urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Submission: On December 04 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 11 countries across 106 domains to perform 516 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 79876.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
16 74.125.24.132 15169 (GOOGLE)
1 3 209.58.171.197 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.200 4637 (ASN-TELST...)
3 64.120.88.131 133752 (LEASEWEB-...)
2 69.16.175.10 20446 (STACKPATH...)
23 172.67.72.16 13335 (CLOUDFLAR...)
30 142.251.10.156 15169 (GOOGLE)
13 74.125.130.155 15169 (GOOGLE)
2 142.250.4.97 15169 (GOOGLE)
3 142.251.10.139 15169 (GOOGLE)
3 52.183.162.69 8075 (MICROSOFT...)
7 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
8 142.251.12.157 15169 (GOOGLE)
1 74.125.68.94 15169 (GOOGLE)
5 74.125.24.155 15169 (GOOGLE)
7 74.125.68.156 15169 (GOOGLE)
2 5 103.229.10.247 16509 (AMAZON-02)
1 104.16.85.20 13335 (CLOUDFLAR...)
1 104.83.197.63 16625 (AKAMAI-AS)
7 10 104.254.151.69 29990 (ASN-APPNEX)
4 21 51.79.234.101 16276 (OVH)
1 54.254.167.239 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 182.161.73.145 55569 (CRITEO-AS...)
1 145.40.88.5 54825 (PACKET)
9 35.244.159.8 15169 (GOOGLE)
3 54.238.104.137 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
15 54.75.59.39 16509 (AMAZON-02)
2 104.18.33.19 13335 (CLOUDFLAR...)
1 52.32.7.184 16509 (AMAZON-02)
1 35.213.117.18 15169 (GOOGLE)
2 182.161.74.19 55569 (CRITEO-AS...)
2 182.161.73.148 55569 (CRITEO-AS...)
1 35 172.253.118.132 15169 (GOOGLE)
5 142.251.12.155 15169 (GOOGLE)
1 23.108.101.160 59253 (LEASEWEB-...)
2 8 185.84.60.23 198622 (ADFORM)
23 182.161.73.129 55569 (CRITEO-AS...)
2 182.161.73.132 55569 (CRITEO-AS...)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 8 172.217.194.147 15169 (GOOGLE)
11 182.161.73.135 55569 (CRITEO-AS...)
5 182.161.73.142 55569 (CRITEO-AS...)
7 185.84.60.57 198622 (ADFORM)
1 13.33.33.127 16509 (AMAZON-02)
1 1 202.232.238.37 2497 (IIJ Inter...)
18 38 74.125.200.155 15169 (GOOGLE)
1 202.233.84.1 131957 (MICROAD M...)
1 1 31.220.27.135 39572 (ADVANCEDH...)
2 5 67.199.150.81 3257 (GTT-BACKB...)
15 15 74.118.186.44 26120 (RHYTHMONE)
1 1 35.77.144.188 16509 (AMAZON-02)
1 182.22.31.252 23816 (YAHOO Yah...)
3 74.125.24.95 15169 (GOOGLE)
8 74.125.24.94 15169 (GOOGLE)
2 172.253.118.100 15169 (GOOGLE)
1 172.217.194.101 15169 (GOOGLE)
1 42.99.140.170 4637 (ASN-TELST...)
9 11 50.116.239.135 6336 (TURN-US-ASN)
9 9 103.229.205.243 30419 (MEDIAMATH...)
15 16 52.223.40.198 16509 (AMAZON-02)
4 6 87.250.250.90 13238 (YANDEX)
3 182.161.73.136 55569 (CRITEO-AS...)
1 65.8.66.24 16509 (AMAZON-02)
1 151.101.1.108 54113 (FASTLY)
12 104.83.196.24 16625 (AKAMAI-AS)
3 11 184.31.5.52 16625 (AKAMAI-AS)
2 104.18.36.94 13335 (CLOUDFLAR...)
3 10 52.223.2.229 16509 (AMAZON-02)
3 3 124.146.215.50 2514 (INFOSPHER...)
2 2 13.33.88.32 16509 (AMAZON-02)
2 3 34.98.64.218 396982 (GOOGLE-CL...)
2 6 172.64.154.237 13335 (CLOUDFLAR...)
1 2 69.173.144.139 26667 (RUBICONPR...)
8 13 69.173.158.64 26667 (RUBICONPR...)
1 2 23.106.127.52 59253 (LEASEWEB-...)
3 5 35.190.60.146 15169 (GOOGLE)
5 11 52.46.130.91 16509 (AMAZON-02)
20 32 103.231.98.197 62713 (AS-PUBMATIC)
9 10 52.74.13.196 16509 (AMAZON-02)
16 17 35.213.12.39 15169 (GOOGLE)
2 2 198.8.71.131 54312 (ROCKETFUEL)
4 23.44.0.196 16625 (AKAMAI-AS)
2 184.25.248.23 16625 (AKAMAI-AS)
2 2 18.139.36.230 16509 (AMAZON-02)
2 2 182.161.73.146 55569 (CRITEO-AS...)
5 8 54.255.4.206 16509 (AMAZON-02)
1 54.199.9.21 ()
6 6 70.42.32.127 ()
3 3 23.73.13.201 ()
2 2 3.126.154.37 ()
2 3.92.104.91 ()
2 3 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.102.194 ()
3 3 35.227.202.26 ()
3 4 107.178.244.193 ()
1 1 18.155.68.41 ()
1 13.107.21.200 8068 (MICROSOFT...)
2 3 52.95.125.22 ()
1 52.198.52.64 16509 (AMAZON-02)
1 2 23.106.127.53 59253 (LEASEWEB-...)
1 13.33.88.48 16509 (AMAZON-02)
2 2 209.191.163.208 32475 (SINGLEHOP...)
2 2 209.191.163.209 32475 (SINGLEHOP...)
1 11 139.5.84.243 ()
7 7 104.254.151.36 29990 (ASN-APPNEX)
2 2 13.114.67.130 ()
6 6 151.101.130.49 54113 (FASTLY)
4 4 54.237.254.37 ()
28 35 103.231.98.194 ()
7 67.199.150.85 ()
2 2 35.213.93.179 ()
2 5 67.199.150.86 ()
1 1 18.138.18.111 ()
2 2 107.178.254.65 ()
1 1 34.98.67.3 ()
2 2 34.83.125.63 ()
1 3 23.106.127.38 ()
1 1 35.172.92.2 ()
1 23.73.13.34 ()
1 18.136.159.66 ()
1 21 54.238.120.71 ()
2 2 51.68.39.188 ()
1 1 74.214.196.131 ()
3 4 66.225.223.191 ()
3 3 185.184.8.90 ()
1 1 34.200.120.154 ()
1 150.136.25.38 ()
2 38.91.45.7 ()
2 2 54.151.240.183 ()
1 1 20.127.253.7 ()
2 2 162.19.138.83 ()
1 1 69.173.151.100 ()
22 22 89.207.22.108 ()
2 202.131.200.84 ()
2 4 35.186.193.173 ()
4 4 34.102.253.54 ()
2 13.115.132.235 ()
1 3.1.14.27 ()
1 2 104.18.24.173 ()
1 195.5.165.20 ()
1 1 35.214.223.115 ()
1 2 119.9.108.191 ()
1 2 46.137.212.121 ()
1 1 139.162.58.205 ()
516 112
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
16    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
9729d5087ff818b0b79a62ce4bdbce37.safeframe.googlesyndication.com
e2dd83f92ede647e34b862d5f3015f49.safeframe.googlesyndication.com
781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
3    209.58.171.197 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.200 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-200.pacnet.net
cdn.adpushup.com
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
23    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
30    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
pagead2.googlesyndication.com
13    74.125.130.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f155.1e100.net
securepubads.g.doubleclick.net
2    142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net
www.googletagmanager.com
3    142.251.10.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f139.1e100.net
www.google-analytics.com
3    52.183.162.69 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
7    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
8    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
adservice.google.com
partner.googleadservices.com
1    74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net
d-7704976793518555037.ampproject.net
5    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
adservice.google.co.nz
7    74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net
googleads.g.doubleclick.net
5    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    104.83.197.63 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-197-63.deploy.static.akamaitechnologies.com
a.teads.tv
10    104.254.151.69 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
21    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
1    54.254.167.239 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-167-239.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
9    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
3    54.238.104.137 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-104-137.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
15    54.75.59.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
ads.servenobid.com
2    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    52.32.7.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-7-184.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
2    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
2    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
35    172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net
tpc.googlesyndication.com
5    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
www.googletagservices.com
1    23.108.101.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
b1-sindc1.zemanta.com
8    185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)
asia.adform.net
c1.adform.net
23    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
8    172.217.194.147 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f147.1e100.net
www.google.com
11    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
5    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
7    185.84.60.57 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
1    13.33.33.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-127.sin2.r.cloudfront.net
rules.quantcount.com
1    202.232.238.37 (Itabashi-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
38    74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net
cm.g.doubleclick.net
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
1    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
5    67.199.150.81 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
15    74.118.186.44 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    35.77.144.188 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-77-144-188.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
1    182.22.31.252 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
cksync.yahoo.co.jp
3    74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net
fonts.googleapis.com
8    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
www.gstatic.com
fonts.gstatic.com
2    172.253.118.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f100.1e100.net
encrypted-tbn0.gstatic.com
1    172.217.194.101 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f101.1e100.net
encrypted-tbn3.gstatic.com
1    42.99.140.170 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-170.pacnet.net
code.createjs.com
11    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
9    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
16    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
6    87.250.250.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    65.8.66.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-66-24.yvr50.r.cloudfront.net
public.servenobid.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
12    104.83.196.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
11    184.31.5.52 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-5-52.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
2    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
10    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
3    124.146.215.50 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    13.33.88.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-32.sin2.r.cloudfront.net
cr-p3.ladsp.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
jp-u.openx.net
us-u.openx.net
6    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
13    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    23.106.127.52 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
5    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
11    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
32    103.231.98.197 (Japan)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
10    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
17    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    23.44.0.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-0-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    184.25.248.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-248-23.deploy.static.akamaitechnologies.com
cs.media.net
2    18.139.36.230 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-36-230.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
8    54.255.4.206 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-4-206.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    54.199.9.21 (None, )

ASN- ()
sync.ad-stir.com
6    70.42.32.127 (None, )

ASN- ()
b1sync.zemanta.com
3    23.73.13.201 (None, )

ASN- ()
stags.bluekai.com
2    3.126.154.37 (None, )

ASN- ()
rtb.mfadsrvr.com
2    3.92.104.91 (None, )

ASN- ()
cs.emxdgt.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.102.194 (None, )

ASN- ()
p.adsymptotic.com
3    35.227.202.26 (None, )

ASN- ()
odr.mookie1.com
4    107.178.244.193 (None, )

ASN- ()
pixel.tapad.com
1    18.155.68.41 (None, )

ASN- ()
aa.agkn.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    52.95.125.22 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    52.198.52.64 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-52-64.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
2    23.106.127.53 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
1    13.33.88.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-48.sin2.r.cloudfront.net
cs-rtb.minutemedia-prebid.com
2    209.191.163.208 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
2    209.191.163.209 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
11    139.5.84.243 (None, )

ASN- ()
dsum-sec.casalemedia.com
7    104.254.151.36 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
2    13.114.67.130 (None, )

ASN- ()
match.prod.bidr.io
6    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    54.237.254.37 (None, )

ASN- ()
sync.srv.stackadapt.com
35    103.231.98.194 (None, )

ASN- ()
simage2.pubmatic.com
7    67.199.150.85 (None, )

ASN- ()
image4.pubmatic.com
simage4.pubmatic.com
2    35.213.93.179 (None, )

ASN- ()
a.sportradarserving.com
5    67.199.150.86 (None, )

ASN- ()
image2.pubmatic.com
1    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
2    107.178.254.65 (None, )

ASN- ()
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
2    34.83.125.63 (None, )

ASN- ()
um.simpli.fi
3    23.106.127.38 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    35.172.92.2 (None, )

ASN- ()
a.audrte.com
1    23.73.13.34 (None, )

ASN- ()
sync.teads.tv
1    18.136.159.66 (None, )

ASN- ()
match.sharethrough.com
21    54.238.120.71 (None, )

ASN- ()
usersync.gumgum.com
2    51.68.39.188 (None, )

ASN- ()
dsp.nrich.ai
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
4    66.225.223.191 (None, )

ASN- ()
sync.outbrain.com
3    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    34.200.120.154 (None, )

ASN- ()
sync.ipredictive.com
1    150.136.25.38 (None, )

ASN- ()
sync.technoratimedia.com
2    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
2    54.151.240.183 (None, )

ASN- ()
ad.360yield.com
1    20.127.253.7 (None, )

ASN- ()
sync.inmobi.com
2    162.19.138.83 (None, )

ASN- ()
id5-sync.com
1    69.173.151.100 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
22    89.207.22.108 (None, )

ASN- ()
pubmatic-match.dotomi.com
2    202.131.200.84 (None, )

ASN- ()
sync-dsp.ad-m.asia
4    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
4    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
2    13.115.132.235 (None, )

ASN- ()
dps.jp.cinarra.com
1    3.1.14.27 (None, )

ASN- ()
cm.adgrx.com
2    104.18.24.173 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    35.214.223.115 (None, )

ASN- ()
csync.loopme.me
2    119.9.108.191 (None, )

ASN- ()
uipglob.semasio.net
2    46.137.212.121 (None, )

ASN- ()
sync.crwdcntrl.net
1    139.162.58.205 (None, )

ASN- ()
gocm.c.appier.net
Apex Domain
Subdomains		 Transfer
88 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 734
image8.pubmatic.com — Cisco Umbrella Rank: 661
ads.pubmatic.com — Cisco Umbrella Rank: 533
simage2.pubmatic.com
image4.pubmatic.com
image2.pubmatic.com
simage4.pubmatic.com
53 KB
71 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
9729d5087ff818b0b79a62ce4bdbce37.safeframe.googlesyndication.com
e2dd83f92ede647e34b862d5f3015f49.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 144
781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
653 KB
58 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
571 KB
39 criteo.net
static.criteo.net — Cisco Umbrella Rank: 675
pix.as.criteo.net — Cisco Umbrella Rank: 13963
csm.as.criteo.net — Cisco Umbrella Rank: 13661
398 KB
31 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1059
fastlane.rubiconproject.com — Cisco Umbrella Rank: 498
eus.rubiconproject.com — Cisco Umbrella Rank: 587
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2379
pixel.rubiconproject.com — Cisco Umbrella Rank: 351
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1032
token.rubiconproject.com — Cisco Umbrella Rank: 615
pixel-us-east.rubiconproject.com
55 KB
24 bg3.co
www.bg3.co — Cisco Umbrella Rank: 79876
static.bg3.co
17 KB
22 dotomi.com
pubmatic-match.dotomi.com
8 KB
22 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1425
usersync.gumgum.com
7 KB
21 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 847
9 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 467
dsum-sec.casalemedia.com
15 KB
18 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 317
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
7 KB
18 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1023
x.bidswitch.net — Cisco Umbrella Rank: 322
8 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
acdn.adnxs.com — Cisco Umbrella Rank: 627
secure.adnxs.com — Cisco Umbrella Rank: 486
33 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 364
9 KB
16 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1908
public.servenobid.com — Cisco Umbrella Rank: 3832
9 KB
16 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16173
aplogger.adpushup.com — Cisco Umbrella Rank: 17878
e3.adpushup.com — Cisco Umbrella Rank: 17576
campaign.adpushup.com — Cisco Umbrella Rank: 30447
235 KB
15 adform.net
asia.adform.net — Cisco Umbrella Rank: 42946
s2.adform.net — Cisco Umbrella Rank: 5169
c1.adform.net — Cisco Umbrella Rank: 718
cm.adform.net Failed
159 KB
15 media.net
prebid.media.net — Cisco Umbrella Rank: 1238
contextual.media.net — Cisco Umbrella Rank: 600
cs.media.net — Cisco Umbrella Rank: 1474
19 KB
14 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 302
aax-eu.amazon-adsystem.com
9 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 87
www.google.com — Cisco Umbrella Rank: 2
5 KB
12 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 14638
u.openx.net — Cisco Umbrella Rank: 738
us-u.openx.net — Cisco Umbrella Rank: 468
jp-u.openx.net — Cisco Umbrella Rank: 8371
7 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 17617
ads.as.criteo.com — Cisco Umbrella Rank: 13366
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 13989
gum.criteo.com — Cisco Umbrella Rank: 429
dis.criteo.com — Cisco Umbrella Rank: 752
104 KB
11 turn.com
ad.turn.com — Cisco Umbrella Rank: 936
r.turn.com — Cisco Umbrella Rank: 3843
5 KB
11 gstatic.com
www.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
fonts.gstatic.com
201 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 562
eb2.3lift.com — Cisco Umbrella Rank: 404
5 KB
10 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 550
7 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 378
217 KB
9 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 509
5 KB
7 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2152
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1001
rtb-csync.smartadserver.com
3 KB
7 zemanta.com
b1-sindc1.zemanta.com — Cisco Umbrella Rank: 43745
b1sync.zemanta.com
4 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 638
2 KB
6 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3803
2 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27903
sync.aralego.com — Cisco Umbrella Rank: 3630
4 KB
5 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 608
idsync.rlcdn.com — Cisco Umbrella Rank: 392
922 B
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1124
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
238 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1113
pixel.quantserve.com — Cisco Umbrella Rank: 729
cms.quantserve.com — Cisco Umbrella Rank: 721
11 KB
5 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 121207
1 KB
4 playground.xyz
ads.playground.xyz
80 B
4 ctnsnet.com
ipac.ctnsnet.com
756 B
4 outbrain.com
sync.outbrain.com
1 KB
4 stackadapt.com
sync.srv.stackadapt.com
2 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1000
ap.lijit.com — Cisco Umbrella Rank: 635
2 KB
4 tapad.com
pixel.tapad.com
934 B
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 10945
46 KB
3 creativecdn.com
creativecdn.com
1 KB
3 mookie1.com
odr.mookie1.com
806 B
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 458
1 KB
3 bluekai.com
stags.bluekai.com
2 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1052
3 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 38
519 B
2 crwdcntrl.net
sync.crwdcntrl.net
855 B
2 semasio.net
uipglob.semasio.net
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 cinarra.com
dps.jp.cinarra.com
440 B
2 ad-m.asia
sync-dsp.ad-m.asia
486 B
2 id5-sync.com
id5-sync.com
3 KB
2 360yield.com
ad.360yield.com
623 B
2 deepintent.com
match.deepintent.com
83 B
2 nrich.ai
dsp.nrich.ai
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 pippio.com
pippio.com
717 B
2 sportradarserving.com
a.sportradarserving.com
960 B
2 bidr.io
match.prod.bidr.io
1 KB
2 adsymptotic.com
p.adsymptotic.com
478 B
2 emxdgt.com
cs.emxdgt.com
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 886
2 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 887
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 23013
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 653
cdn.indexww.com — Cisco Umbrella Rank: 1673
2 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 242
10 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1457
sync.teads.tv
674 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 942
1006 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
78 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 759
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 18180
10 KB
1 appier.net
gocm.c.appier.net
394 B
1 loopme.me
csync.loopme.me
245 B
1 iprom.net
core.iprom.net
277 B
1 adgrx.com
cm.adgrx.com
230 B
1 inmobi.com
sync.inmobi.com
619 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 contextweb.com
bh.contextweb.com
664 B
1 sharethrough.com
match.sharethrough.com
279 B
1 audrte.com
a.audrte.com
655 B
1 linksynergy.com
tags.rd.linksynergy.com
391 B
1 ambientdsp.com
cm.ambientdsp.com
652 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 3822
719 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 296
669 B
1 agkn.com
aa.agkn.com
672 B
1 ad-stir.com
sync.ad-stir.com
355 B
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1435
63 KB
1 yahoo.co.jp
cksync.yahoo.co.jp — Cisco Umbrella Rank: 4682
619 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3980
460 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10955
334 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 5067
641 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 70416
716 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1022
632 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3896
518 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1033
167 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 435
2 KB
1 ampproject.net
d-7704976793518555037.ampproject.net
0 sonobi.com Failed
sync.go.sonobi.com Failed
516 106
Domain Requested by
38 cm.g.doubleclick.net 18 redirects www.bg3.co
googleads.g.doubleclick.net
781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
u.openx.net
onetag-sys.com
eb2.3lift.com
g2.gumgum.com
35 simage2.pubmatic.com 28 redirects ads.pubmatic.com
www.bg3.co
public.servenobid.com
35 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
32 image8.pubmatic.com 20 redirects onetag-sys.com
public.servenobid.com
ads.pubmatic.com
www.bg3.co
30 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
www.googletagservices.com
23 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
www.bg3.co
23 static.bg3.co www.bg3.co
22 pubmatic-match.dotomi.com 22 redirects
21 usersync.gumgum.com 1 redirects g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
21 onetag-sys.com 4 redirects cdn.adpushup.com
onetag-sys.com
public.servenobid.com
ads.pubmatic.com
17 x.bidswitch.net 16 redirects onetag-sys.com
16 match.adsrvr.org 15 redirects cdn.adpushup.com
15 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
ads.pubmatic.com
ssbsync.smartadserver.com
g2.gumgum.com
eus.rubiconproject.com
cs-rtb.minutemedia-prebid.com
13 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
12 contextual.media.net cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
ads.pubmatic.com
11 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
11 s.amazon-adsystem.com 5 redirects onetag-sys.com
eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
11 pix.as.criteo.net ads.as.criteo.com
10 ups.analytics.yahoo.com 9 redirects onetag-sys.com
10 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
10 sync.1rx.io 10 redirects
10 ib.adnxs.com 7 redirects cdn.adpushup.com
acdn.adnxs.com
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 pixel.rubiconproject.com 4 redirects onetag-sys.com
www.bg3.co
9 sync.mathtag.com 9 redirects
9 ad.turn.com 9 redirects
8 pr-bh.ybp.yahoo.com 5 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
8 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
8 www.google.com 1 redirects tpc.googlesyndication.com
781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
7 secure.adnxs.com 7 redirects
7 fonts.gstatic.com fonts.googleapis.com
7 s2.adform.net asia.adform.net
s2.adform.net
www.bg3.co
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
www.bg3.co
781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
7 e3.adpushup.com www.bg3.co
6 sync-tm.everesttech.net 6 redirects
6 b1sync.zemanta.com 6 redirects
6 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
6 an.yandex.ru 4 redirects www.bg3.co
6 adservice.google.com cdn.ampproject.org
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 image2.pubmatic.com 2 redirects ads.pubmatic.com
5 us-u.openx.net 2 redirects u.openx.net
5 sync.targeting.unrulymedia.com 5 redirects
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 csm.as.criteo.net ads.as.criteo.com
5 asia.adform.net googleads.g.doubleclick.net
s2.adform.net
5 www.googletagservices.com googleads.g.doubleclick.net
781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
5 adservice.google.co.nz securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 ads.playground.xyz 4 redirects
4 ipac.ctnsnet.com 2 redirects ads.pubmatic.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 image4.pubmatic.com onetag-sys.com
ads.pubmatic.com
4 sync.srv.stackadapt.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 pixel.tapad.com 3 redirects www.bg3.co
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
4 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 simage4.pubmatic.com ads.pubmatic.com
3 creativecdn.com 3 redirects
3 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 odr.mookie1.com 3 redirects
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 stags.bluekai.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 id.rlcdn.com 2 redirects onetag-sys.com
3 tg.socdm.com 3 redirects
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 cms.quantserve.com 2 redirects 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
3 fonts.googleapis.com 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
s2.adform.net
tpc.googlesyndication.com
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 aplogger.adpushup.com www.bg3.co
cdn.adpushup.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 sync.crwdcntrl.net 1 redirects www.bg3.co
2 uipglob.semasio.net 1 redirects www.bg3.co
2 dps.jp.cinarra.com ads.pubmatic.com
2 sync-dsp.ad-m.asia ads.pubmatic.com
2 id5-sync.com 2 redirects
2 ad.360yield.com 2 redirects
2 match.deepintent.com g2.gumgum.com
ads.pubmatic.com
2 dsp.nrich.ai 2 redirects
2 um.simpli.fi 2 redirects
2 pippio.com 2 redirects
2 idsync.rlcdn.com 1 redirects ads.pubmatic.com
2 a.sportradarserving.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 ap.lijit.com 2 redirects
2 ce.lijit.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com 2 redirects
2 pm.w55c.net 2 redirects
2 cs.media.net contextual.media.net
2 p.rfihub.com 2 redirects
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 r.turn.com www.bg3.co
781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
2 encrypted-tbn0.gstatic.com 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
2 cdnjs.cloudflare.com ads.as.criteo.com
2 cat.sg1.as.criteo.com ads.as.criteo.com
2 ads.as.criteo.com googleads.g.doubleclick.net
781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
2 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
www.bg3.co
2 htlb.casalemedia.com cdn.adpushup.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 gocm.c.appier.net 1 redirects
1 csync.loopme.me 1 redirects
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 sync.inmobi.com 1 redirects
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 bh.contextweb.com 1 redirects
1 match.sharethrough.com ssbsync.smartadserver.com
1 sync.teads.tv ssbsync.smartadserver.com
1 a.audrte.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 aa.agkn.com 1 redirects
1 sync.ad-stir.com contextual.media.net
1 u.openx.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 code.createjs.com s2.adform.net
1 encrypted-tbn3.gstatic.com 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
1 www.gstatic.com 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
1 pixel.quantserve.com www.bg3.co
1 cksync.yahoo.co.jp googleads.g.doubleclick.net
1 cc.adingo.jp 1 redirects
1 s.uuidksinc.net 1 redirects
1 aid.send.microad.jp googleads.g.doubleclick.net
1 sync.fout.jp 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 b1-sindc1.zemanta.com www.bg3.co
1 grid.bidswitch.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid.a-mo.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 e2dd83f92ede647e34b862d5f3015f49.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 9729d5087ff818b0b79a62ce4bdbce37.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d-7704976793518555037.ampproject.net cdn.ampproject.org
1 campaign.adpushup.com www.bg3.co
1 www.bg3.co
0 cm.adform.net Failed ads.pubmatic.com
www.bg3.co
0 sync.go.sonobi.com Failed public.servenobid.com
516 170

