f66e533d7d78e52eca75788b2023029ad6407ad4664
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b1fe3a55d0d5698f9573a1a0248177c9a899dcb14179cae60486deb0160abb7
8b271e06b650cd8579cbb12aff74c3bd4a8d8829203badc08782ccdbe82df7e9
8b7b3af39bc9c88790f0b2548a96f1055e5654837612f82ae31230f3ff044131
8c6af3eda3fb057943991e6f4cb4b09706f6fc422de9f6fd6130347e4446493e
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
9256dfa37b5408e5afb69de454f5565bfc956454e527642a0031b0d3bb665e7d
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92b9646d115a2701bdade38eec86f060a608a51c5b246696eb3c8dcea969aeeb
9367980d1a2a729754c9a6777d7236e9d49c662a197f00e210ba276d7e0aa6ac
9580af945dc04915b9dfe249304d2b3658bc07159b5d2180a42899eb336946e4
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
9927102df2201fc874f17c1f14acf83e1a1c0a30ead07171d243de89a769f908
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9dc3360157645659f353dda1fb2589f378f7e0dff833359687e11761a8d27307
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a12f64cad3e3b6dbad5d094c5ec316e18b64cbab9b4a1481e46d0afe4d707110
a2e9e49c4274c951632bc67b534ddf2f482b7caf58fa0891fa9b28ea6eb3c409
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a515795368da20708b7d71fb05939d8da243774b50aab2662af4e763c766bf26
a694aa56811f0d9a09cf498af9bee57ff1d5912e00e52a70465913eaf9ba9ced
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a89c99a73b3c1f0c7a3977dd68ceba2286f13385d81aa1bf2c6811bce17f84fd
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
ac707c6fab6f4e57042633c9cce6c4043de3d126bce05ca50ba91573f4546dcc
ad7c97d0824ccf62431f9e88ab6e42557ad60c05948e58e115b17a13fa9dd10e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4759bb4f7feb87cdfa4b36b4fe2754a54224629226f76df1287a5873c1176af
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbeb9bef20e45478eff214445fd7c36c62f1cbdda84fefc809e475ad1372a6fc
bc6a23cb6ada4636d9f0bce6e99a841e38e6608c3f9c9600e873156950c93f4f
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c1e1b8b2727caf44d68d149dad5705d591bb20c1367dacca2b72dcf39b261a29
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c438cb1f8aa555c781008f562f92be5a7e79e1a47f13d2a9fcadde7a979c76db
c72ccbea57494b8d7e7bb4f11fc17e3ca16bcc3a739413b29dde29e31d9ab2ab
c7a8a9a950a4985bda817f570c10c46b689b2c020d722f0ec55267c5ac11cdbf
cb5efa4b0884641a0d91aa466b7f20cac5d1a7766bede4d8eba6a3bd69ea5fda
cbfaf0dd189b92c3477cb5ef2a5519ae7861dc9aa33f68e5a899724c8a9519da
cc06378f7cf62ee00854c62ecbe2ca12959c523f9e1feb07f481180e8b93f56f
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf97289315e560dda99c804304e1f360563e3661a6c8333f380599d3f5284aaa
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d3eb4ba7978b0c89ef74df200f23f3fd1f4eddc5889a9976cdb9aebef14ec67e
d431fba1bbba599775a1137cc450ad5d4e128326c6b67e94b46ac1453a746773
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d887047bec7bcec47e47aa0e7f6bd2e9c8c80a9e79e4fc6855c64cad57b634b1
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
db8d4f3193eee53830a7af5c0ec3f7a7cfa4519811dbf9a1137a9d89569eaab8
dbbabf3ef675209739bd2785e7899e6b0b38b55f64e3ae493c92bc736f4006fa
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df5621c62860958cd84bd6fd151e357b4ba3f7a222cabf9a23d4d7268ae2629d
df8f82c5e57971760b55b9015c958bc497ba21e1a92aaf2a10519683f00f5ad2
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e005bd498c71a1e59de4a20aec621c9a51451e498778fb049957e17fca316f8c
e19d670aaac134ca36b150c5da12150cafc76fe5ae6a832a4d8cfebbd1cab6fd
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9
e6f6ef1fdde23e9e426b78ca97dd6a096df4ac2a95f0aeeab31945344b134d7b
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef61de62bdd4d685961d0da741d164c50e531c9d98376158e47bb777363970f6
f1f3e60a70188f05c0c3f4ef5b2e445f6531c71e627c28b8671b3e4e1878b96a
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f407277179ec4eb22ad93ee875e53af0588c93774bafa55ac14a14279c467dbf
f416e3b81b7df190069367d7884eeb43263c29b07cc44d6f1c1fb8554f55577b
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f77e31b3fe6b0efdd40c819cfbfdb34ac7f9e112c790f8dd607edad49e85b06d
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f8c6274be8ab5d7dafd695c4683723ea43bc60fa25fa75d6834b4aabadc0cb2e
f8ff3509e9d7c54af090bbf350f3266392d7f0db2cb2aa5f0ef65c639c931ddd
f9d1eae3f5ee9cac0cc63ba3e1ea00c13fde67a9af803414f78e2253e3076670
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fb8d595b88eed1edd2e7179c8e50be37945cf2d9895801317d22bbab738c869f
fbd455f1c72d34c76950219ae787ffd73c7a62ae2ef598f427d6f2e3eb784a7c
fd54712cf519615729e309e07e8a0456742d9076c2120d79e44595947930f62c
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e