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
cdn.adpushup.com
R3		 2022-11-16 -
2023-02-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-02-10		 3 months crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2022-10-05 -
2023-11-06		 a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2022-11-04 -
2023-12-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-30		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh

This page contains 93 frames:

Primary Page: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Frame ID: A6AF1411DA373AF9E07EE451FEF0F27B
Requests: 103 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 97299E197E7507CD13015B644C17F97A
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 3E40801E635EEE746A6D791764B54429
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 652B7CDF3A584995E65AB53F5D50655C
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: B06D1E630D40B2D1305F5F5A61E634FF
Requests: 9 HTTP requests in this frame

Frame: https://9729d5087ff818b0b79a62ce4bdbce37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4B8683D5804A763B372C063E94439FCD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670444&bpp=13&bdt=1912&idt=1671&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=2&ga_vid=58647860.1670177672&ga_sid=1670177672&ga_hid=704215445&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2728&biw=1600&bih=1200&isw=336&ish=280&ifk=2645147040&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44769305&oid=2&pvsid=1260793036798672&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.entewpu2fqze&btvi=1&fsb=1&dtd=1688
Frame ID: E25646A102E6DD76098C758B02D76272
Requests: 7 HTTP requests in this frame

Frame: https://e2dd83f92ede647e34b862d5f3015f49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 2ED7439DD47D7D49D2662DEE4A5944DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670624&bpp=11&bdt=2108&idt=1739&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=1&ga_vid=899201855.1670177672&ga_sid=1670177672&ga_hid=886574681&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=314711376&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C42531705%2C31070993%2C44770881%2C31070950&oid=2&pvsid=2769677050538043&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.atvdsnn5y3sc&fsb=1&dtd=1756
Frame ID: 4645E3077A36CB0670F1EB3C6BE0D499
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-6301175252022345295&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3129&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=224003931&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&ga_hid=3931&dt=1670177671933&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&bdt=4747&dtd=651&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: D66AFCAA26EFB0D523E0AFD9FAF6FFBF
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: F43C9E1EA41D48624467988BDBAA7CA1
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cj4hXiOOMY9THMZncogPc9JLwCvbU1-NtnZy51YoKwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBO0BT9AaFC_jbWUi06y-4Q-mTk_2IJAwGLETcamnEL2A--xUstLp3q0tlkcMmV59fI1ZORirqkMg_9NiUYkdylYsis_RbBJqwEKfolaG0q25BFBrxZU1AXj8PMuCqWxJi78CudtAE7mh5KP8ru8F9sjMq3DfjslFnr5CdQN6DRjXjtnQ3zye_KudbrivBHw2NI0KE6tPp9Ab9piPVy44Fe-UB7V9YYIzbho1kqtpm-TME-rn0MXSfB2HOOp2xQ1HhfI7xJJKgaQbI3axXNleKInMyZNSZE9kD0WX3FoCj-KDt_VtJwaePKucABKwQLcXgAbM6Iunp5jN9CigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=KSn3jixoUtA&uach_m=[UACH]&cid=CAQSKQDq26N9OGcPzQlLoD1gC022CbmO1L1V8ZrMFh8fWAcrzgfKKGQ-GFy8GAEgEw
Frame ID: C42700DD045BFBE177ACC46EFA5B31E9
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EBB55AC8143F8AA2BB03A32049F69515
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5DEA95151E0994318E826FC02C3A715E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9950EDED89061C5F8B260572F7F85B4B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6A9D667C41B280FE8C236D5BA2AF3569
Requests: 2 HTTP requests in this frame

Frame: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E1CCD65690ADA36507042BC31F5CDBE9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 19FA803289054DC0355D090F25756A20
Requests: 9 HTTP requests in this frame

Frame: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A7D5E0C8B4ED79564246F885A8AA07DE
Requests: 18 HTTP requests in this frame

Frame: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BF3EC9D505D4A5CCE461DFBB0072AD2A
Requests: 9 HTTP requests in this frame

Frame: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BAED35899D6BEAAD576D6EBF3A1A2032
Requests: 10 HTTP requests in this frame

Frame: https://s2.adform.net/Banners/Elements/Files/2111416/11240091/11240091.js?ADFassetID=11240091&bv=513
Frame ID: 0E1D6B0856F6365EC6E1787F8969C349
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ad.html
Frame ID: 41275F3DC9C9F734FE9B52CB9EBAFC5A
Requests: 14 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 865C9B405A606C5E7809A0AA47D33B44
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 983585447A887F215751902E089AE7BA
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DF414269C6D9A234028A2CAAF688D1B3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 05E065846AC4AC3BA4EFFC542510FA2C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CD8B13F9C56448627BC0F5DE01801524
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DD229CA4ABA9748B10A3BCA58A379C0A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D89DF7494DB68383D3BA4F47652E59A9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B6120367F055E3B88803F5B6EF8A8FB1
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 740E19515A5B98FAEC7948774E9D4D2F
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6DBC5B5DC3153A66C2FE907C6849AB0B
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: C87A22100735D17B3FE7EFF1A1137341
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 11F014FAFF5C277B03F131392650FB8B
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CFD0BD3287670D23C10F3FFDDC0A1FC6
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: DEEC1A9A13E02AEE57FC3295A79EEFE6
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E10DBF487A2742084DBE6A65512FC1F8
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670177674244
Frame ID: D053FCFB3D7D49924701A7DF9CE4CE80
Requests: 14 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: D731A2E2101E3C6A559F4E0DA6648FF4
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 5AB134056571DDB67D7F6EF2F2CAAB7F
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3131792787444237000V10&type=rkt&refUrl=&vid=01776786713131792787444237000V10&ovsid=2018245963232033260
Frame ID: 564906E4F3846498C3E8D66148CE55E3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Frame ID: 69D040DD039D959FAC971B4C95BC6F3C
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: 1A0B1E51495606E236887E2501E845F6
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 38836866E572351ED10A9CFAF9336889
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: E73D02B2FE4B48B482675D65E8D9DDBB
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: DBF8FC8ED3D47ECB77679B2BA174BBD9
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 4B1606C6EC972F02309DF6C0B6504F60
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 2F8DFD6DF40A449E293C4B66C5CCDF95
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 0FB84485B9A6BAC0F8E74C440BC1FF52
Requests: 11 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 961B7A2ABA5083D8AD4A1B0FCBAF681C
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
Frame ID: 2E80CF5418F524BFC8B13CF10B9964D2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=0&gdpr_consent=
Frame ID: 6C8648DDB07B47022C3D40A2BF46E140
Requests: 1 HTTP requests in this frame

Frame: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O3utH4NE2uWc7grSyW4Yo4XsJbvk57I-~A&gdpr=0&gdpr_consent=
Frame ID: BCAD20E41DDBFB24FEADCD83708CFDD9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3700458788663942794&gdpr=0&gdpr_consent=
Frame ID: D04D002DC639053599B9FC6B15C5D002
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bwKRTTwCkU10VZEaYQGESj8DzEx0CZ1Pbwe1PUzF
Frame ID: 1F6FB31D04918887E390FECA42BBBB22
Requests: 1 HTTP requests in this frame

Frame: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O3utH4NE2uWc7grSyW4Yo4XsJbvk57I-~A&gdpr=0&gdpr_consent=
Frame ID: 9ECBCE3F6032AAC73B84BBF8964CDA4E
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
Frame ID: 1AC43A55F1BD40AC23A19098D95579FF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=inm&i=ID5-ae56chnSFmRosxJyE9VPX5JXNIjgcWXAiZxhe2WIFw
Frame ID: 2661A5C5453D3B332ACB6ED892F986C6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 290F4E5D604FE90399FBF7CA5D123F04
Requests: 6 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=3ea8a45f-fb97-4242-9f77-edee9e665fde
Frame ID: 0CEDF915D7B125E54D9253EF7EEF6324
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=0&gdpr_consent=
Frame ID: A0466806BC6AEA32CE66C3C009141BE5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y4zjkAABhdNxYwAp&gdpr=0&gdpr_consent=&_test=Y4zjkAABhdNxYwAp
Frame ID: B18ED58700D56D6FA26EEC9B38B42769
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV81M2Q0ODdlNi01MWVhLTRhZjUtOTQzMC1lMmRjYzQ3M2IwN2I=&gdpr=0&gdpr_consent=
Frame ID: C7F01C673EDBF04EBEA45715D87C0F23
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: DF88A724313192FB1EE231A1735FF10F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y4zjj8Co8YUAACxoEI0AAAAA
Frame ID: FA8D546C2F9E519D740766C4B34B8D37
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y4zjjkds2i99yIN7uy-JFAAA%264759
Frame ID: 24F88F844F7450DEE2CB646FAC974F87
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=MuyQSg9OpBV9E088Gb5u&pi=gumgum&tc=1
Frame ID: B5871E895AB2BF34FF6A692F85DEED4D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: B485A26BD76CA94A080D6606B2B11453
Requests: 3 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D%24UID
Frame ID: 8416966681A863FC7F2C80D3DAA12F9C
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 22594CD9AA00B8EFBB33CBCA016F404E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D%24UID
Frame ID: 08A484EDEBB754ADC3FCC8B7164DD8A1
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 54D447A4C28E5F9E86C9DB44AFF17904
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: A63F86A80F911EB16C06205124B9F98C
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: B78B4337775FC06082FAAC7142BC2851
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
Frame ID: 1542B86CA07D964FA87E3AE657DFE7C1
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D%24UID
Frame ID: 73D7FCAF7EEDCD8D0A2F387D7CB0458F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
Frame ID: 3CD1DD1D2E94108677C709810A42CFCA
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 659D09B64B3A4E00616CBD62F70393C3
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 54C63A2F53461A9BD308A1892A4FB2B1
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3F6B8293E2D15B5A41D69DA47A5DBC15
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 280B5187A78F436E8BBEB8C5553E6510
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: 81F2BE84D411F54E8E0B93A4F44FC023
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 216649CA24F0567DBCE74FD0E9692410
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=pba&refUrl=&vid=01776786713131792787444237000V10&ovsid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
Frame ID: C7A2CD0B46F0BA4AB0C2D5FB67DC5DC4
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 37FDA85255108D65C5A8FB3E3908A1A6
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: D12D604A00BA4297B3F9F6AB80BB8206
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 40AA43CE97E2CC838C167EF7E37E719D
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 995A8D079B880BB8508195C96B63FE0E
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 1FC2634D24C939942A883FDD8335CA42
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 80A595A0A3A83C920260D34965F6DC6D
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
Frame ID: 02884D2552133B208D6D06BD14AC08AC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
Frame ID: C172689F5322FF01D86AAA755F1EB1B0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

華佗穀神醫採藥 山泉孕育娃娃魚 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

516
Requests

74 %
HTTPS

0 %
IPv6

106
Domains

170
Subdomains

112
IPs

11
Countries

3280 kB
Transfer

8392 kB
Size

118
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 180
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEL3PhijXD7a9g5iQqBxjalc&google_cver=1&google_push=ASkJ3FYnOebX9TUFzMd_fgwT7rIfkDtXdW8kU2vC_lGQPLeTJzLkkDLFTfAgHZuepX7u5a7vG2nsT0QB8eaMEEYGbKdPsCzoBwVE73V_GiF7A4ltJZ53liIr96x7e-YFJUKBV61lSZTomZdOXd2XQcfLnIg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYnOebX9TUFzMd_fgwT7rIfkDtXdW8kU2vC_lGQPLeTJzLkkDLFTfAgHZuepX7u5a7vG2nsT0QB8eaMEEYGbKdPsCzoBwVE73V_GiF7A4ltJZ53liIr96x7e-YFJUKBV61lSZTomZdOXd2XQcfLnIg&google_hm=S2NQeXF0bmY2YmFxajlwaVZzSzltZFhfMEg0&from_google=pc1
Request Chain 182
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESENbUwdAY6In6SXwP0mSL3D8&c_param1=ASkJ3FYh-qfXXFzQ-6NR3JTFPS-WYpkZtyS6OgVpXZMuyRUv2LCRvp7Zygb3Bd2zlk3vKekVpajH8nfhEN5EBDgcaPjfNSCeq_0GtbU9cgie29QwofyxwjvzzYtclNifXKpcn0vhGZqoheyqAdeTS5rfKDA&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FYh-qfXXFzQ-6NR3JTFPS-WYpkZtyS6OgVpXZMuyRUv2LCRvp7Zygb3Bd2zlk3vKekVpajH8nfhEN5EBDgcaPjfNSCeq_0GtbU9cgie29QwofyxwjvzzYtclNifXKpcn0vhGZqoheyqAdeTS5rfKDA
Request Chain 183
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEC7YtOhgLz50ZU4PBTGb-IU&google_cver=1&google_push=ASkJ3FYmjwFjyd4VqvZJhLbSCYs84Yh26WOTtxVkIvyUx37l0oSAJ8tomkp7fo5-KKIrUDoAkrlM_IUv6lWz6gJtmyamxqPtoMJXPrewlwFTQClE_NdRbA_-aj281TEgsu1yLcN8LLRj9-gXYwIoVxMMquM HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEC7YtOhgLz50ZU4PBTGb-IU&google_cver=1&google_push=ASkJ3FYmjwFjyd4VqvZJhLbSCYs84Yh26WOTtxVkIvyUx37l0oSAJ8tomkp7fo5-KKIrUDoAkrlM_IUv6lWz6gJtmyamxqPtoMJXPrewlwFTQClE_NdRbA_-aj281TEgsu1yLcN8LLRj9-gXYwIoVxMMquM&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=C-gw5d0mS_i-b9lmSE-3qQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYmjwFjyd4VqvZJhLbSCYs84Yh26WOTtxVkIvyUx37l0oSAJ8tomkp7fo5-KKIrUDoAkrlM_IUv6lWz6gJtmyamxqPtoMJXPrewlwFTQClE_NdRbA_-aj281TEgsu1yLcN8LLRj9-gXYwIoVxMMquM
Request Chain 184
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKaVDZuzc2UGPO7jk1Qh1pI&google_cver=1&google_push=ASkJ3FYIpND2OvWPJMMZ9Yj0j3efv1E3MxbmWKBLaqFNIDgOMpKhO2GQ7o0I2S1Rt19Eykcs9KoBO_pXMRQzA5oMYUtwqp4t5co6Sj40_2ZBgS_sY0sUonBIynMAPj4cZQJu9aj-JxCmbc9AqBMYIRC9TQ HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FYIpND2OvWPJMMZ9Yj0j3efv1E3MxbmWKBLaqFNIDgOMpKhO2GQ7o0I2S1Rt19Eykcs9KoBO_pXMRQzA5oMYUtwqp4t5co6Sj40_2ZBgS_sY0sUonBIynMAPj4cZQJu9aj-JxCmbc9AqBMYIRC9TQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1670177677203 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FYIpND2OvWPJMMZ9Yj0j3efv1E3MxbmWKBLaqFNIDgOMpKhO2GQ7o0I2S1Rt19Eykcs9KoBO_pXMRQzA5oMYUtwqp4t5co6Sj40_2ZBgS_sY0sUonBIynMAPj4cZQJu9aj-JxCmbc9AqBMYIRC9TQ%26google_hm%3DBCxLhM_sAk_viMPf3hZ2bHM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYIpND2OvWPJMMZ9Yj0j3efv1E3MxbmWKBLaqFNIDgOMpKhO2GQ7o0I2S1Rt19Eykcs9KoBO_pXMRQzA5oMYUtwqp4t5co6Sj40_2ZBgS_sY0sUonBIynMAPj4cZQJu9aj-JxCmbc9AqBMYIRC9TQ&google_hm=BCxLhM_sAk_viMPf3hZ2bHM
Request Chain 185
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEPCJSOdqeN2OeuJJ090Lzo8&google_cver=1&google_push=ASkJ3FZa7q3U1RN1YieTXoCY9GuaYS64EZVNaLxFGaTbkAUHqAlM2QTJFeArHaxEVUKNPqLf1BbidzqKv7UhplD790oXQGVxFtOcpi4yq_MJj65m_a7cF_DzOO5n6Ki-Stf4nwCbn1KzjQdGfIQ2LidN7w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZa7q3U1RN1YieTXoCY9GuaYS64EZVNaLxFGaTbkAUHqAlM2QTJFeArHaxEVUKNPqLf1BbidzqKv7UhplD790oXQGVxFtOcpi4yq_MJj65m_a7cF_DzOO5n6Ki-Stf4nwCbn1KzjQdGfIQ2LidN7w&google_hm=dc800114418eeeea635954311d0cf3bb
Request Chain 208
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODA6YPz4AEQsAkYsAkyCPHV65REjbm3 HTTP 301
  • https://tpc.googlesyndication.com/simgad/13168193170346685158
Request Chain 228
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFMvHLl1cdGGDwED1JeSbrY&google_cver=1&google_push=ASkJ3FYC0Et1XlS_xGycs8olUuSfw6yhfviFM6elJySxGd6EymJ1-bAwjQcNnvvzVjIDyy7izTVOAfpQPduMZ-xOyDHkWDInrTiEEv85v5A0v-RJmzQdXW-E_zbGHkfCea9WIHWm7uZtPfWV16RR6YDnuIY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODgwMjM5NTM5NTExNjU3NDQ4Ng==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFMvHLl1cdGGDwED1JeSbrY&google_cver=1
Request Chain 230
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPWzrz175wY0WqQSrIjRXGM&google_cver=1&google_push=ASkJ3Fb0oM2hoEpZGYZst3707Qz_JC0Mh6id5BY5TtpLg-bTSDvsYtjP-eDH5zvTLGWcl7k-nvAk42YjAQvLUnWFLzPCOoYv6I4c9a8biHgT2Lmmj2_hZcPFRYiHcoODm5S8qJzaPDtDPkngX4Fsr5ZnV5o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3Fb0oM2hoEpZGYZst3707Qz_JC0Mh6id5BY5TtpLg-bTSDvsYtjP-eDH5zvTLGWcl7k-nvAk42YjAQvLUnWFLzPCOoYv6I4c9a8biHgT2Lmmj2_hZcPFRYiHcoODm5S8qJzaPDtDPkngX4Fsr5ZnV5o
Request Chain 231
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPW4FrxHwhzqNFAK3j34-XM&google_cver=1&google_push=ASkJ3FZnh3h8tZlAnZN525OuQMxBmjP_C9tlD49loHXMDBdyRfKHz_eXJBsxKu470GE5s29P1juwMiSPS9F3FS1E7Yd-FV6T4r1QTiYt-Ia4Dr1RiYhd-n2rUUk1qdlLYbMyvO6tj1_vkTw7ngp_Z7BsSA HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEPW4FrxHwhzqNFAK3j34-XM&google_cver=1&google_push=ASkJ3FZnh3h8tZlAnZN525OuQMxBmjP_C9tlD49loHXMDBdyRfKHz_eXJBsxKu470GE5s29P1juwMiSPS9F3FS1E7Yd-FV6T4r1QTiYt-Ia4Dr1RiYhd-n2rUUk1qdlLYbMyvO6tj1_vkTw7ngp_Z7BsSA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=M2VhOGE0NWYtZmI5Ny00MjQyLTlmNzctZWRlZTllNjY1ZmRl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3ea8a45f-fb97-4242-9f77-edee9e665fde
Request Chain 232
  • https://an.yandex.ru/mapuid/google/CAESEO6b7LeAJPEiNGcocW4YHxM?ext-param=ASkJ3Fab88LMGyno4B_YzQa1dIQBnRv1tSrY5_m4IycHZrU4T04h9iO_MEkvXH4GXxbq20jWL2IpJavXcTRs9bs4iV0xiKAo9PQWaLoRIariQdKFKDw703Ffw2FG1C5mlbpCTrgqYiaD2gOkMauC2k6t371O&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEO6b7LeAJPEiNGcocW4YHxM?redir-setuniq=1&ext-param=ASkJ3Fab88LMGyno4B_YzQa1dIQBnRv1tSrY5_m4IycHZrU4T04h9iO_MEkvXH4GXxbq20jWL2IpJavXcTRs9bs4iV0xiKAo9PQWaLoRIariQdKFKDw703Ffw2FG1C5mlbpCTrgqYiaD2gOkMauC2k6t371O&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEO6b7LeAJPEiNGcocW4YHxM&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 270
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFMvHLl1cdGGDwED1JeSbrY&google_cver=1&google_push=ASkJ3FYN0c-f4ql2nGFhvofj_9QSjbR17154V90vy9G43XgCwTFZdlWHSdoUNrHMYK3jkB0AwX_AVSZB0wAwGhHYa_eQTxBquNCIYIdCHDPmMZuzX1ejy3x49MmyMvqHhW6J1gvZr2KWDaeWyG6Zc4xLQKM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODg3NDQ1Mjk4OTE1NDUwMjQyMg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFMvHLl1cdGGDwED1JeSbrY&google_cver=1
Request Chain 271
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELgptLtCCRH6pMrK7bmq6LQ&google_cver=1&google_push=ASkJ3FbW35hkfjalC0iPmLifd3xm7nBaH5WmtFC3jkQ0z9cwK7cTcbGgGkKPgQpsflwRFXmijx7RGbyP7annu-MUpCNu0cZCGDgb1OoAnyOQQNK-lYoNm1nrvcFxX8dH2dNS4pEkVNHrv41mQK1Kh3ugnw HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FbW35hkfjalC0iPmLifd3xm7nBaH5WmtFC3jkQ0z9cwK7cTcbGgGkKPgQpsflwRFXmijx7RGbyP7annu-MUpCNu0cZCGDgb1OoAnyOQQNK-lYoNm1nrvcFxX8dH2dNS4pEkVNHrv41mQK1Kh3ugnw&google_hm=RYa2mc46-H4tBjLHPK73Ew
Request Chain 272
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPWzrz175wY0WqQSrIjRXGM&google_cver=1&google_push=ASkJ3FZdqCYOhzsYiJqBgtlgFO6K2m4sCnbAmaD17H1Xm5BdYipxkUUShGFkG9LIlBz4yWKYbVnurNoSx7OmDoJONNpge1jzDE6GQbyfUvvMg3QVu6YvrMo0xW4AYamPk1oLP11QSP8E0VtW2UFPOcR_QGk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZdqCYOhzsYiJqBgtlgFO6K2m4sCnbAmaD17H1Xm5BdYipxkUUShGFkG9LIlBz4yWKYbVnurNoSx7OmDoJONNpge1jzDE6GQbyfUvvMg3QVu6YvrMo0xW4AYamPk1oLP11QSP8E0VtW2UFPOcR_QGk
Request Chain 273
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPW4FrxHwhzqNFAK3j34-XM&google_cver=1&google_push=ASkJ3Fah8W_aotQZyKN53Frmoi1hycY5lrrgyt95PBGxAPwDWXLiNcNpgdBGgM9wuzDaDyeQV2NAY_g3K8ohpq7rVxjtP6Eujy6ofzxhySJvBNts0IiB4Bk_iJJxOf9VGYNGp8jC4413X7-EE8NgNxktNWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=M2VhOGE0NWYtZmI5Ny00MjQyLTlmNzctZWRlZTllNjY1ZmRl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3ea8a45f-fb97-4242-9f77-edee9e665fde
Request Chain 274
  • https://an.yandex.ru/mapuid/google/CAESEO6b7LeAJPEiNGcocW4YHxM?ext-param=ASkJ3FZbC9tO6_17yJL9_BFZqayf0BIrec8HQqTLc5NdUarUh_i02Wab3uSijFnSAeGLL_2PFobYuRw_D8f3GpW97Q86vxVFAySn0ytKSQdBJfTFSI7LM5uelem4FNEmMcU6vvWkg4syPnIlYg7NPjCJupYb&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEO6b7LeAJPEiNGcocW4YHxM?redir-setuniq=1&ext-param=ASkJ3FZbC9tO6_17yJL9_BFZqayf0BIrec8HQqTLc5NdUarUh_i02Wab3uSijFnSAeGLL_2PFobYuRw_D8f3GpW97Q86vxVFAySn0ytKSQdBJfTFSI7LM5uelem4FNEmMcU6vvWkg4syPnIlYg7NPjCJupYb&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEO6b7LeAJPEiNGcocW4YHxM&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 284
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 298
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 301
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 302
  • https://match.adsrvr.org/track/cmf/openx?oxid=e3b45ea3-6e74-763d-fb74-7ec42c4eeda3&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3ea8a45f-fb97-4242-9f77-edee9e665fde&ttd_puid=e3b45ea3-6e74-763d-fb74-7ec42c4eeda3&gdpr=0&gdpr_consent=
Request Chain 303
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y4zjjsCo8YUAACxoEFwAAAAA
Request Chain 304
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ab-ZLNodMjRvks8ADx3mbK5pPM8AAAGE3ljnCQ
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECs5LexOjWhwyub2RWQAE80&google_cver=1
Request Chain 308
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 309
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=1&gdpr_consent=
Request Chain 311
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3700458788663942794
Request Chain 313
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhN5Y5MZLioaoM8jmYwHcZl9ifR0Mswt1cQ
Request Chain 315
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCI7Hs5wGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 316
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WG3Ska0RULyXUihgHs2FXfzEZhERr_PnKznniR3StNU
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEIkyRzO5hGlNOtzg8EGOi8&google_cver=1
Request Chain 320
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=
Request Chain 329
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 330
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Drkt%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3131792787444237000V10&type=rkt&refUrl=&vid=01776786713131792787444237000V10&ovsid=2018245963232033260
Request Chain 332
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dapx%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=apx&refUrl=&vid=01776786713131792787444237000V10&ovsid=3700458788663942794
Request Chain 333
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dopx%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3131792787444237000V10&type=opx&refUrl=&vid=01776786713131792787444237000V10&ovsid=2b98373c-c574-4cdd-983b-00aa9ea17f7f
Request Chain 334
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dmma%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=mma&refUrl=&vid=01776786713131792787444237000V10&ovsid=daf4638c-e38e-4b00-8db6-4d838e163c4b
Request Chain 335
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dr1%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7585734676 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/3ea8a45f-fb97-4242-9f77-edee9e665fde HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dr1%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DRX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=r1&refUrl=&vid=01776786713131792787444237000V10&ovsid=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzEzMTc5Mjc4NzQ0NDIzNzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEObxUmh_eNTiRFUJI8vXuzI&google_cver=1
Request Chain 337
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Ddxu%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Ddxu%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=dxu&refUrl=&vid=01776786713131792787444237000V10&ovsid=Tdc03r9i1P1TvF5
Request Chain 338
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b21b56d-c1a1-4a1f-8780-aef1ae259053
Request Chain 339
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-42TPcC5E2pmSVKeeenFQFo2b3CuDnhAhPCMT0g--~A&expires=5 HTTP 302
  • https://sync.ad-stir.com/?symbol=BIDSWITCH&uid=2e000137-6586-4b0e-9d6d-a85959af6d31
Request Chain 340
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dzem%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=dQSB6Rymc0PHw7Hp5C4U&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLEKFJUENSSPFWWGMCQJB3TOSDQGVBTIVJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDCNZXGY3TQNRXGEZTCMZRG44TENZYG42DINBSGM3TAMBQKYYTAJTWONUWIPJTGEZTCNZZGI3TQNZUGQ2DEMZXGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLEKFJUENSSPFWWGMCQJB3TOSDQGVBTIVJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDCNZXGY3TQNRXGEZTCMZRG44TENZYG42DINBSGM3TAMBQKYYTAJTWONUWIPJTGEZTCNZZGI3TQNZUGQ2DEMZXGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=dQSB6Rymc0PHw7Hp5C4U&refUrl=&type=zem&vid=01776786713131792787444237000V10&vsid=3131792787444237000V10
Request Chain 341
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3131792787444237000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3131792787444237000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=2cfe49d9-60db-483f-b8dc-183d0afd5314&cs=1
Request Chain 343
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3ea8a45f-fb97-4242-9f77-edee9e665fde
Request Chain 345
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=3ea8a45f-fb97-4242-9f77-edee9e665fde&dongle=0cfd
Request Chain 346
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4NjMxMzI4Nzg2OTI2ODQ0NjY5 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 347
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFg9zRSAU5hRCNUpFFiCcKc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 348
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4NjMxMzI4Nzg2OTI2ODQ0NjY5
Request Chain 349
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=368631328786926844669&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=368631328786926844669&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d3784b89-8532-493d-b74b-278a5bc9d2eb&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d3784b89-8532-493d-b74b-278a5bc9d2eb&_noobservation=1&_expected_cookie=202d55cccf644ad9b51ba3a5272add37
Request Chain 350
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=368631328786926844669&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=368631328786926844669&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=71c90ea8-9191-43c8-8e03-5d77a2350f23&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522942008261660637&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522942008261660637&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=8700f9b8-eabc-43bd-848e-c6d58f04707b&ssp=triplelift&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522942008261660637&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209270804355005565780&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10522942008261660637&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=2e000137-6586-4b0e-9d6d-a85959af6d31&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 351
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/368631328786926844669?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-gzV.z.5E2oQmNqiElSa7APZuOFlXbw.CQQIEQzV48w--~A&dongle=0883
Request Chain 352
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=368631328786926844669 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=368631328786926844669&dcc=t
Request Chain 354
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3700458788663942794&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECi65O8AMp3VEgSizjPXSAU&google_cver=1
Request Chain 357
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI5T05YQlMtMTQtMVFHTg==
Request Chain 358
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/w_tFNtmdoefsJiAWKd-FPsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-N0PSaDJE2oJ8C5eUDXbMOvIz1rvgZ.hSl9YmMw--~A
Request Chain 359
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=&expires=30
Request Chain 360
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB9ONXBS-14-1QGN
Request Chain 361
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzMyMDFiNWZmZjFmYTdiM2RlYjEwODVkZTI0N2MwMmZlMzEzNzg5Yw
Request Chain 362
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bFJiSe7pRv6mxPQSDQv0sA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bFJiSe7pRv6mxPQSDQv0sA
Request Chain 363
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Q_iapaKzSxiximba7RHdvw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Q_iapaKzSxiximba7RHdvw
Request Chain 368
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 371
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=3700458788663942794
Request Chain 372
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FwtGDLZH9CmTBwadRIG9QCOx
Request Chain 373
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FwtGDLZH9CmTBwadRIG9QCOx
Request Chain 374
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4273112221 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/3ea8a45f-fb97-4242-9f77-edee9e665fde HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
Request Chain 375
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=2018245963232033270
Request Chain 377
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F28434%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=1&gdpr_consent=&us_privacy=1YN-&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYQASIEMVlOLSrtAWh0dHBzOi8vcHJlYmlkLmEtbW8ubmV0L2NjaGFpbi8wLzI4NDM0P2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MVlOLSZBPTk1YmQxZWU1LTM2ZTEtNDM1MS1iMzBhLTZlODM5ZWM5OWY1NiZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTloWkhNdWMyVnlkbVZ1YjJKcFpDNWpiMjB2YzNsdVl6OXdhV1E5TXpJM0puVnBaRDAlM0QmdWlkPXVhLTBjNWE3OTgwLWE5MjctM2UyNC1hZGEzLWRlMDAxZWEyZTA4NjICEho4AQ==
Request Chain 378
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-soI6jhVE2uETpDo3u.pklSiZHdv.VuVcvdyhnRM-~A
Request Chain 379
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYyAgYaOAE=%26buyeruid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/0/12688?gdpr=&gdpr_consent=&us_privacy=&A=95bd1ee5-36e1-4351-b30a-6e839ec99f56&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%3D&uid=Y4zjjkds2i99yIN7uy-JFAAA%264759 HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/cchain/3/12688?gdpr=&gdpr_consent=&us_privacy=&A=95bd1ee5-36e1-4351-b30a-6e839ec99f56&bidder=triplelift&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%3D&uid=368631328786926844669 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F4%252F12688%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253D95bd1ee5-36e1-4351-b30a-6e839ec99f56%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%25253D%2526uid%253D%2523PMUID HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2e000137-6586-4b0e-9d6d-a85959af6d31&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522942008261660637&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=8700f9b8-eabc-43bd-848e-c6d58f04707b&ssp=pubmatic&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522942008261660637&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209270804355005565780&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10522942008261660637&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 380
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-soI6jhVE2uETpDo3u.pklSiZHdv.VuVcvdyhnRM-~A
Request Chain 381
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4zjjkds2i99yIN7uy-JFAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELZx0vd5spCrICJhTg9H_So&google_cver=1
Request Chain 382
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&dcc=t
Request Chain 383
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPxooqaFnKvvKnuVIARJ4nk&google_cver=1
Request Chain 384
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3ea8a45f-fb97-4242-9f77-edee9e665fde&expiration=1672769679&gdpr=0&gdpr_consent=
Request Chain 385
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3700458788663942794
Request Chain 386
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB
Request Chain 387
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAQYuU7HGccAACFj_xQ1lw&expiration=1671387280
Request Chain 388
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=xyKVUnlL_2B8q4v5FiU5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD26DZJNLFK3TMJRPTEQRYOE2HMNKGNFKTK HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD26DZJNLFK3TMJRPTEQRYOE2HMNKGNFKTK HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=xyKVUnlL_2B8q4v5FiU5
Request Chain 394
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y4zjjwABhgRkMgAp HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4zjjwABhgRkMgAp&_test=Y4zjjwABhgRkMgAp
Request Chain 395
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8874452989154502422
Request Chain 396
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=daf4638c-e38e-4b00-8db6-4d838e163c4b
Request Chain 397
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPxooqaFnKvvKnuVIARJ4nk&google_cver=1
Request Chain 398
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&dcc=t
Request Chain 399
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=o_cSDkzOT4pT408sI_4n5XRaSso
Request Chain 400
  • https://tg.socdm.com/aux/idsync?proto=index_exchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y4zjj8Co8YUAACxoEI0AAAAA
Request Chain 403
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhN5Y6Sr2U0Ch60PwF7mGGwVlZJj_1t7Q1w
Request Chain 405
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEIkyRzO5hGlNOtzg8EGOi8&google_cver=1
Request Chain 406
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=0&gdpr_consent=
Request Chain 407
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LB9ONXBS-14-1QGN&gdpr=0
Request Chain 408
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3700458788663942794
Request Chain 410
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=7928478425872582191
Request Chain 411
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WG3Ska0RULyXUihgHs2FXfzEZhERr_PnKznniR3StNU
Request Chain 412
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4061835968315997971 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O3utH4NE2uWc7grSyW4Yo4XsJbvk57I-~A&gdpr=0&gdpr_consent=
Request Chain 413
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-soI6jhVE2uETpDo3u.pklSiZHdv.VuVcvdyhnRM-~A
Request Chain 414
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=
Request Chain 415
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cee840bd-5af5-499c-a769-1121227ea1cc&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=&gdpr_consent=&us_privacy=
Request Chain 421
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=0&gdpr_consent=
Request Chain 422
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y4zjjwAADfIi3wAe HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4zjjwAADfIi3wAe&gdpr=0&gdpr_consent=&_test=Y4zjjwAADfIi3wAe HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O3utH4NE2uWc7grSyW4Yo4XsJbvk57I-~A&gdpr=0&gdpr_consent=
Request Chain 423
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3700458788663942794&gdpr=0&gdpr_consent=
Request Chain 424
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bwKRTTwCkU10VZEaYQGESj8DzEx0CZ1Pbwe1PUzF
Request Chain 425
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y2a7kzj33yy HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O3utH4NE2uWc7grSyW4Yo4XsJbvk57I-~A&gdpr=0&gdpr_consent=
Request Chain 427
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=C-gw5d0mS_i-b9lmSE-3qQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 428
  • https://idsync.rlcdn.com/420486.gif?partner_uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0429f2eb6229e5f208cb045f0b8ef83b4ab1e0e401702f62ccf90431a545f2bc791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwNDI5ZjJlYjYyMjllNWYyMDhjYjA0NWYwYjhlZjgzYjRhYjFlMGU0MDE3MDJmNjJjY2Y5MDQzMWE1NDVmMmJjNzkxNDI2YjU0MTdkY2UyMRAAGgwIkMeznAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwNDI5ZjJlYjYyMjllNWYyMDhjYjA0NWYwYjhlZjgzYjRhYjFlMGU0MDE3MDJmNjJjY2Y5MDQzMWE1NDVmMmJjNzkxNDI2YjU0MTdkY2UyMRAAGgwIkMeznAYSBAgCEABCAEoA&google_gid=CAESENFP-AyNY42v_M0i0kd-6z4&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=58a2f5fe-07df-494b-bb3f-5e04fc0c866a
Request Chain 429
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=daf4638c-e38e-4b00-8db6-4d838e163c4b
Request Chain 430
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEJFODMwRTUtREQyNi00QkY4LUJFNkYtRDk2NjQ4NEZCN0E5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 431
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH-OZ4MiWI75KkEMEPPvo-Y&google_cver=1
Request Chain 432
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1C34F62AA6CB4E31B8567C765B368ED8 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
Request Chain 434
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=
Request Chain 437
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=3700458788663942794&gdpr=0&gdpr_consent=
Request Chain 438
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=eigCtlPaorLRoO0WLkzKxaBkw
Request Chain 439
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=smartadserver&ssp_user_id=71c90ea8-9191-43c8-8e03-5d77a2350f23&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-42TPcC5E2pmSVKeeenFQFo2b3CuDnhAhPCMT0g--~A&expires=5 HTTP 302
  • https://sync.teads.tv/um?eid=20&uid=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=&gdpr_consent=&us_privacy=
Request Chain 440
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8768743804732425733&gdpr=0&gdpr_consent=
Request Chain 441
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LB9ONXBS-14-1QGN HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LB9ONXBS-14-1QGN
Request Chain 442
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=3700458788663942794
Request Chain 443
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_53d487e6-51ea-4af5-9430-e2dcc473b07b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4061835968315997971&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=2e000137-6586-4b0e-9d6d-a85959af6d31
Request Chain 444
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-3a8e2be3-e94c-47bf-7f19-fef28696e169$ip$116.90.74.202
Request Chain 445
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_53d487e6-51ea-4af5-9430-e2dcc473b07b&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=OvgR_4EtQ5tDcxetWQec&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2T3WM5JF6NCFORITK5CEMN4GK5CXKFSWGJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2T3WM5JF6NCFORITK5CEMN4GK5CXKFSWGJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=OvgR_4EtQ5tDcxetWQec&us_privacy=1---
Request Chain 446
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004&rndcb=4857944226 HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=71c90ea8-9191-43c8-8e03-5d77a2350f23&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=2a45317c-0371-4c14-8686-e76856c89596&expires=1&user_group=5&ssp=adconductor&bsw_param=71c90ea8-9191-43c8-8e03-5d77a2350f23 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/2e000137-6586-4b0e-9d6d-a85959af6d31?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
Request Chain 447
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=t7wiqu805rRp&ev=1&pid=558355
Request Chain 448
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Wvxi5VHFMkH1dbSVjDkUpzjxhTEHQSyK34pDhNe82OjzP7rymmlu_u3jmqiIUPeH%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Wvxi5VHFMkH1dbSVjDkUpzjxhTEHQSyK34pDhNe82OjzP7rymmlu_u3jmqiIUPeH%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_53d487e6-51ea-4af5-9430-e2dcc473b07b&obuid=ENC(Wvxi5VHFMkH1dbSVjDkUpzjxhTEHQSyK34pDhNe82OjzP7rymmlu_u3jmqiIUPeH) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=MuyQSg9OpBV9E088Gb5u&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
Request Chain 449
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=1489fad3-4661-4e6b-9c0f-6e29e41eece5
Request Chain 450
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-0nTlOVZE2pedGlttSDSHIscjK.c18PIzrUOW~A
Request Chain 451
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=3df363a0-e574-4426-8c75-2396d0dbc692
Request Chain 454
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=95cc9698-bce1-479b-a038-71378498afa2
Request Chain 455
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8768743804732425733
Request Chain 457
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-ae56chnSFmRosxJyE9VPX5JXNIjgcWXAiZxhe2WIFw
Request Chain 459
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=3ea8a45f-fb97-4242-9f77-edee9e665fde
Request Chain 460
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=0&gdpr_consent=
Request Chain 461
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y4zjkAABhdNxYwAp HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y4zjkAABhdNxYwAp&gdpr=0&gdpr_consent=&_test=Y4zjkAABhdNxYwAp
Request Chain 464
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y4zjj8Co8YUAACxoEI0AAAAA
Request Chain 465
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y4zjjkds2i99yIN7uy-JFAAA%264759
Request Chain 466
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=MuyQSg9OpBV9E088Gb5u&pi=gumgum&tc=1
Request Chain 467
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 469
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LB9ONXBS-14-1QGN HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LB9ONXBS-14-1QGN
Request Chain 473
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LB9ONXBS-14-1QGN HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LB9ONXBS-14-1QGN
Request Chain 479
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D0BE830E5-DD26-4BF8-BE6F-D966484FB7A9 HTTP 302
  • https://prebid.a-mo.net/cchain/4/12688?gdpr=&gdpr_consent=&us_privacy=&A=95bd1ee5-36e1-4351-b30a-6e839ec99f56&bidder=pubmatic&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%3D&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9 HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D%24UID
Request Chain 480
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Oo4r4-lMR79_Gf7yhpbhaXRaSso HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=385bfe3b1a7c1b23&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALnO9crNjOwQM6_HdmAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 481
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=LQYYmLcMADGsxhKEk-OMYw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D0BE830E5-DD26-4BF8-BE6F-D966484FB7A9 HTTP 302
  • https://prebid.a-mo.net/cchain/4/12688?gdpr=&gdpr_consent=&us_privacy=&A=95bd1ee5-36e1-4351-b30a-6e839ec99f56&bidder=pubmatic&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%3D&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9 HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D%24UID
Request Chain 484
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=a900f04cc4274ea6b5671e836b4b7c92 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3700458788663942794 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 486
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Tdc03r9i1P1TvF5&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D0BE830E5-DD26-4BF8-BE6F-D966484FB7A9 HTTP 302
  • https://prebid.a-mo.net/cchain/4/12688?gdpr=&gdpr_consent=&us_privacy=&A=95bd1ee5-36e1-4351-b30a-6e839ec99f56&bidder=pubmatic&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%3D&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9 HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D%24UID
Request Chain 487
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1508%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=4058437249 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/1508/3700458788663942794?zcc=0&sspret=1&rndcb=4058437249 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
Request Chain 490
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 492
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 493
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1C34F62AA6CB4E31B8567C765B368ED8&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=48a1af0fb230226f&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMO73GepsLDQMI6YRNAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 495
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 496
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=&ct=y
Request Chain 497
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8700f9b8-eabc-43bd-848e-c6d58f04707b%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3ea8a45f-fb97-4242-9f77-edee9e665fde&ttd_puid=8700f9b8-eabc-43bd-848e-c6d58f04707b%2C
Request Chain 498
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=2a45317c-0371-4c14-8686-e76856c89596&expires=1&user_group=5&ssp=pubmatic&bsw_param=2e000137-6586-4b0e-9d6d-a85959af6d31 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5cca5054f5c120c4&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALpApZ94ck8AMj1-WjAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 499
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5e2f04a8729020c4&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJpBgqPSO9XANVh4nfAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 500
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=10fb18e4222c20b0&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALnO9crNjOiwMH8gSaAAAAAAA&expiration=1670264083&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 501
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3700458788663942794 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D0BE830E5-DD26-4BF8-BE6F-D966484FB7A9 HTTP 302
  • https://prebid.a-mo.net/cchain/4/12688?gdpr=&gdpr_consent=&us_privacy=&A=95bd1ee5-36e1-4351-b30a-6e839ec99f56&bidder=pubmatic&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%3D&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9 HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D%24UID
Request Chain 503
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1296d98c03621b23&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALnO9crNjOuANDwDO5AAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 504
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1239ffdcd8141b23&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALnO9crNjOvgMyENYWAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 505
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Oo4r4-lMR79_Gf7yhpbhaXRaSso HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=ec2f76cc7631b23&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMO73GepsLDgM2uVtxAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 506
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=oTummR-WCSayzy5yk-OMYw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2fbbe67124d820b0&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALpApZ94ck5QM8p1MEAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 508
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5cde6196d887226f&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJpBgqPSO9LQMORxT9AAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3700458788663942794
Request Chain 509
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3700458788663942794 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3700458788663942794 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 511
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=99bf46fa287041a3b5475144050e62be HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7db1d72b24eb226f&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALpApZ94ck8QMSNWErAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

516 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
www.bg3.co/a/ 		56 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a03b6995702abfb4d5daaac6afa1c699b58c3e15cd0b07d951e05aafe5063e9c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 04 Dec 2022 18:14:26 GMT
ETag
"e1c9-wcERSTdqvSYQ7X9QIBLwBLdtaIE"
Expires
Sun, 04 Dec 2022 19:14:26 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
bceaaa8df473b26f22fda4afc2bc638fbcd6d3b157450a859910dd70fb9d92ca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 04 Dec 2022 18:14:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72666
x-xss-protection
0
server
sffe
etag
"aa8fadd6f8aaa473"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Dec 2022 18:14:27 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
ddce71f85a370bf2976e7a5ea345b6751d383505bcb0d6aa4284481eda5cc6be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 04 Dec 2022 18:14:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9665
x-xss-protection
0
server
sffe
etag
"5683f04eba08618c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Dec 2022 18:14:27 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
f05d9a32665adfa9a3d01d6b6bfa4550b5444578f7408503a44944d435cfc736
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 04 Dec 2022 18:14:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7580
x-xss-protection
0
server
sffe
etag
"65a617a93a518160"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Dec 2022 18:14:27 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
fc392e66c8480302b8b139922da3d69c5bc65f057b101bc1ba0737a0fdf650fd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 04 Dec 2022 18:14:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32042
x-xss-protection
0
server
sffe
etag
"8d52a7de4cfe57f6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 04 Dec 2022 18:14:27 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
44 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2798
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44566
last-modified
Wed, 16 Nov 2022 08:39:32 GMT
server
cloudflare
etag
"6374a1c4-ae16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkC9kHsA6HA%2FJP5ycO15D2Iqbm7G0f%2FMbYvFuNkJPYSCLhdfnpjwXC%2FbJJd0EWTX7AdpJExFS7yzfIb%2FBCvarD5tS9chdfYInfnZXj%2BQpwTyzKPH4uSe04En94xJv5QAoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7746859adbafa961-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
acbd967b013195d0a2c5f8ce38feb0c925bb330d8a684ee902c6b063e8ee0897

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sun, 04 Dec 2022 18:14:28 GMT
content-encoding
br
last-modified
Sun, 04 Dec 2022 08:00:18 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
NZ
content-length
9084
expires
Sun, 04 Dec 2022 19:14:28 GMT
adpushup.js
cdn.adpushup.com/42753/ 		518 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6bfd228178a7920f79853de46df09c0a6ee732b6d92100be5bb99174d05a9c07

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sun, 04 Dec 2022 18:14:28 GMT
content-encoding
br
last-modified
Thu, 17 Nov 2022 09:46:28 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
NZ
content-length
114452
expires
Sun, 04 Dec 2022 19:14:28 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
797
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMCD7z3%2FIZow70aK%2FSYXLfkR7RsFmYLA1FnJDqbJvXq2xs2ESLL%2FZagiCE7xJwYZ9JI6x9Vfn8PUC87HwmpN97HV6mXbRKGUNzQqWpI05g4wlPD7pPG%2FjR6%2B1Op8OstMbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7746859caccba961-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
531ced95d00fc8c26a6140869fb583238b0ccf457b7bb9e98d42d6b8a29323d6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 18:14:29 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
531ced95d00fc8c26a6140869fb583238b0ccf457b7bb9e98d42d6b8a29323d6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 18:14:29 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.3551436348649044&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 18:14:29 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.20869375642440313&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 18:14:29 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:30 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJbjs5wGEogBCiQzYTY3YzFlZC1iMWJiLTQ1ZDAtYjMzMi0xN2NjZWYxYmQ3MDkQ+OiCoKvU+wIaBgiGx7OcBiINMTE2LjkwLjc0LjIwMijM0QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDhiYmJkY2VmLThlNTAtNDNlOS1iNWFlLTRkOTJkOWI3ZDdmZBi46QE=.glLyC1cmmo4zkELrfd16itGMfUUP1651FYOBm/GrrYQ=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1670177670.dop218.la3.t,1670177670.cds216.la3.hn,1670177670.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
b4d131f406950b72ef791515c1555911.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b4d131f406950b72ef791515c1555911.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
aacf8f086c760aa7466434b4b9bed4ef.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/aacf8f086c760aa7466434b4b9bed4ef.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
0a0de8769dd744c6476d9dfbd5efd8ef.jpg
static.bg3.co/imgs/202104/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202104/0a0de8769dd744c6476d9dfbd5efd8ef.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
40facc546a1e990c621627200b6c9d8a.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/40facc546a1e990c621627200b6c9d8a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
9d01266bdc37e76f2caf4a843ef28d8b.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/9d01266bdc37e76f2caf4a843ef28d8b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
7ddc017281b952abcb6fbbff4ce3c76f.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/7ddc017281b952abcb6fbbff4ce3c76f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a73c14cd09d0c8e890e8f159f84089d4.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a73c14cd09d0c8e890e8f159f84089d4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
d135e03e834c8adacbda67302fb6a13b.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/d135e03e834c8adacbda67302fb6a13b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4eac425849d763bfb1a39d41a7528fa2.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4eac425849d763bfb1a39d41a7528fa2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a8afac1ba0c24b16646ddd719427619f.jpg
static.bg3.co/imgs/202206/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202206/a8afac1ba0c24b16646ddd719427619f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8eadaaaeba62620686b62a14ab61a0db.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8eadaaaeba62620686b62a14ab61a0db.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
b50d3677c379b8c95a1386d41d992b11.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b50d3677c379b8c95a1386d41d992b11.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
baf54d872106f347a0bf476292460863.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/baf54d872106f347a0bf476292460863.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
b03ab2a5d36006b92913982845e7b765.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b03ab2a5d36006b92913982845e7b765.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
626045907fbbe78e4d97d2cb38798866.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/626045907fbbe78e4d97d2cb38798866.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cf9c429bf478cce978c710e685583c03.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/cf9c429bf478cce978c710e685583c03.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
504dc3559b51b81aa3f4a3dfcea4522f.jpg
static.bg3.co/imgs/202110/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202110/504dc3559b51b81aa3f4a3dfcea4522f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f8e1ec2c24335c70d4e83c2f8a157255.jpg
static.bg3.co/imgs/202110/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202110/f8e1ec2c24335c70d4e83c2f8a157255.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
85ae1158ea36f4c8cdf2060b7dc6b935.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/85ae1158ea36f4c8cdf2060b7dc6b935.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
7466f9224b7be4a5c08872c6e6837640.jpg
static.bg3.co/imgs/202111/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/7466f9224b7be4a5c08872c6e6837640.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
fdc24baede2eb32cb964bd23ef4a539e.jpg
static.bg3.co/imgs/202112/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202112/fdc24baede2eb32cb964bd23ef4a539e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f4588fb031314b282a6962f4ee0c670f.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f4588fb031314b282a6962f4ee0c670f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
483e9ce8aaa3552c93446dab39418cf9.jpg
static.bg3.co/imgs/202203/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202203/483e9ce8aaa3552c93446dab39418cf9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012211182146000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211182146000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
7ad04b2badabcf30f85b8ebd363e3a90be5af777d8b9b641f4f333cd95e14218
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 00:46:07 GMT
age
408503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2991
x-xss-protection
0
server
sffe
etag
"d121a6c96824df1f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 30 Nov 2023 00:46:07 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012211182146000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211182146000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
903cbdd1e7ac7fe874f0c2989b1f84c59969b89029038616f8e3e26784598b20
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 00:46:07 GMT
age
408503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23061
x-xss-protection
0
server
sffe
etag
"7db2d400778a396c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 30 Nov 2023 00:46:07 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
916 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
fd8faa81ca468e4d96953f770ad08ec2356b6a429935b647de2e09cc554532ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
475
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012211182146000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211182146000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
aee4e76db6bf16ef539fb860a248be6ff869cdd93a68857ea0e9234bf443b372
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 00:46:07 GMT
age
408504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3936
x-xss-protection
0
server
sffe
etag
"8f3dd7de4e903c77"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 30 Nov 2023 00:46:07 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:31 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJfjs5wGEogBCiQ2YTE0YzYxYy03MjFlLTQ2NmYtOGY4NS02YzUxMDNiMzNjMzYQ+OiCoKvU+wIaBgiHx7OcBiINMTE2LjkwLjc0LjIwMijM0QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDA2YzVkMGNmLTljY2QtNDBlOS05NDg0LWIzNDI3ZDYxZDcyORib8QE=.UABNlkAb9e9XemsPIK0wPtVNRMRez1Lv+1gqlrbI3M4=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1670177671.dop218.la3.t,1670177671.cds216.la3.hn,1670177671.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 9729 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
cfd0a2be6c757326ca21d44bba498265cb843048e7bce420ae65bd54c9f339ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34126
x-xss-protection
0
server
cafe
etag
14693608549102210771
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 04 Dec 2022 18:14:29 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3E40 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
48868011bf0a674e15944b6033d8deb29e6a70267034217a4b573d0be2d267ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34132
x-xss-protection
0
server
cafe
etag
17448810519119335053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 04 Dec 2022 18:14:29 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012211182146000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211182146000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5e2df8262e92950212e7f76e7723d7d0208fe500a4ac49b75492b4b56f4c9c59
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 00:46:22 GMT
age
408489
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10257
x-xss-protection
0
server
sffe
etag
"ae1d9564169f1c7a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 30 Nov 2023 00:46:22 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 652B 		714 B
760 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3204
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
774685a35bdba83d-SYD
content-encoding
br
content-type
text/html
date
Sun, 04 Dec 2022 18:14:29 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GedAVcSI4os4MbQAix%2BZki%2B5A2iAZUhJhDyJ1QJ0GPFrDJCY4RE6EBQziPBMSFzz9W9jhQh3GTwyJ0fS5FmpRgMhU3610nEq7UNbSYYR6W6hdMGmA3jjs99WT1p2VGeAwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 18:14:31 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame B06D 		714 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3204
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
774685a36be1a83d-SYD
content-encoding
br
content-type
text/html
date
Sun, 04 Dec 2022 18:14:29 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meYbDgpf6Ec6ooWPLiSaLZ6FDhD%2FuDp%2BGAq7wjotmJf16112h5Ify7Z%2BBvOAAQ2UZzimc9S6OaFFDt0lxcjy7jV5aVi01Ui94%2BYWNbFE97HDL77eCmylsBoi28A30puJYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gtag.json
cdn.ampproject.org/rtv/012211182146000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211182146000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 00:46:08 GMT
age
408502
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"e33e8548c0038d22"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 30 Nov 2023 00:46:08 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B06D 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
fa25c073d50c2e8ec00a208ee08913ab77a71f07df3fed33833c0957754dfda2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27506
x-xss-protection
0
server
sffe
etag
"1411 / 962 of 1000 / last-modified: 1670022376"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 04 Dec 2022 18:14:30 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 652B 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
a713781b13903ac6cd38d181349370a1c3bb822fdf78b11f44c5245550ae9e37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27508
x-xss-protection
0
server
sffe
etag
"1411 / 541 of 1000 / last-modified: 1670022507"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 04 Dec 2022 18:14:30 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ Frame 9729 		354 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
fb7162b5f392bb1ce91069a283086a5106c0b6d9758a1800fd68ec0f05d96f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119170
x-xss-protection
0
server
cafe
etag
8622040246715136833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Dec 2022 18:14:31 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sun, 04 Dec 2022 18:14:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ Frame 3E40 		354 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
04d5cb4a5d092402cc0bc9b999c4cbfc01d1fd895bcfdfc36747668ab967a1c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119170
x-xss-protection
0
server
cafe
etag
6129976035604357148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Dec 2022 18:14:31 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1670177670753
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sun, 04 Dec 2022 18:14:31 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
accept-ranges
bytes
content-length
631
expires
Sun, 04 Dec 2022 19:14:31 GMT
pubads_impl_2022112901.js
securepubads.g.doubleclick.net/gpt/ Frame B06D 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 15:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133261
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 09:37:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Dec 2023 15:27:31 GMT
pubads_impl_2022120101.js
securepubads.g.doubleclick.net/gpt/ Frame 652B 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 12:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281008
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133241
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 09:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Dec 2023 12:11:03 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012211182146000/v0/ 		215 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211182146000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a95822f1c1371dc03a934df5f495fc124a15b9439a94eb474dd0ee21a8e156ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 00:46:54 GMT
age
408457
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57831
x-xss-protection
0
server
sffe
etag
"dc1e08db80c6d301"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 30 Nov 2023 00:46:54 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%8F%AF%E4%BD%97%E7%A9%80%E7%A5%9E%E9%86%AB%E6%8E%A1%E8%97%A5%20%E5%B1%B1%E6%B3%89%E5%AD%95%E8%82%B2%E5%A8%83%E5%A8%83%E9%AD%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-N-iFY2TlSrFrOKvn2v4WgA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.6431230677060993&gjid=0.3133928697832833&_r=1&a=3931&z=0.2836126964604686&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sun, 04 Dec 2022 18:14:32 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=4
content-length
94168
expires
Mon, 04 Dec 2023 18:14:32 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sun, 04 Dec 2022 18:14:32 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=4
content-length
211
expires
Mon, 04 Dec 2023 18:14:32 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sun, 04 Dec 2022 18:14:32 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-length
17440
expires
Sun, 04 Dec 2022 19:14:32 GMT
log
aplogger.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aplogger.adpushup.com/log?event=PAGE_VIEW&data=eyJzaXRlSWQiOjQyNzUzfQ%3D%3D&pxRes=false
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.183.162.69 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 04 Dec 2022 18:14:32 GMT
Server
nginx/1.18.0 (Ubuntu)
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
fa25c073d50c2e8ec00a208ee08913ab77a71f07df3fed33833c0957754dfda2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27506
x-xss-protection
0
server
sffe
etag
"1411 / 231 of 1000 / last-modified: 1670022376"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 04 Dec 2022 18:14:31 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:33 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzAxNzc2NzE0NzUsInBhY2tldElkIjoiMDAwMEE3MDEtYjEzYzU1ZDItM2FjMy00MzMyLThhZDEtMzkyYTE3ZTNhZGY2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1YS10dW8tZ3Utc2hlbi15aS1jYWkteWFvLXNoYW4tcXVhbi15dW4teXUtd2Etd2EteXUuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=5617.800000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:33 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzAxNzc2NzE0NzYsInBhY2tldElkIjoiMDAwMEE3MDEtYjEzYzU1ZDItM2FjMy00MzMyLThhZDEtMzkyYTE3ZTNhZGY2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1YS10dW8tZ3Utc2hlbi15aS1jYWkteWFvLXNoYW4tcXVhbi15dW4teXUtd2Etd2EteXUuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=5618.39999961853
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:33 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzAxNzc2NzE0NzYsInBhY2tldElkIjoiMDAwMEE3MDEtYjEzYzU1ZDItM2FjMy00MzMyLThhZDEtMzkyYTE3ZTNhZGY2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1YS10dW8tZ3Utc2hlbi15aS1jYWkteWFvLXNoYW4tcXVhbi15dW4teXUtd2Etd2EteXUuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19&c_b=5618.699999809265
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:33 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:33 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
14238
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Sun, 04 Dec 2022 22:14:33 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzAxNzc2NzE0ODEsInBhY2tldElkIjoiMDAwMEE3MDEtYjEzYzU1ZDItM2FjMy00MzMyLThhZDEtMzkyYTE3ZTNhZGY2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1YS10dW8tZ3Utc2hlbi15aS1jYWkteWFvLXNoYW4tcXVhbi15dW4teXUtd2Etd2EteXUuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=5623.10000038147
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:33 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzAxNzc2NzE0ODMsInBhY2tldElkIjoiMDAwMEE3MDEtYjEzYzU1ZDItM2FjMy00MzMyLThhZDEtMzkyYTE3ZTNhZGY2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1YS10dW8tZ3Utc2hlbi15aS1jYWkteWFvLXNoYW4tcXVhbi15dW4teXUtd2Etd2EteXUuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M18xMjBYNjAwXzEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=5625.699999809265
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:33 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.json
adservice.google.com/adsid/ 		86 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-7704976793518555037.ampproject.net/2211182146000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-7704976793518555037.ampproject.net/2211182146000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.co.nz/adsid/ Frame B06D 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B06D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame B06D 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1967544007027456&correlator=1909349128991190&eid=31070919&output=ldjh&gdfp_req=1&vrg=2022112901&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1670177671923&lmt=1644386353&dlt=1670177669749&idt=2152&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=fc1kt5im61yb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=2046676991.1670177672&ga_sid=1670177672&ga_hid=187701566&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
2cca407391ab15efb011c3f537055f380b288270d071e54e057d908e39350223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9729d5087ff818b0b79a62ce4bdbce37.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B86 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9729d5087ff818b0b79a62ce4bdbce37.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:32 GMT
expires
Mon, 04 Dec 2023 18:14:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 9729 		379 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
0393b569a5017b539700e1ffc461021ddf1cd87fb20453c39c42c246625fdc08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 9729 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9729 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E256 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670444&bpp=13&bdt=1912&idt=1671&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=2&ga_vid=58647860.1670177672&ga_sid=1670177672&ga_hid=704215445&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2728&biw=1600&bih=1200&isw=336&ish=280&ifk=2645147040&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44769305&oid=2&pvsid=1260793036798672&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.entewpu2fqze&btvi=1&fsb=1&dtd=1688
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
9148f395243f1778ab36d814fa625b42431d0689160f1305e45fd74642cd598a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9926
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:33 GMT
expires
Sun, 04 Dec 2022 18:14:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 652B 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 652B 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 652B 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1170128231590072&correlator=1362584022265735&eid=31071116&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1670177672179&lmt=1644386353&dlt=1670177669756&idt=2398&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=838e0q33cxwf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=510652660.1670177672&ga_sid=1670177672&ga_hid=1370768599&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
4ce9ae52814b6857b6def6fb94871c5d86fb2eff613c24c38b75775445a9e0e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e2dd83f92ede647e34b862d5f3015f49.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2ED7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e2dd83f92ede647e34b862d5f3015f49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:32 GMT
expires
Mon, 04 Dec 2023 18:14:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022112901.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 15:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133261
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 09:37:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Dec 2023 15:27:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Sun, 04 Dec 2022 18:14:32 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 3E40 		379 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
bbbafeba5415c90e50e90b12cd5d90bb75a6735ab46f97457d1f67e214f2fe97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 3E40 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3E40 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4645 		34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670624&bpp=11&bdt=2108&idt=1739&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=1&ga_vid=899201855.1670177672&ga_sid=1670177672&ga_hid=886574681&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=314711376&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C42531705%2C31070993%2C44770881%2C31070950&oid=2&pvsid=2769677050538043&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.atvdsnn5y3sc&fsb=1&dtd=1756
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
7cd8920c6b82e590e69f6a5a7f8366f97f761ff15498a0a88976c4cef996a367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
13337
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:33 GMT
expires
Sun, 04 Dec 2022 18:14:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D66A 		603 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-6301175252022345295&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3129&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=224003931&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&ga_hid=3931&dt=1670177671933&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&bdt=4747&dtd=651&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211182146000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:33 GMT
expires
Sun, 04 Dec 2022 18:14:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
content-encoding
gzip
etag
"nAbmxtqHqaYrwBiADJAeFg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 11 Dec 2022 18:14:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B06D 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022112901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
44c9bf74943ff5bd8bb37d5a2580e9430b7ecb859141dabb2ab68743e4188ad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12491
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 652B 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a28ac4d4339e2f6134a8fe3deb1e48c52775739e671a904d10f6238667449547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12657
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221204
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31ac8767cea18f1e30a3802d1b14b2a416023ad85e042ece628494b8c077e8dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Dec 2022 18:14:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8024
x-jsd-version
1.0.1546
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4525-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"670-08zMzyjBoA275IEaeXwhB1Z2JuA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ceGbjZY2okWvPaGpQG%2BiGi5IcmJvOSVn0EPjsw%2BZvt7pLHRHbwsO2A9ywzA%2BCxyaKEUz2Gtzu7c%2Ff8r9T5OwYRyT0cVL7LmFvMPH%2Fc4Ov%2FpOTbD4q2epEuL4arAkdI5fE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
774685bbccc0a959-SYD
bid-request
a.teads.tv/hb/ 		16 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.197.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-197-63.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:34 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 04 Dec 2022 18:14:34 GMT
prebid
ib.adnxs.com/ut/v3/ 		376 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
34f4914936c44fb25997c33a6ba9a1c0ba0566b2c0178da9245228e4c91e3194
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:34 GMT
AN-X-Request-Uuid
9d4c7b75-8e66-4812-8f0a-42225806ede2
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
376
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.167.239 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-167-239.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:33 GMT
accept-ch
sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d48d978cae70de03658a8bb9a208bc7eb905b09eae9bf8efb40a0d5afbf0f238

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:33 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
161
alt-svc
clear
expires
Sun, 04 Dec 2022 18:14:33 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=45147488361
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Dec 2022 18:14:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Sun, 04 Dec 2022 18:14:33 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
arj
adpushup-d.openx.net/w/1.0/ 		32 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2f2300ef-ca0e-45a2-9772-3f77d10b0e64%2Caa6f7503-2838-49d8-bfa5-a2c1f3e3d239%2C3d5d8046-150f-4c8e-8602-907638c2f8cc&nocache=1670177673225&pubcid=301861fa-c7f3-49ca-a1a2-b62c4869de5e&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
19b079c04b65c654a9d41165e57e8d55216331ce8008edd25958e383a30f2160

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4618
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=04c61fad-d978-4758-8873-1f81ccb10da6&nocache=1670177673226&pubcid=301861fa-c7f3-49ca-a1a2-b62c4869de5e&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:33 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=74b6dc4c-396d-4dfe-97dc-793c6e70e712&nocache=1670177673226&pubcid=301861fa-c7f3-49ca-a1a2-b62c4869de5e&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:33 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c410d45a-4466-44bf-93f4-1a3573b730fa&nocache=1670177673226&pubcid=301861fa-c7f3-49ca-a1a2-b62c4869de5e&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:33 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.104.137 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-104-137.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d7d1fde491a699f603f55fe3944e3081330387f8cadc6ed7490ae23ab135cdf3

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:34 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.104.137 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-104-137.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
9cd5a393df4f0201d8439ac2170ee7d9a4672ac5737131a78ebf0b541f6a28d5

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:34 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.104.137 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-104-137.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
fbb99341176b3438238014d8216f0dfac9e5ffe51417f93ade3f2742a9905324

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:34 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=301861fa-c7f3-49ca-a1a2-b62c4869de5e%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=3ae27ba6-55df-4302-a1a1-cd166f595d8f%3B79935840-39f3-493d-9d16-1de498e10997%3B48f54fd4-e564-48c9-8845-e4989f0faa73&l_pb_bid_id=453a25ff5f52d67%3B46848dae06be94d%3B477928118f003f4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.44998518570724855
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f1324e2bffed7c9652b2d6324d3df72202b5958b725684919ded1fb07706c470

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/ 		717 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10204
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Dec 2022 18:14:34 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		37 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22529b39d3567d178%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22596838948418c83%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%226295f27b1dc1d62%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2263a3fe22b430d33%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22301861fa-c7f3-49ca-a1a2-b62c4869de5e%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a54aa12755205f52b15f5b7ab0dac976d3d24815ac15199cb6b63dbe542d90a

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blbLrfcP30OGKbWxO2a7pU7Z2fuylWVZ3qtZQXBejCVlTPm3b3yf9z%2FYYf92HwgxwPfCzUOk5p9KKaS%2BIh27SyayP4iBM6%2F3%2BGTxBnkSyHjp9TYAE2WmYT%2B2HijbEfvuSq9Cykep"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
774685bc0977aac4-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22529b39d3567d178%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226295f27b1dc1d62%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2263a3fe22b430d33%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22301861fa-c7f3-49ca-a1a2-b62c4869de5e%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a54aa12755205f52b15f5b7ab0dac976d3d24815ac15199cb6b63dbe542d90a

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vK61Lnv62mXlctMJOmHuorw9dWaNP%2BSMIR4BH2FKD8p9KdM61etOQ6UF1Zq9faSF6FDDP4BphV7aCatzQjmX%2BH5v%2Bl%2BQc91A6wNQYkpnSjRjTB34XrUERYObyK3MIUSUBeL2F9a7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
774685bc0978aac4-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.7.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-7-184.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Dec 2022 18:14:34 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
11
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
dd44ce753222e21a3a233b56923b209aeb2443a7625cf468300bd1e5ef083618

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 04 Dec 2022 18:14:34 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
adview
googleads.g.doubleclick.net/pagead/ Frame E256 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CAeLxiOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgTzAU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2t_KcfJ9qgnYcfgBZsZkvnQ1x3pflbi38kcNVHVTvLF20FRcEDCBIAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=kegzvZQlCng&uach_m=[UACH]&cid=CAQSGwDq26N9n7nVkvmreyoEzLG0glPsfWjPzsWyRxgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670444&bpp=13&bdt=1912&idt=1671&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=2&ga_vid=58647860.1670177672&ga_sid=1670177672&ga_hid=704215445&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2728&biw=1600&bih=1200&isw=336&ish=280&ifk=2645147040&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44769305&oid=2&pvsid=1260793036798672&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.entewpu2fqze&btvi=1&fsb=1&dtd=1688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670444&bpp=13&bdt=1912&idt=1671&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=2&ga_vid=58647860.1670177672&ga_sid=1670177672&ga_hid=704215445&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2728&biw=1600&bih=1200&isw=336&ish=280&ifk=2645147040&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44769305&oid=2&pvsid=1260793036798672&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.entewpu2fqze&btvi=1&fsb=1&dtd=1688
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 04 Dec 2022 18:14:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame E256 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k43fEZ_IC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQiOOMYx7tto5JLIqtoLiuABIAAA&wp=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670444&bpp=13&bdt=1912&idt=1671&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=2&ga_vid=58647860.1670177672&ga_sid=1670177672&ga_hid=704215445&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2728&biw=1600&bih=1200&isw=336&ish=280&ifk=2645147040&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44769305&oid=2&pvsid=1260793036798672&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.entewpu2fqze&btvi=1&fsb=1&dtd=1688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
184936
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame F43C 		171 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670444&bpp=13&bdt=1912&idt=1671&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=2&ga_vid=58647860.1670177672&ga_sid=1670177672&ga_hid=704215445&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2728&biw=1600&bih=1200&isw=336&ish=280&ifk=2645147040&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44769305&oid=2&pvsid=1260793036798672&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.entewpu2fqze&btvi=1&fsb=1&dtd=1688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3d2a95f8eb067d178bb65e3879342dae9e84446893ba2456efa761f5a9f50c54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:33 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=Ak0JgxxTWef3-gbVv5jyIeNbegGGNXOBjvNbT4FYLaajgEpbmN1VDPWcMughMseXCCpAE6qP-rDx_0b8yrNIv6kZDPbEdZiyh8kaDpRCaee6NqyYONaOVWnaRH-2lWRZRP4kNnn-NtRFqWNbVCoVovfjuLzBJtjG17YwLWXY02OFpqKS-v-F1jgQq09oVQwtk9osXTPBmLWnZ8Si4nVg1r8ns3Q_IsDDdc-v8eKcHRYQvFp3Do0u9mQMqmontBOEODNBaXz6GRMWCQrf"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
63400924
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E256 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670444&bpp=13&bdt=1912&idt=1671&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=2&ga_vid=58647860.1670177672&ga_sid=1670177672&ga_hid=704215445&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2728&biw=1600&bih=1200&isw=336&ish=280&ifk=2645147040&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44769305&oid=2&pvsid=1260793036798672&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.entewpu2fqze&btvi=1&fsb=1&dtd=1688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 02:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
55214
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 02:54:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E256 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670444&bpp=13&bdt=1912&idt=1671&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=2&ga_vid=58647860.1670177672&ga_sid=1670177672&ga_hid=704215445&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2728&biw=1600&bih=1200&isw=336&ish=280&ifk=2645147040&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44769305&oid=2&pvsid=1260793036798672&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.entewpu2fqze&btvi=1&fsb=1&dtd=1688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 02:40:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
56037
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 02:40:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E256 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670444&bpp=13&bdt=1912&idt=1671&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=2&ga_vid=58647860.1670177672&ga_sid=1670177672&ga_hid=704215445&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2728&biw=1600&bih=1200&isw=336&ish=280&ifk=2645147040&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44769305&oid=2&pvsid=1260793036798672&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.entewpu2fqze&btvi=1&fsb=1&dtd=1688
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Dec 2022 18:14:33 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B06D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Dec 2022 18:14:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C427 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cj4hXiOOMY9THMZncogPc9JLwCvbU1-NtnZy51YoKwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBO0BT9AaFC_jbWUi06y-4Q-mTk_2IJAwGLETcamnEL2A--xUstLp3q0tlkcMmV59fI1ZORirqkMg_9NiUYkdylYsis_RbBJqwEKfolaG0q25BFBrxZU1AXj8PMuCqWxJi78CudtAE7mh5KP8ru8F9sjMq3DfjslFnr5CdQN6DRjXjtnQ3zye_KudbrivBHw2NI0KE6tPp9Ab9piPVy44Fe-UB7V9YYIzbho1kqtpm-TME-rn0MXSfB2HOOp2xQ1HhfI7xJJKgaQbI3axXNleKInMyZNSZE9kD0WX3FoCj-KDt_VtJwaePKucABKwQLcXgAbM6Iunp5jN9CigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=KSn3jixoUtA&uach_m=[UACH]&cid=CAQSKQDq26N9OGcPzQlLoD1gC022CbmO1L1V8ZrMFh8fWAcrzgfKKGQ-GFy8GAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670624&bpp=11&bdt=2108&idt=1739&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=1&ga_vid=899201855.1670177672&ga_sid=1670177672&ga_hid=886574681&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=314711376&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C42531705%2C31070993%2C44770881%2C31070950&oid=2&pvsid=2769677050538043&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.atvdsnn5y3sc&fsb=1&dtd=1756
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 04 Dec 2022 18:14:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
/
b1-sindc1.zemanta.com/bidder/win/googleadx_display/809403e5-73ff-11ed-9d1d-152d64f52c0c/Y4zjiAAMY9QKaK4ZAAS6XFkNQiGxNYJ0Sxn-3w/QGV7HF6L2DKFCYVXGPLPTD6K5RZ3BZRPFUASKMRO5P6I7JUK2WOU2DYZERTOVPJME4BCMF... Frame C427 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1-sindc1.zemanta.com/bidder/win/googleadx_display/809403e5-73ff-11ed-9d1d-152d64f52c0c/Y4zjiAAMY9QKaK4ZAAS6XFkNQiGxNYJ0Sxn-3w/QGV7HF6L2DKFCYVXGPLPTD6K5RZ3BZRPFUASKMRO5P6I7JUK2WOU2DYZERTOVPJME4BCMF6PCCB3EBSNYG5L5MUL4DYYU5ROG4HHOER63VF6PSIMVQ4JL6F6ID7SWYMHPXTJPZVFBDPROZ47ETUOLBU6ZOYNJ7FHWDVOBWJGSY2WT2K6HKSAZIVQI3V77M4LCBUHJ5XY3UJ3YIT5NXF227Q2K572FJUSA5Q7KFKKOOI7JBCS4JH6BP6HOMJNXHYH4AQWBSMLCYPHYUVT3UXBKZADG6W6W7MCVQRVDGZZ7KBGB365TBMBTP5CHGI4KRURVMMQFNHGAP2XYKU424TWT7SWAOLC2WQ6M53P37LFHTE6SY6P4PTVQ6RNTPR4K4X24PYIIP46K2TBB6P7MIRKFI2QYUMVRP2B23SXVLDXDKQC3B5IXO4QT2EB5UBSFADV36PINPP3GQJMVYFPLCAL2YL7OKDW6I4D4F6GO36CFGF3GTTU2NTA/?
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 04 Dec 2022 18:14:34 GMT
Content-Length
0
/
asia.adform.net/adfscript/ Frame C427 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asia.adform.net/adfscript/?bn=56367626;click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCrPyiOOMY9THMZncogPc9JLwCvbU1-NtnZy51YoKwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBPABT9AaFC_jbWUi06y-4Q-mTk_2IJAwGLETcamnEL2A--xUstLp3q0tlkcMmV59fI1ZORirqkMg_9NiUYkdylYsis_RbBJqwEKfolaG0q25BFBrxZU1AXj8PMuCqWxJi78CudtAE7mh5KP8ru8F9sjMq3DfjslFnr5CdQN6DRjXjtnQ3zye_KudbrivBHw2NI0KE6tPp9Ab9piPVy44Fe-UB7V9YYIzbho1kqtpm-TME-rn0MXSfB2HOOp2xQ1HhfI7xJJKgaQbIzSzfUvj5lKqNkgIv6ZB54S1_FCGhsybNDicAu5VmoKwGK1bg9HoxMEqgAbM6Iunp5jN9CigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JA-u3TZs28Km8kPE--DS1klr8Ow%26client%3Dca-pub-4485239425924787%26adurl%3Dhttps%253A%252F%252Fr1-usc1.zemanta.com%252Frp2%252Fb1_googleadx_display%252F27660748%252F92404976%252FAGKG7OXTSH5KTAIK2L62UXRWSO3DGO2PVEHYMQOXLQ2P26CTVOJHUPNXYK6I6I3HECD6OHJ6LM7K6V7NZ7BDK35BWCIOVFHKQVT4NPOY6GXGXEHCWNIGIQU2HKFHLPL2R4R5HCWPMLXHUBDKRWDPVLUAO6VVRIV5ERMHN66JWOBOEUDY2DJWKSGUH2H2Y2EYKAOYLOLPPXCWQKDR6LPA35QPWF7X7YNLMVGIEKOPSI3ZLBA7FKNFYMYKVEYWCZUCBOZTINI6A7CWRFBBAM5K5SMJEFUMC3MLFITU3WHUQXZ3BYV3QST7GWYPB2PICX3TASW6TDNQPIEDTH6R5O2EODU7UZTO6ZJYGPH4PWFMOPG2U5TXBUGJDAQZBWQ6Y3ZEGI4ABGUF2D75RBXFXOSLQZXN42NPP4UPJOEFAU6LHB5XH7MBSYTHRXLNKI2RVY5T2TXRLTIQB6RQ5UKUMYLEWLQKEBJZONCY7JOR7WMP5FJ6ZOG27CF4QD5PQTP3XUV7MABVDZNN5HJS5PBYTGWNL5Z2TU3SVSJCPZJ6J7SFXQ6DKFJGUZHFLM3SQCDWYYSP%252F%253Frurl%253D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670624&bpp=11&bdt=2108&idt=1739&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=1&ga_vid=899201855.1670177672&ga_sid=1670177672&ga_hid=886574681&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=314711376&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C42531705%2C31070993%2C44770881%2C31070950&oid=2&pvsid=2769677050538043&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.atvdsnn5y3sc&fsb=1&dtd=1756
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4e134faa7cf31404fe664a49ad6fc802852bd7e2867543dda94d20cba1ca8fce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1986
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C427 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670624&bpp=11&bdt=2108&idt=1739&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=1&ga_vid=899201855.1670177672&ga_sid=1670177672&ga_hid=886574681&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=314711376&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C42531705%2C31070993%2C44770881%2C31070950&oid=2&pvsid=2769677050538043&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.atvdsnn5y3sc&fsb=1&dtd=1756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 02:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
55215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 02:54:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C427 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670624&bpp=11&bdt=2108&idt=1739&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=1&ga_vid=899201855.1670177672&ga_sid=1670177672&ga_hid=886574681&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=314711376&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C42531705%2C31070993%2C44770881%2C31070950&oid=2&pvsid=2769677050538043&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.atvdsnn5y3sc&fsb=1&dtd=1756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 02:40:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
56037
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 02:40:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C427 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670624&bpp=11&bdt=2108&idt=1739&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=1&ga_vid=899201855.1670177672&ga_sid=1670177672&ga_hid=886574681&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=314711376&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C42531705%2C31070993%2C44770881%2C31070950&oid=2&pvsid=2769677050538043&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.atvdsnn5y3sc&fsb=1&dtd=1756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Dec 2022 18:14:33 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 652B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Dec 2022 18:14:33 GMT
log
aplogger.adpushup.com/ 		0
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI4MjEyNzdfMTY3MDE3NzY3Mzc2NyIsInVzZXJJZCI6Ijk0MzI1MV8xNjcwMTc3NjczNzY3Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiODc0MDgzXzE2NzAxNzc2NzM3NjciLCJwYWdlUGF0aCI6IiUyRmElMkZodWEtdHVvLWd1LXNoZW4teWktY2FpLXlhby1zaGFuLXF1YW4teXVuLXl1LXdhLXdhLXl1Lmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGaHVhLXR1by1ndS1zaGVuLXlpLWNhaS15YW8tc2hhbi1xdWFuLXl1bi15dS13YS13YS15dS5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6Im5vUHJldmlld1BhZ2UiLCJleHBlcmltZW50UGFnZSI6ZmFsc2UsInRpbWVzdGFtcCI6MTY3MDE3NzY3Mzc2OH0=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.183.162.69 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 04 Dec 2022 18:14:34 GMT
Server
nginx/1.18.0 (Ubuntu)
L2EvaHVhLXR1by1ndS1zaGVuLXlpLWNhaS15YW8tc2hhbi1xdWFuLXl1bi15dS13YS13YS15dS5odG1s.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvaHVhLXR1by1ndS1zaGVuLXlpLWNhaS15YW8tc2hhbi1xdWFuLXl1bi15dS13YS13YS15dS5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sun, 04 Dec 2022 18:14:34 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=9, origin; dur=215
content-length
555
expires
Sun, 04 Dec 2022 19:14:34 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame F43C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:14:34 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame F43C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:14:34 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame F43C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 29 Nov 2023 18:14:34 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame F43C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 29 Nov 2023 18:14:34 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame F43C 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=FGkN3eDNrJgqjPDWEW-T0K5sQM6PIE0XdUIp36aIz0vb0M3rBtiacaLn8Pnbm4Qkqj4EfF0jYSSBx9YMBm0Q7quuDfZkjiCgjP3elVwcffw3yy1SgdkIPFS3rOw7VL7UaEws81zMduDIv3dyylyyWXO-2XnOB04UB-GT_cBnxKbvle-d9VLA1ehlcJQ7uhf1dSQACbP_3OQzTcd2JWOnJ9Veq8FH6zjPa1B5h4bz3F3IiE5hNGElp5eK-ZgxapQnPy0xdI_nP6u_UA99FnfGM51o1kEYE1x6-c0GX1tzSZJM1NH41_swBAFd34JB95F9tI4novbI8un6kIXoFDQMaU-w6ISdNQbxJYSNzFZtEpb0jQ2Zx2eWIpWiB6dH5cbbWhW-C9F-8vQ_DOGKqcSJOk-pOfhAknNgw5yOGFBBblMbRO46
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2651369
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame E256 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363b7808e7bcdb212b6c9c0d08d31ef22a2128168459bcbc9e3e834a2214e7ae

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
static.criteo.net/design/dt/ Frame F43C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Dec 2017 12:57:30 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5a2151ba-3b68"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:14:34 GMT
b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
static.criteo.net/design/dt/ Frame F43C 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 30 Oct 2017 21:00:07 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"59f792d7-7a00"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:14:34 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F43C 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1027166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fl828nm5VVw%2Fm61E1EAFFQXUkaHFnaiRyOQdJSVORWOYHLjuFpWdjVonItmg1f14mZVUTjDmNk0QY5ODlgHAw50FdGmFlHZBrWPRiIvM0PdXW8vhyv167abVJcQTdkiIZTfVoz0u"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
774685c58c43a94d-SYD
expires
Fri, 24 Nov 2023 18:14:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EBB5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
8371
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 15:55:03 GMT
expires
Mon, 04 Dec 2023 15:55:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5DEA 		783 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
GSE /
Resource Hash
1f9589bc9008fdf8ecef5ed384fd2288ded96290a3e85ba340dc41354565f03c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FikVsMPFq3DhAip7FV1pbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-FikVsMPFq3DhAip7FV1pbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:35 GMT
expires
Sun, 04 Dec 2022 18:14:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
1f87ba80d5116f9c61731ecf915a813d8d29cf03c48d3ffea68360fc372a02ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78549
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 04 Dec 2022 18:14:35 GMT
log
aplogger.adpushup.com/ 		0
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9odWEtdHVvLWd1LXNoZW4teWktY2FpLXlhby1zaGFuLXF1YW4teXVuLXl1LXdhLXdhLXl1Lmh0bWwiLCJ0aW1lIjoxNjcwMTc3Njc0MzUyfQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.183.162.69 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 04 Dec 2022 18:14:35 GMT
Server
nginx/1.18.0 (Ubuntu)
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9950 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
8371
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 15:55:03 GMT
expires
Mon, 04 Dec 2023 15:55:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6A9D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
GSE /
Resource Hash
a92db6dd3e5d507d15e34d178943ade193b93d96100adde7b8d6bd70b92a1b4a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JmmSYwgIYUJ4BiW_2FhtnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-JmmSYwgIYUJ4BiW_2FhtnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:35 GMT
expires
Sun, 04 Dec 2022 18:14:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
animejs.js
static.criteo.net/animejs/ Frame F43C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:14:34 GMT
afe6f18fe23241b590c6f8d584172abd_cpn_336x280_1.jpg
static.criteo.net/design/dt/77429/221123/ Frame F43C 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/77429/221123/afe6f18fe23241b590c6f8d584172abd_cpn_336x280_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
e30a2970aea56ba873dc88426b8aa97a97eae9e6c404bfce7452cc9a9f4e6fa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 23 Nov 2022 14:31:20 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"637e2eb8-d350"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
54096
expires
Wed, 29 Nov 2023 18:14:35 GMT
img
pix.as.criteo.net/img/ Frame F43C 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=77429&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F3730%2F190603%2F2dff6bd7f81440d493b2b749e0ded2b5_logo_n_horizontal.png&v=3&w=668&s=KCPp5-fJJDCQ9qgTEssM5hEc
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f85b221e07f505ecdb564fb4e0311d534bb10fd16b26a4d6af26ca077cca6f40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28113476
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4512
expires
Thu, 26 Oct 2023 03:32:32 GMT
img
pix.as.criteo.net/img/ Frame F43C 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_56J804-042_C_0004_al&v=3&w=400&s=o3pCFyTqmmz5RniSbUQyZH5n&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
75421959fd0e01aace5426f5cc5b434a990f84f23d4b18d764392016f25cc101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13386
expires
Sun, 04 Dec 2022 18:14:35 GMT
img
pix.as.criteo.net/img/ Frame F43C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_496606_al&v=3&w=400&s=SR-aNxe5lzwAX3VZV7yhZ0Ty&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
a764d8fa0542053f90b23883eebaed46ce92833ad3d74c86f9b570f55aca0801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4756
expires
Sun, 04 Dec 2022 18:14:35 GMT
img
pix.as.criteo.net/img/ Frame F43C 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_DX9656-010_C_0001_al&v=3&w=400&s=8IZ6sZiGMCJt5NDncpXvmMFW&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
0025aa08addc9008f9be153b8ed1569e0c74eb55b9d28e865d3a7be7c837a618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8672
expires
Sun, 04 Dec 2022 18:14:35 GMT
img
pix.as.criteo.net/img/ Frame F43C 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_033432_al&v=3&w=400&s=EqnVne51orUUD1gQB8jygl2h&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e940c26d8c38594e38187b2432ee96e6ab0d6849f539d46ecd5dd79d0e8fe605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15172
expires
Sun, 04 Dec 2022 18:14:35 GMT
img
pix.as.criteo.net/img/ Frame F43C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_546300_al&v=3&w=400&s=kFAY1h2wgZ5ARFgbRB4CFKB7&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ba48da77676fb0fc521977986cf9d5186f7698b08214348cfae440981cbc5f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11228
expires
Sun, 04 Dec 2022 18:14:35 GMT
img
pix.as.criteo.net/img/ Frame F43C 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_526095_al&v=3&w=400&s=PzQKdSomm9NHJw_0B8XN8cyy&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
b847d28ccf464711494965c769e73a17ebb04fc32dc28b4a60ec8dcd103541a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12516
expires
Sun, 04 Dec 2022 18:14:35 GMT
all
csm.as.criteo.net/ Frame F43C 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=Ak0JgxxTWef3-gbVv5jyIeNbegGGNXOBjvNbT4FYLaajgEpbmN1VDPWcMughMseXCCpAE6qP-rDx_0b8yrNIv6kZDPbEdZiyh8kaDpRCaee6NqyYONaOVWnaRH-2lWRZRP4kNnn-NtRFqWNbVCoVovfjuLzBJtjG17YwLWXY02OFpqKS-v-F1jgQq09oVQwtk9osXTPBmLWnZ8Si4nVg1r8ns3Q_IsDDdc-v8eKcHRYQvFp3Do0u9mQMqmontBOEODNBaXz6GRMWCQrf&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Dec 2022 18:14:36 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F43C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:14:35 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame F43C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:14:35 GMT
bootstrap.js
s2.adform.net/stoat/626/s2.adform.net/ Frame C427 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Requested by
Host: asia.adform.net
URL: https://asia.adform.net/adfscript/?bn=56367626;click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCrPyiOOMY9THMZncogPc9JLwCvbU1-NtnZy51YoKwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBPABT9AaFC_jbWUi06y-4Q-mTk_2IJAwGLETcamnEL2A--xUstLp3q0tlkcMmV59fI1ZORirqkMg_9NiUYkdylYsis_RbBJqwEKfolaG0q25BFBrxZU1AXj8PMuCqWxJi78CudtAE7mh5KP8ru8F9sjMq3DfjslFnr5CdQN6DRjXjtnQ3zye_KudbrivBHw2NI0KE6tPp9Ab9piPVy44Fe-UB7V9YYIzbho1kqtpm-TME-rn0MXSfB2HOOp2xQ1HhfI7xJJKgaQbIzSzfUvj5lKqNkgIv6ZB54S1_FCGhsybNDicAu5VmoKwGK1bg9HoxMEqgAbM6Iunp5jN9CigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JA-u3TZs28Km8kPE--DS1klr8Ow%26client%3Dca-pub-4485239425924787%26adurl%3Dhttps%253A%252F%252Fr1-usc1.zemanta.com%252Frp2%252Fb1_googleadx_display%252F27660748%252F92404976%252FAGKG7OXTSH5KTAIK2L62UXRWSO3DGO2PVEHYMQOXLQ2P26CTVOJHUPNXYK6I6I3HECD6OHJ6LM7K6V7NZ7BDK35BWCIOVFHKQVT4NPOY6GXGXEHCWNIGIQU2HKFHLPL2R4R5HCWPMLXHUBDKRWDPVLUAO6VVRIV5ERMHN66JWOBOEUDY2DJWKSGUH2H2Y2EYKAOYLOLPPXCWQKDR6LPA35QPWF7X7YNLMVGIEKOPSI3ZLBA7FKNFYMYKVEYWCZUCBOZTINI6A7CWRFBBAM5K5SMJEFUMC3MLFITU3WHUQXZ3BYV3QST7GWYPB2PICX3TASW6TDNQPIEDTH6R5O2EODU7UZTO6ZJYGPH4PWFMOPG2U5TXBUGJDAQZBWQ6Y3ZEGI4ABGUF2D75RBXFXOSLQZXN42NPP4UPJOEFAU6LHB5XH7MBSYTHRXLNKI2RVY5T2TXRLTIQB6RQ5UKUMYLEWLQKEBJZONCY7JOR7WMP5FJ6ZOG27CF4QD5PQTP3XUV7MABVDZNN5HJS5PBYTGWNL5Z2TU3SVSJCPZJ6J7SFXQ6DKFJGUZHFLM3SQCDWYYSP%252F%253Frurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8b1719d28e80205c8ce4ec2285a705276ff3bd6c2e6ba01ecb73d0a4f77b94a9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT, HIT, HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 03 Dec 2022 17:46:16 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9odWEtdHVvLWd1LXNoZW4teWktY2FpLXlhby1zaGFuLXF1YW4teXVuLXl1LXdhLXdhLXl1Lmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS1iMTNjNTVkMi0zYWMzLTQzMzItOGFkMS0zOTJhMTdlM2FkZjYiLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV8xMjBYNjAwXzEwNGIyIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjBkYWJjZTM5LWQyNDktNDljMy04MmEyLTM4ZWJjOTE1YjM5ZiIsInRpbWVPZkF1Y3Rpb24iOjE2NzAxNzc2NzMyMDQsImJpZHMiOltdLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdfSx7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjBkYWJjZTM5LWQyNDktNDljMy04MmEyLTM4ZWJjOTE1YjM5ZiIsInRpbWVPZkF1Y3Rpb24iOjE2NzAxNzc2NzMyMDQsImJpZHMiOlt7ImNwbSI6MC4wMjUsImFkSWQiOiI3NTI4N2VlMzk2YzBlNDUiLCJvcmlnaW5hbENwbSI6MC4wMjUsImJpZGRlciI6Im9wZW54IiwicmV2ZW51ZSI6MC4wMDAwMjUsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjY1MCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2NzAxNzc2NzM4NzV9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoib3BlbngiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc1Mjg3ZWUzOTZjMGU0NSIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwMjV9LHsic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjBkYWJjZTM5LWQyNDktNDljMy04MmEyLTM4ZWJjOTE1YjM5ZiIsInRpbWVPZkF1Y3Rpb24iOjE2NzAxNzc2NzMyMDQsImJpZHMiOlt7ImNwbSI6MC4wMjgsImFkSWQiOiI3NDlkMWJhYmY3YWY3OGEiLCJvcmlnaW5hbENwbSI6MC4wMjgsImJpZGRlciI6Im9wZW54IiwicmV2ZW51ZSI6MC4wMDAwMjgsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjY0OSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2NzAxNzc2NzM4NzR9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoib3BlbngiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc0OWQxYmFiZjdhZjc4YSIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwMjh9XX0%3D&c_b=9040.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:35 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame EBB5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 08:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
379372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 08:51:43 GMT
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 9950 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 08:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
379372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 08:51:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6A9D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120101&jk=1170128231590072&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 5DEA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022112901&jk=1967544007027456&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 9950 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UbFnbg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		258 KB
70 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=284501759771433&correlator=2983357261344199&eid=31070232&output=ldjh&gdfp_req=1&vrg=2022112901&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-40&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.02%26hb_ap_adid%3D749d1babf7af78a%26hb_ap_bidder%3Dopenx%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.02%26hb_ap_adid%3D75287ee396c0e45%26hb_ap_bidder%3Dopenx%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3Db995c848cfabdfa1-22383548bed8002c%3AT%3D1670177675%3ART%3D1670177675%3AS%3DALNI_MYpTwV_QrvzArqLS1S5kX4MVpOfJw&gpic=UID%3D00000b89ad6384dc%3AT%3D1670177675%3ART%3D1670177675%3AS%3DALNI_Mb8nlgVfrUUGy9ymcF4h6wYQNOZ-w&arp=1&abxe=1&dt=1670177675474&lmt=1670177675&dlt=1670177667186&idt=8268&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1833988877.1670177675&ga_sid=1670177675&ga_hid=3931&ga_fc=false&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
024641dad2df6d9972c954d4cc90a62b8b41ef0678a5ec243096ecdb5ed47f70
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ad.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ad.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJH1xdjI4PsCFWEj1Qod4FUDlw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11683254097880138339/ad.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ad.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ad.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJH1xdjI4PsCFWEj1Qod4FUDlw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11683254097880138339/ad.html
date
Sun, 04 Dec 2022 18:14:36 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71437
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E1CC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:35 GMT
expires
Mon, 04 Dec 2023 18:14:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame EBB5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?J5xIdw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-127.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 17:29:25 GMT
via
1.1 688d077d459126044c73cddb0faa7b3c.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
2712
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
cn67s3epYTK4oyrGdXY1svR2h7rcdke-DnPNoM2f3m3EJOlSJzgoxA==
/
asia.adform.net/adfserve/ Frame C427 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asia.adform.net/adfserve/?CC=1&bn=56367626;click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCrPyiOOMY9THMZncogPc9JLwCvbU1-NtnZy51YoKwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBPABT9AaFC_jbWUi06y-4Q-mTk_2IJAwGLETcamnEL2A--xUstLp3q0tlkcMmV59fI1ZORirqkMg_9NiUYkdylYsis_RbBJqwEKfolaG0q25BFBrxZU1AXj8PMuCqWxJi78CudtAE7mh5KP8ru8F9sjMq3DfjslFnr5CdQN6DRjXjtnQ3zye_KudbrivBHw2NI0KE6tPp9Ab9piPVy44Fe-UB7V9YYIzbho1kqtpm-TME-rn0MXSfB2HOOp2xQ1HhfI7xJJKgaQbIzSzfUvj5lKqNkgIv6ZB54S1_FCGhsybNDicAu5VmoKwGK1bg9HoxMEqgAbM6Iunp5jN9CigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0JA-u3TZs28Km8kPE--DS1klr8Ow%26client%3Dca-pub-4485239425924787%26adurl%3Dhttps%253A%252F%252Fr1-usc1.zemanta.com%252Frp2%252Fb1_googleadx_display%252F27660748%252F92404976%252FAGKG7OXTSH5KTAIK2L62UXRWSO3DGO2PVEHYMQOXLQ2P26CTVOJHUPNXYK6I6I3HECD6OHJ6LM7K6V7NZ7BDK35BWCIOVFHKQVT4NPOY6GXGXEHCWNIGIQU2HKFHLPL2R4R5HCWPMLXHUBDKRWDPVLUAO6VVRIV5ERMHN66JWOBOEUDY2DJWKSGUH2H2Y2EYKAOYLOLPPXCWQKDR6LPA35QPWF7X7YNLMVGIEKOPSI3ZLBA7FKNFYMYKVEYWCZUCBOZTINI6A7CWRFBBAM5K5SMJEFUMC3MLFITU3WHUQXZ3BYV3QST7GWYPB2PICX3TASW6TDNQPIEDTH6R5O2EODU7UZTO6ZJYGPH4PWFMOPG2U5TXBUGJDAQZBWQ6Y3ZEGI4ABGUF2D75RBXFXOSLQZXN42NPP4UPJOEFAU6LHB5XH7MBSYTHRXLNKI2RVY5T2TXRLTIQB6RQ5UKUMYLEWLQKEBJZONCY7JOR7WMP5FJ6ZOG27CF4QD5PQTP3XUV7MABVDZNN5HJS5PBYTGWNL5Z2TU3SVSJCPZJ6J7SFXQ6DKFJGUZHFLM3SQCDWYYSP%252F%253Frurl%253D;js=1;adfxid=1x;6756;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.bg3.co
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a036083ef5b76036f2ecefb872fd42be50f3bfa51848fbb13c12d5a83f810276
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3661
expires
-1
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oebu0&_p=3931&cid=1833988877.1670177675&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670177675&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&dt=%E8%8F%AF%E4%BD%97%E7%A9%80%E7%A5%9E%E9%86%AB%E6%8E%A1%E8%97%A5%20%E5%B1%B1%E6%B3%89%E5%AD%95%E8%82%B2%E5%A8%83%E5%A8%83%E9%AD%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 19FA 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670624&bpp=11&bdt=2108&idt=1739&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=1&ga_vid=899201855.1670177672&ga_sid=1670177672&ga_hid=886574681&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=314711376&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C42531705%2C31070993%2C44770881%2C31070950&oid=2&pvsid=2769677050538043&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.atvdsnn5y3sc&fsb=1&dtd=1756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
35463
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 08:23:33 GMT
etag
48472445140208031
expires
Mon, 05 Dec 2022 08:23:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C427 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a746e5276bb6c3e0bf2424475296a2c429a7c34e5716a8466b008cb5ba01c4c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Standard
s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame C427 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:36 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
MISS, EXPIRED, HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 05 Dec 2022 18:01:31 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 05 Dec 2022 18:14:36 GMT
container.html
781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A7D5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:35 GMT
expires
Mon, 04 Dec 2023 18:14:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BF3E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:35 GMT
expires
Mon, 04 Dec 2023 18:14:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BAED 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022112901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:35 GMT
expires
Mon, 04 Dec 2023 18:14:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 19FA
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEL3PhijXD7a9g5iQqBxjalc&google_cver=1&google_push=ASkJ3FYnOebX9TUFzMd_fgwT7rIfkDtXdW8kU2vC_lGQPLeTJzLkkDLFTfAgHZuepX7u5a7vG2nsT0QB8e...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYnOebX9TUFzMd_fgwT7rIfkDtXdW8kU2vC_lGQPLeTJzLkkDLFTfAgHZuepX7u5a7vG2nsT0QB8eaMEEYGbKdPsCzoBwVE73V_GiF7A4ltJZ53liIr96x7e-YFJU...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYnOebX9TUFzMd_fgwT7rIfkDtXdW8kU2vC_lGQPLeTJzLkkDLFTfAgHZuepX7u5a7vG2nsT0QB8eaMEEYGbKdPsCzoBwVE73V_GiF7A4ltJZ53liIr96x7e-YFJUKBV61lSZTomZdOXd2XQcfLnIg&google_hm=S2NQeXF0bmY2YmFxajlwaVZzSzltZFhfMEg0&from_google=pc1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:37 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYnOebX9TUFzMd_fgwT7rIfkDtXdW8kU2vC_lGQPLeTJzLkkDLFTfAgHZuepX7u5a7vG2nsT0QB8eaMEEYGbKdPsCzoBwVE73V_GiF7A4ltJZ53liIr96x7e-YFJUKBV61lSZTomZdOXd2XQcfLnIg&google_hm=S2NQeXF0bmY2YmFxajlwaVZzSzltZFhfMEg0&from_google=pc1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
asr
aid.send.microad.jp/g/ Frame 19FA 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEAU3t3dVmcX5p9YFz_ZA8Ow&google_cver=1&google_push=ASkJ3FYumTxRg9Phiiu7BTeZXnzlr7lKOkCx-60f5cCvVKLYDkyxL2SLkYFxFB7JDyIwTMQHFRzhqDnUPp0UwlDBos36KRicvincndL45K6JfDDLVRX0cPLXN8MOypm1-zmJYt0BqXQAVyk7H8vB9CglrVs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670624&bpp=11&bdt=2108&idt=1739&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=1&ga_vid=899201855.1670177672&ga_sid=1670177672&ga_hid=886574681&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=314711376&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C42531705%2C31070993%2C44770881%2C31070950&oid=2&pvsid=2769677050538043&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.atvdsnn5y3sc&fsb=1&dtd=1756
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 18:14:37 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame 19FA
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESENbUwdAY6In6SXwP0mSL3D8&c_param1=ASkJ3FYh-qfXXFzQ-6NR3JTFPS-WYpkZtyS6OgVpXZMuyRUv2LCRvp7Zygb3Bd2zlk3vKekVpajH8nfhEN5EBDgcaPjfNSCeq_0GtbU9cgie29Qwofy...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FYh-qfXXFzQ-6NR3JTFPS-WYpkZtyS6OgVpXZMuyRUv2LCRvp7Zygb3Bd2zlk3vKekVpajH8nfhEN5EBDgcaPjfNSCeq_0GtbU9cgie29QwofyxwjvzzYtclNifXKpcn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FYh-qfXXFzQ-6NR3JTFPS-WYpkZtyS6OgVpXZMuyRUv2LCRvp7Zygb3Bd2zlk3vKekVpajH8nfhEN5EBDgcaPjfNSCeq_0GtbU9cgie29QwofyxwjvzzYtclNifXKpcn0vhGZqoheyqAdeTS5rfKDA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FYh-qfXXFzQ-6NR3JTFPS-WYpkZtyS6OgVpXZMuyRUv2LCRvp7Zygb3Bd2zlk3vKekVpajH8nfhEN5EBDgcaPjfNSCeq_0GtbU9cgie29QwofyxwjvzzYtclNifXKpcn0vhGZqoheyqAdeTS5rfKDA
date
Sun, 04 Dec 2022 18:14:37 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame 19FA
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=C-gw5d0mS_i-b9lmSE-3qQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=C-gw5d0mS_i-b9lmSE-3qQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYmjwFjyd4VqvZJhLbSCYs84Yh26WOTtxVkIvyUx37l0oSAJ8tomkp7fo5-KKIrUDoAkrlM_IUv6lWz6gJtmyamxqPtoMJXPrewlwFTQClE_NdRbA_-aj281TEgsu1yLcN8LLRj9-gXYwIoVxMMquM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=C-gw5d0mS_i-b9lmSE-3qQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYmjwFjyd4VqvZJhLbSCYs84Yh26WOTtxVkIvyUx37l0oSAJ8tomkp7fo5-KKIrUDoAkrlM_IUv6lWz6gJtmyamxqPtoMJXPrewlwFTQClE_NdRbA_-aj281TEgsu1yLcN8LLRj9-gXYwIoVxMMquM
date
Sun, 04 Dec 2022 18:14:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 19FA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FYIpND2OvWPJMMZ9Yj0j3efv1E3MxbmWKBLaqFNIDgOMpKhO2GQ7o0I2S1Rt19Eykcs9KoBO_pXMRQzA5oMYUtwqp4t5co6Sj40_2ZBgS_sY0sUonBIynMAPj4cZQJ...
  • https://sync.targeting.unrulymedia.com/csync/RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FYIpND2OvWPJMMZ9Yj0j...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYIpND2OvWPJMMZ9Yj0j3efv1E3MxbmWKBLaqFNIDgOMpKhO2GQ7o0I2S1Rt19Eykcs9KoBO_pXMRQzA5oMYUtwqp4t5co6Sj40_2ZBgS_sY0sUonBIynMAPj4cZQJu9aj-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYIpND2OvWPJMMZ9Yj0j3efv1E3MxbmWKBLaqFNIDgOMpKhO2GQ7o0I2S1Rt19Eykcs9KoBO_pXMRQzA5oMYUtwqp4t5co6Sj40_2ZBgS_sY0sUonBIynMAPj4cZQJu9aj-JxCmbc9AqBMYIRC9TQ&google_hm=BCxLhM_sAk_viMPf3hZ2bHM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYIpND2OvWPJMMZ9Yj0j3efv1E3MxbmWKBLaqFNIDgOMpKhO2GQ7o0I2S1Rt19Eykcs9KoBO_pXMRQzA5oMYUtwqp4t5co6Sj40_2ZBgS_sY0sUonBIynMAPj4cZQJu9aj-JxCmbc9AqBMYIRC9TQ&google_hm=BCxLhM_sAk_viMPf3hZ2bHM
date
Sun, 04 Dec 2022 18:14:38 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2c4b84cfec024fef88c3dfde16766c73004
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 19FA
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEPCJSOdqeN2OeuJJ090Lzo8&google_cver=1&google_push=ASkJ3FZa7q3U1RN1YieTXoCY9GuaYS64EZVNaLxFGaTbkAUHqAlM2QTJFeArHaxEVUKNPqLf1BbidzqKv7UhplD790oXQGVxFtOcp...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZa7q3U1RN1YieTXoCY9GuaYS64EZVNaLxFGaTbkAUHqAlM2QTJFeArHaxEVUKNPqLf1BbidzqKv7UhplD790oXQGVxFtOcpi4yq_MJj65m_a7cF_DzOO5n6Ki-St...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZa7q3U1RN1YieTXoCY9GuaYS64EZVNaLxFGaTbkAUHqAlM2QTJFeArHaxEVUKNPqLf1BbidzqKv7UhplD790oXQGVxFtOcpi4yq_MJj65m_a7cF_DzOO5n6Ki-Stf4nwCbn1KzjQdGfIQ2LidN7w&google_hm=dc800114418eeeea635954311d0cf3bb
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FZa7q3U1RN1YieTXoCY9GuaYS64EZVNaLxFGaTbkAUHqAlM2QTJFeArHaxEVUKNPqLf1BbidzqKv7UhplD790oXQGVxFtOcpi4yq_MJj65m_a7cF_DzOO5n6Ki-Stf4nwCbn1KzjQdGfIQ2LidN7w&google_hm=dc800114418eeeea635954311d0cf3bb
date
Sun, 04 Dec 2022 18:14:36 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
sspsync
cksync.yahoo.co.jp/ Frame 19FA 		35 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEMnpGljeJLf4e8AzO8brwlI&google_cver=1&google_push=ASkJ3FZYQ0AD6IukwzCQpSpV24O3Xsn-Ly50OshHESTk3fA7856lm3N1MFKnq1wj0I3TE_LKO4bqUnwfiULOy-xCdbKQNtqF72C7IuCFgWqbMFsVYPNQYf0LONXgFuVMDmYFryKdLtci6WGsOwyTPzRsLSTy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670624&bpp=11&bdt=2108&idt=1739&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=1&ga_vid=899201855.1670177672&ga_sid=1670177672&ga_hid=886574681&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=314711376&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C42531705%2C31070993%2C44770881%2C31070950&oid=2&pvsid=2769677050538043&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.atvdsnn5y3sc&fsb=1&dtd=1756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:36 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
attr
cm.g.doubleclick.net/pixel/ Frame 19FA 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JZdEZZTFUTUkuhy3I1u3zED38qqcQ73-qN_b2RMqyLCI1LSb8YdB7Al3NSgcm0UakQSXvZ_w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670624&bpp=11&bdt=2108&idt=1739&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=1&ga_vid=899201855.1670177672&ga_sid=1670177672&ga_hid=886574681&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=314711376&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777876%2C42531705%2C31070993%2C44770881%2C31070950&oid=2&pvsid=2769677050538043&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.atvdsnn5y3sc&fsb=1&dtd=1756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9729 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
ea3fbc7b348cac9981f19ca7cbed06ef85af77ca276551b5e074dbe88c7f3285
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12433
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 05 Dec 2022 18:14:36 GMT
/
asia.adform.net/csimpr/ Frame C427 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://asia.adform.net/csimpr/?bn=56367626&csi=hHaaoKfXaK0VKngSvzl-SCoekmM0e7cfo-Yc4GmGQEXrygPkIxxfk4C7D8kQVnHxXjD9GSQwrNwI1hnhALs9iN6vWmW1dlSa0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3E40 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
27b7c48c85913ebde0737def5188024fc06ed84a84f11e37c5f90c123b02088a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12511
x-xss-protection
0
11240091.js
s2.adform.net/Banners/Elements/Files/2111416/11240091/ Frame 0E1D 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/Banners/Elements/Files/2111416/11240091/11240091.js?ADFassetID=11240091&bv=513
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8c6af3eda3fb057943991e6f4cb4b09706f6fc422de9f6fd6130347e4446493e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:36 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 23:24:13 GMT
server
nginx
x-amz-request-id
tx000009b23823e03ebca98-00638b5f17-3293868f-default
etag
W/"e4cbd12b65e1415d73b367e76b1a6327"
x-cache-status
MISS, HIT, HIT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9729 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Dec 2022 18:14:36 GMT
pixel;r=1751662634;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1751662634;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-269279033-1670177675515;pbc=301861fa-c7f3-49ca-a1a2-b62c4869de5e;ns=0;ce=1;qjs=1;qv=48c6ea86-20221121114006;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1670177676759;tzo=0;ogl=;ses=f55d33df-508e-45cd-b3b1-569567ec91ab
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
css
fonts.googleapis.com/ Frame A7D5 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 17:41:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Dec 2022 18:14:37 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A7D5 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 00:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
63291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 00:39:45 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A7D5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVVhei-OMY9CDJ-HG1Abgq424Ce309OJt4vqui5sQ9LzT5J84EAEguoTAM2Cr7LGF4BigAfapuPcCyAEJqQJEv7Qal6yxPuACAKgDAcgDywSqBJ4CT9DEOiP4HLJ9b9-exrIL1KEkuqAfnyrpaJrLuQKbZFvOsTJZoEcskUZUaxM3siv7GL1oNjQnzSe8qyIgyUTqHl9fOrpXr4lL_w3tTHdPpdrXvQW8NDokPh58X23SBU_4Gx-sqkaLK2FS5NOwxyjsGBmHYKE17zIz4UvQRQ9LFKKFgITUdeGE3ZdaAG01A_uDWPdTlK1HpUv7XibeJvnR9wymjQlKBoNlw968YGUIn2qO4_oqGNYuI5srurlxWogMTQ5m9xzbdNIeRVycXmunOcwybZyzBLmNnxekzPoAI49ZDXj00aeAYdtk64MhCeinTVddf_8Upa0rB2Hstjfg4_3ys2D5GF-uVsvOgQC7HRIjpgpyrfeLbFn3CF-qdMAE_KGMv54E4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9DN360BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEO3GBdIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAdgTC4gUBdAVAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=ewl3ieiype4&uach_m=[UACH]&cid=CAQSPADq26N9koUpTzMJ6Aa4fTdxcgyTFhjAkP2cux67g7zliHYo1uo_KvCZA6xWPBclf-R9cJFPdNZreWo92BgBIBM&template_id=494
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame A7D5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 15:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
9145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 15:42:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A7D5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 02:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
55218
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 02:54:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A7D5 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 02:40:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
56041
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 02:40:36 GMT
l
www.google.com/ads/measurement/ Frame A7D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsbYz7gpmf-GfWQIe3wRvIqOp_eBSfJ9BG2cVJGct-eiv5CQmLazfnVxPLS60QWBIAaCCFTC_NBbEiOWloL3CM2w0MKw
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A7D5 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Dec 2022 18:14:37 GMT
83de75e735dabeddf4e705de6f0a2f41.js
www.gstatic.com/mysidia/ Frame A7D5 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 05:03:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14157
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 04:29:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 01 Mar 2023 05:03:03 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame A7D5 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSJ1SYK3ssSedud--XzB-_fIvl5ELtkh_DXllvGogPgAV3lRv4&usqp=CAI
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f100.1e100.net
Software
sffe /
Resource Hash
7f55dc7390f19919a895b47cf00c75191a09028630323329d5cc40a968a8dbdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 17:39:30 GMT
x-content-type-options
nosniff
age
2107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8617
x-xss-protection
0
last-modified
Fri, 27 May 2022 09:41:10 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 04 Dec 2023 17:39:30 GMT
truncated
/ Frame A7D5 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79e3ea3976fa9edbe81670b235f4894978187f61f62a80118a26b5d43fc76e23

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
shopping
encrypted-tbn0.gstatic.com/ Frame A7D5 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRAgtMy465hSV_TZ6tiuOfodZgmH7St005JXK04o2n-Zx03jG0&usqp=CAI
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f100.1e100.net
Software
sffe /
Resource Hash
a2a756cf5911a35290f13783316b5916d1df393cda5fe005a3f5b408e3997906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 17:27:03 GMT
x-content-type-options
nosniff
age
2854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28205
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 08:03:37 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 04 Dec 2023 17:27:03 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame A7D5 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT3bNO0wm8s9nJ0oYNWl28xUDOcm9Jpt99wwMa3KV6aLKuB17k&usqp=CAI
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f101.1e100.net
Software
sffe /
Resource Hash
9d1f4186901a9a5293204646b9c1748b495e3e4dc4b13dfe89b1cbceaf442e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 16:44:36 GMT
x-content-type-options
nosniff
age
91801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10074
x-xss-protection
0
last-modified
Sun, 08 Nov 2020 03:27:35 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 03 Dec 2023 16:44:36 GMT
13168193170346685158
tpc.googlesyndication.com/simgad/ Frame A7D5
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODA6YPz4AEQsAkYsAkyCPHV65REjbm3
  • https://tpc.googlesyndication.com/simgad/13168193170346685158
43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13168193170346685158
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
29685361313686d0c22606aa8b69480617206cc3c84b4bdc77cb3376773b9c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 20:43:12 GMT
x-content-type-options
nosniff
age
77485
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43988
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 15:51:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Dec 2023 20:43:12 GMT

Redirect headers

date
Sat, 03 Dec 2022 20:43:11 GMT
x-content-type-options
nosniff
server
cafe
age
77486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/13168193170346685158
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 02 Jan 2023 20:43:11 GMT
ad.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ Frame 4127 		2 KB
793 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ad.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
df466acf0d08569d751ea4784c2716b0e106b5623f80ba3930e64b5a7650900e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
764
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:37 GMT
expires
Mon, 04 Dec 2023 18:14:37 GMT
last-modified
Fri, 30 Sep 2022 11:26:22 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame BF3E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqoEzi-OMY9GDJ-HG1Abgq424CYiC-eRtrJrXyL8Q29keEAEguoTAM2Cr7LGF4BigAca1gJoDyAEJqQIdbH0ZcHqlPuACAKgDAcgDSKoEpQJP0EX2npECTvvqA_gK9pDGuBrCwgkC9YyoWSqzIuvUMgzUJr8MdXaQiJfgXRF-VNKBcB6xon9yfApdXOA25LAK1a3Z8drPotF43lVHGPozRt1nwb_hM_anEshlAyzG5yzi51_b6DpIZQIX5EiwUfkQXnzYSPSLLQmfmZ0A_OtYE2AOQKaOia_BzFwX2qvUtZDL-YwqwPUhThXi_aXxEIeap0MADv_pVx8XaSf7ZQDhPFgOW9wirmROHI7bAx44Y27cAQpDMh_my6i8G-vBmy4iXkBnYtajfPgnREEMdsAauUXVsb0GvmofpPcYKCpHv1HsYku6NuRBkvHiCR5VUvj6YUjXedMQFRz_nSY5tFthPuH2gBG_U27qW26qp_lNerAYF3PrgsAEip-58P4D4AQBkgUECAQYAZIFBAgFGASgBi6AB6LK_2WoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC7sQPSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHYEwLQFQGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=9WkmzSfrkCw&uach_m=[UACH]&cid=CAQSPADq26N9koUpTzMJ6Aa4fTdxcgyTFhjAkP2cux67g7zliHYo1uo_KvCZA6xWPBclf-R9cJFPdNZreWo92BgBIBM&template_id=419
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame BF3E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 15:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
9145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 15:42:12 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame BAED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-GgKi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSVAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjfEEzyZq1WJN0u85DODN-KgADynvcbX9luma7fbcU61p2MWj57_HgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=6A0KWQs174s&uach_m=[UACH]&cid=CAQSPADq26N9koUpTzMJ6Aa4fTdxcgyTFhjAkP2cux67g7zliHYo1uo_KvCZA6xWPBclf-R9cJFPdNZreWo92BgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame BAED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kI3fEfn1BnjYBGL4LRICAAAA-ONZtFtuTcMQi-OMYxFETb2WVMduFf6uABIAAA&wp=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
129343
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 865C 		143 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
321e39ddeed6917973425fc21189e51b459379ec61eab959a3858a4215a7a839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:37 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=xAxCOnQ0ehJG8olT9-YhL9DiGvuUa3lXjPzME5GyOtN-XsXwCOcKOl1XUIXL1rYG3kX8IkWBNVgSWDl1FHaX5ox6Y7UgcQeND87bmdH1OC3gnsi06tUXzpo0DW8FMvb1ZXLa-nDy0bFT0IR06Anv3YwrDujsFV6sHxJ_qYcmbckAk5pJKC5noP8DYuAUaNAqTWHG3DBLWvdsGSlCB-Vp1ntdMYBfJdf8pjRdy-_HOyIvFpeyVJEPIpokHMfye9VJtcQwTQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
69838995
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame BAED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 02:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
55218
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 02:54:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9835 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
35464
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 08:23:33 GMT
etag
48472445140208031
expires
Mon, 05 Dec 2022 08:23:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame BAED 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 02:40:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
56041
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 02:40:36 GMT
l
www.google.com/ads/measurement/ Frame BAED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSN4udWotAujGLpeO9q3odBVlx5oCY0VEE1D8bjlim_qaSx9jRvULeMt2SSKHvChjuxJdK7cPTV8e-L1oJohIkny-BY2Q
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BAED 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 04:42:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
48750
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Dec 2023 04:42:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BAED 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Dec 2022 18:14:37 GMT
Adform.DHTML.js
s2.adform.net/banners/scripts/rmb/ Frame 0E1D 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:36 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx0000060e0239db3058fa3-0063766001-32941e2b-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT, HIT, HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
createjs.min.js
code.createjs.com/1.0.0/ Frame 0E1D 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
42.99.140.170 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-170.pacnet.net
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Sun, 04 Dec 2022 18:29:37 GMT
css
fonts.googleapis.com/ Frame 0E1D 		2 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:600&subset=latin
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
a12f64cad3e3b6dbad5d094c5ec316e18b64cbab9b4a1481e46d0afe4d707110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 18:14:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Dec 2022 18:14:37 GMT
index.js
s2.adform.net/Banners/Elements/Files/2111416/11240091/bvpath_513/ Frame 0E1D 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/Banners/Elements/Files/2111416/11240091/bvpath_513/index.js
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f8c6274be8ab5d7dafd695c4683723ea43bc60fa25fa75d6834b4aabadc0cb2e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 23:24:13 GMT
server
nginx
x-amz-request-id
tx000000063d5b0b3355891-00638b5f18-329373d4-default
etag
W/"29b762426bc7904813be16876d37c7f6"
x-cache-status
MISS, HIT, HIT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3E40 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Dec 2022 18:14:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DF41 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
8374
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 15:55:03 GMT
expires
Mon, 04 Dec 2023 15:55:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 05E0 		783 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
GSE /
Resource Hash
fb793fe449b3e028c3ce7965fa9bddfaf1259150f8a60e0dfb0ff7782419f49e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LUvNm2aXBVdfD4-2ZRwysw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-LUvNm2aXBVdfD4-2ZRwysw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:37 GMT
expires
Sun, 04 Dec 2022 18:14:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9835
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFMvHLl1cdGGDwED1JeSbrY&google_cver=1&google_push=ASkJ3FYC0Et1XlS_xGycs8olUuSfw6yhfviFM6elJySxGd6EymJ1-bAwjQcNnvvzVjIDyy7izTVOAfpQPduMZ-xOyDHkWDInrTiEE...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODgwMjM5NTM5NTExNjU3NDQ4Ng==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFMvHLl1cdGGDwED1JeSbrY&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFMvHLl1cdGGDwED1JeSbrY&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 04 Dec 2022 18:14:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFMvHLl1cdGGDwED1JeSbrY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 9835 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELgptLtCCRH6pMrK7bmq6LQ&google_cver=1&google_push=ASkJ3FboQDohENyxrSHTUFZydZwIFSL5rRwG6uOvc6EsBJl36OuaGRJMwjsVwcVw03e6hjib2_bOuzJfT4Ine43-Hg_i5J3wPsUEJ25y5zKI0kRldZzB6IzxoMcFDPHso6F8bvmv2wMDsmtZT2oOkZeMOHE
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9835
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPWzrz175wY0WqQSrIjRXGM&google_cver=1&google_push=ASkJ3Fb0oM2hoEpZGYZst3707Qz_JC0Mh6id5BY5TtpLg-bTSDvsYtjP-eDH5zvTLGWcl7k-nvAk42YjAQvLUnWF...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3Fb0oM2hoEpZGYZst3707Qz_JC0Mh6id5BY5TtpLg-bTSDvsYtjP-eDH5zvTLGWcl7k-nvAk42YjAQvLUnWFLzPCOoYv6I4c9a8biHgT2Lmmj2_hZc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3Fb0oM2hoEpZGYZst3707Qz_JC0Mh6id5BY5TtpLg-bTSDvsYtjP-eDH5zvTLGWcl7k-nvAk42YjAQvLUnWFLzPCOoYv6I4c9a8biHgT2Lmmj2_hZcPFRYiHcoODm5S8qJzaPDtDPkngX4Fsr5ZnV5o
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 04 Dec 2022 18:14:37 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x2 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3Fb0oM2hoEpZGYZst3707Qz_JC0Mh6id5BY5TtpLg-bTSDvsYtjP-eDH5zvTLGWcl7k-nvAk42YjAQvLUnWFLzPCOoYv6I4c9a8biHgT2Lmmj2_hZcPFRYiHcoODm5S8qJzaPDtDPkngX4Fsr5ZnV5o
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Dec 2022 18:14:36 GMT
pixel
cm.g.doubleclick.net/ Frame 9835
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPW4FrxHwhzqNFAK3j34-XM&google_cver=1&google_push=ASkJ3FZnh3h8tZlAnZN525OuQMxBmjP_C9tlD49loHXMDBdyRfKHz_eXJBsxKu470GE5s29P1juwMiSPS9F3FS1E7Y...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEPW4FrxHwhzqNFAK3j34-XM&google_cver=1&google_push=ASkJ3FZnh3h8tZlAnZN525OuQMxBmjP_C9tlD49loHXMDBdyRfKHz_eXJBsxKu470GE5s29P1juwMiSPS9F3FS1E7Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=M2VhOGE0NWYtZmI5Ny00MjQyLTlmNzctZWRlZTllNjY1ZmRl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3ea8a45f-fb97-4242-9f77-edee9e665fde
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=M2VhOGE0NWYtZmI5Ny00MjQyLTlmNzctZWRlZTllNjY1ZmRl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3ea8a45f-fb97-4242-9f77-edee9e665fde
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=M2VhOGE0NWYtZmI5Ny00MjQyLTlmNzctZWRlZTllNjY1ZmRl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3ea8a45f-fb97-4242-9f77-edee9e665fde
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
spacer.gif
an.yandex.ru/resource/ Frame 9835
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEO6b7LeAJPEiNGcocW4YHxM?ext-param=ASkJ3Fab88LMGyno4B_YzQa1dIQBnRv1tSrY5_m4IycHZrU4T04h9iO_MEkvXH4GXxbq20jWL2IpJavXcTRs9bs4iV0xiKAo9PQWaLoRIariQdKFKDw703Ffw2FG...
  • https://an.yandex.ru/mapuid/google/CAESEO6b7LeAJPEiNGcocW4YHxM?redir-setuniq=1&ext-param=ASkJ3Fab88LMGyno4B_YzQa1dIQBnRv1tSrY5_m4IycHZrU4T04h9iO_MEkvXH4GXxbq20jWL2IpJavXcTRs9bs4iV0xiKAo9PQWaLoRIari...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEO6b7LeAJPEiNGcocW4YHxM&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Server
87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2023 18:14:39 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9835 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ic-7NX0yL7pOjVMbaIabbZg4eeMJ4qiXRCYnYkbGotG2oke48hTO34aXLy
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4127 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ad.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 16:10:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
7458
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 05 Dec 2022 16:10:19 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4127 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ad.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 12:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
20308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 05 Dec 2022 12:36:09 GMT
style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ Frame 4127 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/style.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ad.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
41112c6a967d8bd529244b94e0c117b2ae2827c419261826bb8ac5b590466945
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 04 Dec 2022 18:14:37 GMT
x-content-type-options
nosniff
content-encoding
gzip
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1621
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 11:26:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 04 Dec 2023 18:14:37 GMT
css
fonts.googleapis.com/ Frame 4127 		5 KB
734 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ad.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
c22d480d89accbfcdff49d03e40f8642b1f1e867492cfd13604e3cc11df78b56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 18:14:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Dec 2022 18:14:37 GMT
script.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ Frame 4127 		2 KB
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/script.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ad.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
1bd5b76c27f14dcf178807f6a204ab8b42e21cb46f736d6b4b07ffad2f2d8b4b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 04 Dec 2022 18:14:37 GMT
x-content-type-options
nosniff
content-encoding
gzip
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
544
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 11:26:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 04 Dec 2023 18:14:37 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ Frame 4127 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ad.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
f5da9e3278a823a9d1b068c25e70c72b97f71f3d5b919793abf38422c6425490
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 04 Dec 2022 18:14:37 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9752
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 11:26:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 04 Dec 2023 18:14:37 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 865C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:14:37 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 865C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:14:37 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 865C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 29 Nov 2023 18:14:37 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 865C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 29 Nov 2023 18:14:37 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 865C 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=lluxifqBv9eM7BbR-0a4ZqaM0xY1P_j8ftg1Rj0vfQ2EOKrYt_q5msClU-JH1zXk5IUYnKcyjrjVM7bqO1Ghb82nfPAU8tJ7VH1-4Igyn9P7oy1-wO3waqkfvnf_y2dTBea9j1wCHF1mbz6ubEo3NJFpT__VNr0J6K23H-usVjGt3KL7HJi7W50THNFBSjldfQb4dUqPWoMsvZVxPVTo-DAE6XcUH07D7seYsEHRcycTkDrIuqqW2shhfsmyNK3QN6XjzPW4NfkV5ETIjtxXIwyc7HS8ML63Kv9OVRhGzXT38vGT0amGnMIDdjasgOwFoi8ir31GKbv-74x8xU4P2tB1bwhl6uEEXRZREYqzCbcSpzjccBfnOE6spdrb1Ri3dMjQ64f4pSF2zCeju-yO8qnUjcV92TYVLSVM3pN__SRpzjZv
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1753606
expires
Mon, 26 Jul 1997 05:00:00 GMT
19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
static.criteo.net/design/dt/ Frame 865C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Dec 2017 12:57:30 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5a2151ba-3b68"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:14:37 GMT
b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
static.criteo.net/design/dt/ Frame 865C 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 30 Oct 2017 21:00:07 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"59f792d7-7a00"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:14:37 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 865C 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1027168
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Nc1LPup4nidLlCPCORxZDaB0bRJB4zC%2Fymv9DoH0PHEeyVV3z9F5N06qlXXW0Sb%2BxH%2F8ufI4QcRp78Vw%2BWfKvRdwxl2iRl8s8TufH9w3LqL7jdLc1HHgaElb9ABzU5rLdsF5fkN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
774685d5ba3ba955-SYD
expires
Fri, 24 Nov 2023 18:14:37 GMT
animejs.js
static.criteo.net/animejs/ Frame 865C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:14:37 GMT
img
pix.as.criteo.net/img/ Frame 865C 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_56J804-042_C_0004_al&v=3&w=400&s=o3pCFyTqmmz5RniSbUQyZH5n&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
75421959fd0e01aace5426f5cc5b434a990f84f23d4b18d764392016f25cc101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13386
expires
Sun, 04 Dec 2022 18:14:37 GMT
img
pix.as.criteo.net/img/ Frame 865C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_496606_al&v=3&w=400&s=SR-aNxe5lzwAX3VZV7yhZ0Ty&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
a764d8fa0542053f90b23883eebaed46ce92833ad3d74c86f9b570f55aca0801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4756
expires
Sun, 04 Dec 2022 18:14:37 GMT
e17b02ed130a4e96b5cde96af00e85ee_cpn_120x600_1.jpg
static.criteo.net/design/dt/77429/221123/ Frame 865C 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/77429/221123/e17b02ed130a4e96b5cde96af00e85ee_cpn_120x600_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
4de80c8730c0a0e08bc85a916ba0b42c755bf5f9c23987335b202af765d66f20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 23 Nov 2022 14:31:20 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"637e2eb8-7d2f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
32047
expires
Wed, 29 Nov 2023 18:14:37 GMT
img
pix.as.criteo.net/img/ Frame 865C 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=77429&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F3730%2F191118%2F3fe3659104eb4da6bd5ace1f557d37fb_logo_darkbg_horizontal.png&v=3&w=236&s=fn1lw9pu4fi6VIUycujxYBwz
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
63000f1d5ddcd10ff7812cf6f2eee53820014c23995b5c2b62919fb0ce6e0a50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28110678
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7996
expires
Thu, 26 Oct 2023 02:45:56 GMT
img
pix.as.criteo.net/img/ Frame 865C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_562440_al&v=3&w=400&s=JquBGOqe1vUX6kTAEG3XSAm0&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
326876f5fc6840b5cedf84df6c1f4731c1c90341ebf7556e6e1f2f1ec3c24a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11040
expires
Sun, 04 Dec 2022 18:14:37 GMT
all
csm.as.criteo.net/ Frame 865C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=xAxCOnQ0ehJG8olT9-YhL9DiGvuUa3lXjPzME5GyOtN-XsXwCOcKOl1XUIXL1rYG3kX8IkWBNVgSWDl1FHaX5ox6Y7UgcQeND87bmdH1OC3gnsi06tUXzpo0DW8FMvb1ZXLa-nDy0bFT0IR06Anv3YwrDujsFV6sHxJ_qYcmbckAk5pJKC5noP8DYuAUaNAqTWHG3DBLWvdsGSlCB-Vp1ntdMYBfJdf8pjRdy-_HOyIvFpeyVJEPIpokHMfye9VJtcQwTQ&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Dec 2022 18:14:36 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 865C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:14:37 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 865C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:14:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CD8B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
35464
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 08:23:33 GMT
etag
48472445140208031
expires
Mon, 05 Dec 2022 08:23:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame DF41 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 08:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
379374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 08:51:43 GMT
truncated
/ Frame A7D5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b0fde8a39f06a9ab2072dbb9729f06a8e3ab8ea6aa1113b4f4dc4d17d9391df

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame DD22 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
1668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 17:46:49 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame BF3E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 02:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
55218
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 02:54:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame BF3E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 02:40:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
56041
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 02:40:36 GMT
truncated
/ Frame BAED 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae7bcac8580f3e937c28e786c947aea636a5ebe3e7b6f57c06410cb5cb1ad057

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D89D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
8374
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 15:55:03 GMT
expires
Mon, 04 Dec 2023 15:55:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B612 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
GSE /
Resource Hash
748126b5aa983ea6de48c1f3946cbd7f578363fdea7a42a944a69d629db41ddd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OQU6_ddHiFQenltVG6A6gQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-OQU6_ddHiFQenltVG6A6gQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:37 GMT
expires
Sun, 04 Dec 2022 18:14:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 652B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120101&jk=1170128231590072&bg=!wcKlwobNAAbvMpMzzzI7ACkAdvg8Wl5Fp_wyoJHwJHS1LQmFGPdDnv6JH9mEdqKhx74WecB7wku3hgIAAAC2UgAAAAJoAQcKAFpfY9Ei2Kz5g26IN17mA8qvcMg2Tm6sfjW8GgeEJ4vMJSzVfrPJiTNcp9xRCnjHy4KqLZS-vgNEH3AG9E89BYhDrWz90VJtu2Z1BDYzjQ3YR8qf8I8z0rpE_leZAsUrHMefWWBOYf-XExnBmQZb3KlCNTedoyNffv5blYp1Ti4VtlHoxF3zRM7juBIqQ2aZEetnfvS0_boqhCW9nsDEcoHO_dkB3dPUgD3u1fuPhxIMPKQStXmk8BCbbLgel95Eh8RUz5Senq5XZxVzrGoEHhqzunmg_CpwP8FXmzBXdJbfLjNcvfAvVPW1faF0ctVaYMvmJEAkHd1zbQc7D4INz6Oxjo-s3hIlbfjZPwVofj-rW_Djd9nBV6EfWU09keUmFcyOhACamyCVnkLZaBVvSD_uIqwa7Rfo243nLtgOf_5lYA4CqRkZhMvrTI4DxlAwtcKferhWCMdTbJ5uu9BkmUKrbfstbo7wt1EWvczVCQZ9WtMaGdZfgqu1vgxfZvRWuZdxAgFxCgXGzDe04rOXDVqgyVGhG545lev47yL2_EAbVndD-yUBwG3mji-HHwwwbT_6ckmPSgpuk0kpEs8KhI1jZqGJBS1s8IhXvIvFKxKh_cXDeZZPcB-Zykdg9Dwjncjupz6ccySpuDgmr-2gQaUscOBbXntmlULVZqx1SAMe4wlE6pmgyXJdvnw0Hjv4EU7QJY07FHkLugj5znG1emPDJS9DDsiVE9fja_73CJGcsGNLz99BB9LmdQZlrqxbbhvbAjmcwlsy78wNoqFBcturA28UDtIsudh9d_x__FHLcKIYkrAAsHo7BLpaE-tpXWFh7x-DfbYNYhJQ4LGOgRHOLjQWOa0HOV_VHx6YFhfK60_JZXICd57R_y-nDX298gH70ZfLxMMkLWfVqwKECYTRLvOD9yzcdtWYRzWBTESusCbM-SDYthvejSwBZYksGCrgujiHxBSsc3xhWwnIWN87ZbIoQsY2tQW4pWypBjHTvv8cobCkfgf14JvLiuX0lsqS85fR9CWJN0MqIDWolxwUgI82P9iBCs_7NKONc3ouQAZO
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B06D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022112901&jk=1967544007027456&bg=!7u2l7anNAAbvMpMzzzI7ACkAdvg8WnoTwj31JvXMwAgzpbo_tPK4aq5QKd0-VyveiC-1EabkDfZBtgIAAACpUgAAAAJoAQcKAId4gJIH4hqhP3M3EyUVbCNRJPo7p0qidlDkEh3PS3BvDddqcBOdjQFo4fxzA3u1EAXIYV28YNdu1ihqtCJmkagfsIfl6vadR5BjTYiD2xhYeoK2xjyQyB-HGwmuF8iEZ5EzHK_3XF22IdYuyHy6i4qf9ivMM7l-zjnq0H9wHbqfZIoF1J3FXS2ZArRlOJuZqw_3Wu2EHPhTzckVGF4wTpGXU-2VYRCa6BFQ9cwhqTC9fVfnQxjgp43XLYGLA2IE4Raf__2IjvAq-LXIR8n0g7Qo1ykQLZp1EcUQtHwakQGeH5nRAkontWz35pBnVBxQMDVqn2Kq71NF5O1SvDtkz3SKl44SxFwKIhK7LBn-7uvUTzCQaLue5CyYW9Ze5IiyECQUHyJG1MLRNBK3h3SpSrn9YTV6uzWjb2cnDQpJ1HQzB3TpI8zjgeF9GaKs16bsZALEeQC-Bpsdci55zFMGkEN9CxN5WkGXiKxOCQMVpf7FDcwpUMU8R9kSCUFtyvZChn7gyGIMlgpbvzoWIWd5PJHoXHRa_xYXWBrn77_6CTC7BRJUCVHLOb5d5nhvCjnKAxmb02TJdI84lhxb4oGhTLrWsG_q--0ZKUH-Wv4lGRpEyudfGBZ_T_UXVSVvS1_s7EUHVSaBI4hZsQSMRLBGsBBZTBsBxSam3PVK11X6pjnU5zXVGowMwyecEjaM1lye6hAG7Ad7fRVb67rw8ioexCSnoB_eQ0anzKQ_g3Id05eG0POsgjXeBDgI-S68K_JQtzK46PgSleScCLAzXlp2cYLqx9IIGn-9BPyjB2Mhf1L6KjzlIRRfLun18sxUNgRwtaxS5774GuX_4bx65njhgIu6l0WIBguoAMSTEj18UQa_1nHwjM87tp9XmSedUABPbgxXXc99ytNTFppXNWwry-DbzgV_dksa5mmm6Pau6KnDos07KG0pBbbjHWAawvYSwFqSTh-6wHFcRbk_O02Uj2OAaiRH3zLIj6M584rVOYp5tVaASErCw_1uWu6jOdZIWl1c_jPSKDzjeTd60KARo8whoegcf8Fx4H9iBm3OPE_nFt5NYoEPu-f8wQ6qOTcPU7oTiY6kk6KJ3esvRw4MWg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 05E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1260793036798672&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame C427 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6TIG4nIorHehZpWQAj1MF2k8R70Mm0anplLNwUvk1np84UGAtX_te0Bq9gKlSuFS3nWjvf2BjT4Mnzi9bDcDFbi_V&sig=Cg0ArKJSzO4UzRylocKAEAE&cid=CAASFeRoZgw9HQ-Tust0gDkTwzH7wMRseA&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670177673259&rpt=3388&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame CD8B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFMvHLl1cdGGDwED1JeSbrY&google_cver=1&google_push=ASkJ3FYN0c-f4ql2nGFhvofj_9QSjbR17154V90vy9G43XgCwTFZdlWHSdoUNrHMYK3jkB0AwX_AVSZB0wAwGhHYa_eQTxBquNCIY...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODg3NDQ1Mjk4OTE1NDUwMjQyMg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFMvHLl1cdGGDwED1JeSbrY&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFMvHLl1cdGGDwED1JeSbrY&google_cver=1
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 04 Dec 2022 18:14:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFMvHLl1cdGGDwED1JeSbrY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CD8B
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELgptLtCCRH6pMrK7bmq6LQ&google_cver=1&google_push=ASkJ3FbW35hkfjalC0iPmLifd3xm7nBaH5WmtFC3jkQ0z9cwK7cTcbGgGk...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FbW35hkfjalC0iPmLifd3xm7nBaH5WmtFC3jkQ0z9cwK7cTcbGgGkKPgQpsflwRFXmijx7RGbyP7annu-MUpCNu0cZCGDgb1OoAnyOQQNK-lYoNm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FbW35hkfjalC0iPmLifd3xm7nBaH5WmtFC3jkQ0z9cwK7cTcbGgGkKPgQpsflwRFXmijx7RGbyP7annu-MUpCNu0cZCGDgb1OoAnyOQQNK-lYoNm1nrvcFxX8dH2dNS4pEkVNHrv41mQK1Kh3ugnw&google_hm=RYa2mc46-H4tBjLHPK73Ew
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=ASkJ3FbW35hkfjalC0iPmLifd3xm7nBaH5WmtFC3jkQ0z9cwK7cTcbGgGkKPgQpsflwRFXmijx7RGbyP7annu-MUpCNu0cZCGDgb1OoAnyOQQNK-lYoNm1nrvcFxX8dH2dNS4pEkVNHrv41mQK1Kh3ugnw&google_hm=RYa2mc46-H4tBjLHPK73Ew
pragma
no-cache
date
Sun, 04 Dec 2022 18:14:37 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CD8B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPWzrz175wY0WqQSrIjRXGM&google_cver=1&google_push=ASkJ3FZdqCYOhzsYiJqBgtlgFO6K2m4sCnbAmaD17H1Xm5BdYipxkUUShGFkG9LIlBz4yWKYbVnurNoSx7OmDoJO...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZdqCYOhzsYiJqBgtlgFO6K2m4sCnbAmaD17H1Xm5BdYipxkUUShGFkG9LIlBz4yWKYbVnurNoSx7OmDoJONNpge1jzDE6GQbyfUvvMg3QVu6YvrM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZdqCYOhzsYiJqBgtlgFO6K2m4sCnbAmaD17H1Xm5BdYipxkUUShGFkG9LIlBz4yWKYbVnurNoSx7OmDoJONNpge1jzDE6GQbyfUvvMg3QVu6YvrMo0xW4AYamPk1oLP11QSP8E0VtW2UFPOcR_QGk
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 04 Dec 2022 18:14:38 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x23 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZdqCYOhzsYiJqBgtlgFO6K2m4sCnbAmaD17H1Xm5BdYipxkUUShGFkG9LIlBz4yWKYbVnurNoSx7OmDoJONNpge1jzDE6GQbyfUvvMg3QVu6YvrMo0xW4AYamPk1oLP11QSP8E0VtW2UFPOcR_QGk
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Dec 2022 18:14:37 GMT
pixel
cm.g.doubleclick.net/ Frame CD8B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPW4FrxHwhzqNFAK3j34-XM&google_cver=1&google_push=ASkJ3Fah8W_aotQZyKN53Frmoi1hycY5lrrgyt95PBGxAPwDWXLiNcNpgdBGgM9wuzDaDyeQV2NAY_g3K8ohpq7rVx...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=M2VhOGE0NWYtZmI5Ny00MjQyLTlmNzctZWRlZTllNjY1ZmRl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3ea8a45f-fb97-4242-9f77-edee9e665fde
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=M2VhOGE0NWYtZmI5Ny00MjQyLTlmNzctZWRlZTllNjY1ZmRl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3ea8a45f-fb97-4242-9f77-edee9e665fde
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=M2VhOGE0NWYtZmI5Ny00MjQyLTlmNzctZWRlZTllNjY1ZmRl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=3ea8a45f-fb97-4242-9f77-edee9e665fde
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
spacer.gif
an.yandex.ru/resource/ Frame CD8B
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEO6b7LeAJPEiNGcocW4YHxM?ext-param=ASkJ3FZbC9tO6_17yJL9_BFZqayf0BIrec8HQqTLc5NdUarUh_i02Wab3uSijFnSAeGLL_2PFobYuRw_D8f3GpW97Q86vxVFAySn0ytKSQdBJfTFSI7LM5uelem4...
  • https://an.yandex.ru/mapuid/google/CAESEO6b7LeAJPEiNGcocW4YHxM?redir-setuniq=1&ext-param=ASkJ3FZbC9tO6_17yJL9_BFZqayf0BIrec8HQqTLc5NdUarUh_i02Wab3uSijFnSAeGLL_2PFobYuRw_D8f3GpW97Q86vxVFAySn0ytKSQdB...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEO6b7LeAJPEiNGcocW4YHxM&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Server
87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2023 18:14:39 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame CD8B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KdJIhEAkArqpyJhGJnZq6l98hPT-3AG43VZ4m6GWoTczRjmeusW1MkeRPE
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A7D5 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 05:53:42 GMT
x-content-type-options
nosniff
age
44456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 05:53:42 GMT
vehicle-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/ Frame 4127 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/vehicle-1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
4700d29fdf505171824ab0d136e7ce6bce2b2a3030e4f5a00f7a8a72ff5182d7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11683254097880138339/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 04 Dec 2022 18:14:37 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5148
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 11:26:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 04 Dec 2023 18:14:37 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 4127 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 17:59:45 GMT
x-content-type-options
nosniff
age
346493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Nov 2023 17:59:45 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame 4127 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 02:58:36 GMT
x-content-type-options
nosniff
age
314162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22504
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 02:58:36 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame 4127 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 06:52:58 GMT
x-content-type-options
nosniff
age
300100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 06:52:58 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame 4127 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 15:33:07 GMT
x-content-type-options
nosniff
age
268891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 15:33:07 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 4127 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 08:47:43 GMT
x-content-type-options
nosniff
age
120415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 08:47:43 GMT
generate_204
tpc.googlesyndication.com/ Frame DF41 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DdwZNw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame DD22
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:38 GMT
expires
Sun, 04 Dec 2022 18:14:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:37 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame BF3E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVJwvpSUG1TOQQD2A4WHC1M5ASawCKWcFyJAwTneAE-gKg1CRVGE7wXd3_M5-ETd8cTgiIEZfqMnhmN_bckYfy3EqXLw
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BF3E 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Dec 2022 18:14:37 GMT
truncated
/ Frame BF3E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f01f82be3cf3c7c48628663b215e40b3620adee0f35235e8fbc0b0ae71d7d7c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame D89D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 08:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
379374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 08:51:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B612 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2769677050538043&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 04 Dec 2022 18:14:37 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
413806
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		338 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
a1073d2acb61c2fba86a55ec8ddc9c5f784296a6bd31d7d90904fa004df2c06d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
619070
expires
0
rid
match.adsrvr.org/track/ 		108 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
b45877f190f4c596fa5b3906a34e9413a2f50a36fdc470bda9d3376c1ef73bb1

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Dec 2022 18:14:37 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 03 Jan 2023 18:14:37 GMT
sync.html
public.servenobid.com/ Frame 740E 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-66-24.yvr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
81392
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 03 Dec 2022 19:38:07 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 4201bd1d1fc37ea7749b3bd1b64fce02.cloudfront.net (CloudFront)
x-amz-cf-id
sMLmxm_O3ULpRuZRGIbUqmI6W_huRfsLnsGLXrKbb_gDvL1Ebfy_9w==
x-amz-cf-pop
YVR50-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6DBC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
49388
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 04 Dec 2022 18:14:38 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 02 Dec 2022 04:31:25 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
50, 37698
X-Served-By
cache-lga13626-LGA, cache-mel11246-MEL
X-Timer
S1670177678.303543,VS0,VE0
checksync.php
contextual.media.net/ Frame C87A 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
430f033ca0fe86a158a657438d6cb42f04131f8e1022b67507da59508b7b986b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=162297
content-encoding
gzip
content-length
11837
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 18:14:38 GMT
expires
Tue, 06 Dec 2022 15:19:35 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 11F0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 04 Dec 2022 18:14:38 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame CFD0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
1190
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
774685d8ea46fb84-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 18:14:38 GMT
expires
Sun, 04 Dec 2022 22:14:38 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame DEEC
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
1b847bd9136c5d6ec835ff06b01c3ffa1c64ca8cdfed5af31db6118082055d78

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1143
content-type
text/html; charset=utf-8
date
Sun, 04 Dec 2022 18:14:38 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 04 Dec 2022 18:14:38 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame E10D 		533 B
631 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
86252d45b94f2714a04c68eda19f9c327c1730ca8595c66740ab0beece2c5b93

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
320
content-type
text/html
date
Sun, 04 Dec 2022 18:14:38 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame D053 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1670177674244
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
50806093f98917a990e7c84ed862ca8054a4b88915734cebfc15b3d5fe3fa598
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1376
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sd
us-u.openx.net/w/1.0/ Frame E10D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 04 Dec 2022 18:14:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame E10D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=e3b45ea3-6e74-763d-fb74-7ec42c4eeda3&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3ea8a45f-fb97-4242-9f77-edee9e665fde&ttd_puid=e3b45ea3-6e74-763d-fb74-7ec42c4eeda3&gdpr=0&gdpr_consent=
43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3ea8a45f-fb97-4242-9f77-edee9e665fde&ttd_puid=e3b45ea3-6e74-763d-fb74-7ec42c4eeda3&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3ea8a45f-fb97-4242-9f77-edee9e665fde&ttd_puid=e3b45ea3-6e74-763d-fb74-7ec42c4eeda3&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame E10D
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y4zjjsCo8YUAACxoEFwAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y4zjjsCo8YUAACxoEFwAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sun, 04 Dec 2022 18:14:38 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.202","key":"Y4zjjsCo8YUAACxoEFwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad193"}
X-SO-Key
Y4zjjsCo8YUAACxoEFwAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad193
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y4zjjsCo8YUAACxoEFwAAAAA
Cache-Control
private
X-SO-HostName
m-ad193.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-IP
116.90.74.202
sd
jp-u.openx.net/w/1.0/ Frame E10D
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ab-ZLNodMjRvks8ADx3mbK5pPM8AAAGE3ljnCQ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ab-ZLNodMjRvks8ADx3mbK5pPM8AAAGE3ljnCQ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
via
1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ab-ZLNodMjRvks8ADx3mbK5pPM8AAAGE3ljnCQ
cache-control
no-cache
content-length
0
x-amz-cf-id
J8yZu6DAStigC9kuSq_ZmoOXTIaaDELtXJAhYbH3yGU4wKeaj1TiQg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame E10D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2ZkYjhkNjktYTcwMy0yODk5LWVlOTQtMjQ3ZGU2YWMyM2Mz
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E10D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECs5LexOjWhwyub2RWQAE80&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECs5LexOjWhwyub2RWQAE80&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECs5LexOjWhwyub2RWQAE80&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame D89D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?os4QgA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame D731
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5443370aacb2127522f8e0c6333cad01c906bbcd510dbd352216e39bf52456e8

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
774685ddbff01c54-AKL
content-encoding
br
content-type
text/html
date
Sun, 04 Dec 2022 18:14:39 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgVgSm4lLc%2B9YXRLcLlC4naKtX0UuXraOJdOo30nIUBmS8rGPA%2BZyqp3cf6YTgNCh%2ByyAcTEFprE5VkfiSTOH3EEVv8ojwr1ulRbdg1mAwg8qtBvlvwfnAvXW7hUMd7POzn2PSTJYPAqVA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
774685db5fb61c58-AKL
content-length
0
date
Sun, 04 Dec 2022 18:14:38 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STxN35Ti%2Bhj8O%2BHfSK65z%2Bod6Y7emTvWf3YFjRybpJAvpSGwsXXfjqo4U5%2FpAahhmMoaey5055yh7faq%2FsQYTnqr%2Fc8bWMMIROghwnGmVB%2FKJYbKtG2EwaJIf9kOiWcImvIlHlLfjoXUqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/match/ Frame D053
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670177674244
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sun, 04 Dec 2022 18:14:38 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Dec 2022 18:14:37 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame D053 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670177674244
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame D053
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3700458788663942794
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3700458788663942794
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670177674244
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:38 GMT
AN-X-Request-Uuid
7b5c6e29-e46c-4b20-8e44-20aa6d0bccb3
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3700458788663942794
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D053 		42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=KMiUcjbBD276rSp400q0j_L2LqeWA-z6QyVMAU0x66E
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670177674244
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D053
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhN5Y5MZLioaoM8jmYwHcZl9ifR0Mswt1cQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhN5Y5MZLioaoM8jmYwHcZl9ifR0Mswt1cQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670177674244
Protocol
H3
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhN5Y5MZLioaoM8jmYwHcZl9ifR0Mswt1cQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame D053 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670177674244
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:38 GMT
content-length
0
/
onetag-sys.com/match/ Frame D053
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCI7Hs5wGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670177674244
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Sun, 04 Dec 2022 18:14:39 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame D053
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WG3Ska0RULyXUihgHs2FXfzEZhERr_PnKznniR3StNU
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WG3Ska0RULyXUihgHs2FXfzEZhERr_PnKznniR3StNU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670177674244
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SGP12MDMA6GB16CWA90Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WG3Ska0RULyXUihgHs2FXfzEZhERr_PnKznniR3StNU
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame D053 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670177674244
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:39 GMT
content-length
0
/
onetag-sys.com/match/ Frame D053
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEIkyRzO5hGlNOtzg8EGOi8&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEIkyRzO5hGlNOtzg8EGOi8&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670177674244
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEIkyRzO5hGlNOtzg8EGOi8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame D053 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670177674244
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame D053
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670177674244
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame D053 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670177674244
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 18:14:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 0E1D 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 05:53:51 GMT
x-content-type-options
nosniff
age
44447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12700
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 05:53:51 GMT
Layer0.jpg
s2.adform.net/Banners/Elements/Files/2111416/11240091/bvpath_513/ Frame 0E1D 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.adform.net/Banners/Elements/Files/2111416/11240091/bvpath_513/Layer0.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
398b6ad3f27000beaa3dc741a62da981e585b46f9bb3f0c9de11cf08c7f9e30d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:38 GMT
last-modified
Sat, 28 May 2022 23:24:13 GMT
server
nginx
x-amz-request-id
tx00000d6f37363366eb23c-00638c0c03-32940f80-default
etag
"230a51b3460bd0d50f20fbd77b1e218e"
x-cache-status
MISS, HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
37583
all
csm.as.criteo.net/ Frame 865C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=xAxCOnQ0ehJG8olT9-YhL9DiGvuUa3lXjPzME5GyOtN-XsXwCOcKOl1XUIXL1rYG3kX8IkWBNVgSWDl1FHaX5ox6Y7UgcQeND87bmdH1OC3gnsi06tUXzpo0DW8FMvb1ZXLa-nDy0bFT0IR06Anv3YwrDujsFV6sHxJ_qYcmbckAk5pJKC5noP8DYuAUaNAqTWHG3DBLWvdsGSlCB-Vp1ntdMYBfJdf8pjRdy-_HOyIvFpeyVJEPIpokHMfye9VJtcQwTQ&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Dec 2022 18:14:38 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
async_usersync
ib.adnxs.com/ Frame 6DBC 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:38 GMT
AN-X-Request-Uuid
ad8127e9-9a16-444a-b640-2be82b8a5dd5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 11F0 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2dbe7465dd73540a103dc46209e8fd40dc8e2887d4d333c121c3dae4fd5e6afe

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 18:14:38 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Dec 2022 05:18:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=39862
Connection
keep-alive
Content-Length
10067
Expires
Mon, 05 Dec 2022 05:19:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BAED 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQxEs-DkvK0zCP7v27KLriBU3Mt-Hl3H7D4urh_s3maTsw8xjZRPMOvPNIdcTW63BEtRDJOMIkTV1g4VXnYtkyBjYa&sig=Cg0ArKJSzC2KhHRtl4DeEAE&cid=CAASFeRoRAd2lkqURn0uVNk5XGm6SAxA6g&id=lidar2&mcvt=1002&p=300,5,900,125&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670177676292&rpt=1341&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gum.criteo.com/ Frame C87A 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
246282
expires
60
usync.html
eus.rubiconproject.com/ Frame 5AB1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 04 Dec 2022 18:14:39 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 04 Dec 2022 18:14:39 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 5649
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Drkt%26refUrl%3D%26vid%3D017767867131317927874442370...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3131792787444237000V10&type=rkt&refUrl=&vid=01776786713131792787444237000V10&ovsid=2018245963232033260
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3131792787444237000V10&type=rkt&refUrl=&vid=01776786713131792787444237000V10&ovsid=2018245963232033260
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Sun, 04 Dec 2022 18:14:40 GMT
expires
Sun, 04 Dec 2022 18:14:40 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sun, 04 Dec 2022 18:14:39 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3131792787444237000V10&type=rkt&refUrl=&vid=01776786713131792787444237000V10&ovsid=2018245963232033260
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 69D0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=38590
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 18:14:39 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 05 Dec 2022 04:57:49 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame C87A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dapx%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=apx&refUrl=&vid=01776786713131792787444237000V10&ovsid=3700458788663942794
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=apx&refUrl=&vid=01776786713131792787444237000V10&ovsid=3700458788663942794
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 18:14:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 04 Dec 2022 18:14:39 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:38 GMT
AN-X-Request-Uuid
3a0ec968-c424-487a-91b7-f656cd4b1ea5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=apx&refUrl=&vid=01776786713131792787444237000V10&ovsid=3700458788663942794
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame C87A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3131792787444237...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3131792787444237000V10&type=opx&refUrl=&vid=01776786713131792787444237000V10&ovsid=2b98373c-c574-4cdd-983b-00aa9ea17f7f
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3131792787444237000V10&type=opx&refUrl=&vid=01776786713131792787444237000V10&ovsid=2b98373c-c574-4cdd-983b-00aa9ea17f7f
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 18:14:39 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Sun, 04 Dec 2022 18:14:39 GMT

Redirect headers

date
Sun, 04 Dec 2022 18:14:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3131792787444237000V10&type=opx&refUrl=&vid=01776786713131792787444237000V10&ovsid=2b98373c-c574-4cdd-983b-00aa9ea17f7f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame C87A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dmma%26refUrl%3D%26vid%3D017767867131317927874442...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=mma&refUrl=&vid=01776786713131792787444237000V10&ovsid=daf4638c-e38e-4b00-8db6-4d838e163c4b
45 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=mma&refUrl=&vid=01776786713131792787444237000V10&ovsid=daf4638c-e38e-4b00-8db6-4d838e163c4b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 18:14:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 04 Dec 2022 18:14:39 GMT

Redirect headers

Date
Sun, 04 Dec 2022 18:14:38 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x18 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=mma&refUrl=&vid=01776786713131792787444237000V10&ovsid=daf4638c-e38e-4b00-8db6-4d838e163c4b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Dec 2022 18:14:37 GMT
cksync.php
contextual.media.net/ Frame C87A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dr1%26refUrl%3D%26vid%3D01776786713131792787...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7585734676
  • https://sync.1rx.io/usersync/tradedesk/3ea8a45f-fb97-4242-9f77-edee9e665fde
  • https://sync.targeting.unrulymedia.com/csync/RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=r1&refUrl=&vid=01776786713131792787444237000V10&ovsid=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
45 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=r1&refUrl=&vid=01776786713131792787444237000V10&ovsid=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 18:14:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 04 Dec 2022 18:14:40 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=r1&refUrl=&vid=01776786713131792787444237000V10&ovsid=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
date
Sun, 04 Dec 2022 18:14:39 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2c4b84cfec024fef88c3dfde16766c73004
content-type
text/html
cksync
cs.media.net/ Frame C87A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzEzMTc5Mjc4NzQ0NDIzNzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEObxUmh_eNTiRFUJI8vXuzI&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEObxUmh_eNTiRFUJI8vXuzI&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:39 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Sun, 04 Dec 2022 18:14:39 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEObxUmh_eNTiRFUJI8vXuzI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame C87A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Ddxu%26refUrl%3D%26vid%3D01776786713131792787444...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Ddxu%26refUrl%3D%26vid%3D01776786713131792...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=dxu&refUrl=&vid=01776786713131792787444237000V10&ovsid=Tdc03r9i1P1TvF5
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=dxu&refUrl=&vid=01776786713131792787444237000V10&ovsid=Tdc03r9i1P1TvF5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 18:14:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 04 Dec 2022 18:14:40 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:39 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0d347ca036a683313@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=dxu&refUrl=&vid=01776786713131792787444237000V10&ovsid=Tdc03r9i1P1TvF5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame C87A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b21b56d-c1a1-4a1f-8780-aef1ae259053
45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b21b56d-c1a1-4a1f-8780-aef1ae259053
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 18:14:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 04 Dec 2022 18:14:39 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1b21b56d-c1a1-4a1f-8780-aef1ae259053
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
9002970
content-length
0
expires
Sun, 04 Dec 2022 00:00:00 GMT
/
sync.ad-stir.com/ Frame C87A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-42TPcC5E2pmSVKeeenFQFo2b3CuDnhAhPCMT0g--~A&expires=5
  • https://sync.ad-stir.com/?symbol=BIDSWITCH&uid=2e000137-6586-4b0e-9d6d-a85959af6d31
43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ad-stir.com/?symbol=BIDSWITCH&uid=2e000137-6586-4b0e-9d6d-a85959af6d31
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
54.199.9.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:41 GMT
cache-control
max-age=300
content-length
43
content-type
image/gif

Redirect headers

Location
//sync.ad-stir.com/?symbol=BIDSWITCH&uid=2e000137-6586-4b0e-9d6d-a85959af6d31
Date
Sun, 04 Dec 2022 18:14:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame C87A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dzem%26refUrl%3D%26vid%3D01776786713131792787444237...
  • https://stags.bluekai.com/site/23178?id=dQSB6Rymc0PHw7Hp5C4U&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLEKFJUENSSPFWWGMCQJB3TOSDQGVBTI...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=dQSB6Rymc0PHw7Hp5C4U&refUrl=&type=zem&vid=01776786713131792787444237000V10&vsid=3131792787444237000V10
45 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=dQSB6Rymc0PHw7Hp5C4U&refUrl=&type=zem&vid=01776786713131792787444237000V10&vsid=3131792787444237000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 18:14:42 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 04 Dec 2022 18:14:42 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:41 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=dQSB6Rymc0PHw7Hp5C4U&refUrl=&type=zem&vid=01776786713131792787444237000V10&vsid=3131792787444237000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame C87A
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3131792787444237000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3131792787444237000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=2cfe49d9-60db-483f-b8dc-183d0afd5314&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=2cfe49d9-60db-483f-b8dc-183d0afd5314&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 18:14:41 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 04 Dec 2022 18:14:41 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=2cfe49d9-60db-483f-b8dc-183d0afd5314&cs=1
Date
Sun, 04 Dec 2022 18:14:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame C87A 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Demx%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.104.91 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:40 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame C87A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3ea8a45f-fb97-4242-9f77-edee9e665fde
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3ea8a45f-fb97-4242-9f77-edee9e665fde
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:39 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Sun, 04 Dec 2022 18:14:39 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3ea8a45f-fb97-4242-9f77-edee9e665fde
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
Layer51.jpg
s2.adform.net/Banners/Elements/Files/2111416/11240091/bvpath_513/ Frame 0E1D 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.adform.net/Banners/Elements/Files/2111416/11240091/bvpath_513/Layer51.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6bea380818c86e33533ac6374891866e96adb5add81d4f359c5da93aabf0d3c2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:38 GMT
last-modified
Sat, 28 May 2022 23:24:13 GMT
server
nginx
x-amz-request-id
tx0000052d50530f33ceeb9-00638a8ce1-32940f80-default
etag
"6c6aa3760c63502417807faecd8f7006"
x-cache-status
MISS, HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
25201
xuid
eb2.3lift.com/ Frame DEEC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=3ea8a45f-fb97-4242-9f77-edee9e665fde&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=3ea8a45f-fb97-4242-9f77-edee9e665fde&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 04 Dec 2022 18:14:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=3ea8a45f-fb97-4242-9f77-edee9e665fde&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame DEEC
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4NjMxMzI4Nzg2OTI2ODQ0NjY5
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame DEEC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFg9zRSAU5hRCNUpFFiCcKc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFg9zRSAU5hRCNUpFFiCcKc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 04 Dec 2022 18:14:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFg9zRSAU5hRCNUpFFiCcKc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DEEC
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4NjMxMzI4Nzg2OTI2ODQ0NjY5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4NjMxMzI4Nzg2OTI2ODQ0NjY5
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY4NjMxMzI4Nzg2OTI2ODQ0NjY5
date
Sun, 04 Dec 2022 18:14:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame DEEC
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=368631328786926844669&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=368631328786926844669&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d3784b89-8532-493d-b74b-278a5bc9d2eb&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d3784b89-8532-493d-b74b-278a5bc9d2eb&_noobservation=1&_expected_cookie=202d55c...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d3784b89-8532-493d-b74b-278a5bc9d2eb&_noobservation=1&_expected_cookie=202d55cccf644ad9b51ba3a5272add37
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.102.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sun, 04 Dec 2022 18:14:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
774685e6ffa96a48-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d3784b89-8532-493d-b74b-278a5bc9d2eb&_noobservation=1&_expected_cookie=202d55cccf644ad9b51ba3a5272add37
date
Sun, 04 Dec 2022 18:14:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
774685e57eed6a48-SYD
content-length
0
xuid
eb2.3lift.com/ Frame DEEC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=368631328786926844669&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=368631328786926844669&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=71c90ea8-9191-43c8-8e03-5d77a2350f23&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522942008261660637&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522942008261660637&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=8700f9b8-eabc-43bd-848e-c6d58f04707b&ssp=triplelift&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522942008261660637&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209270804355005565780&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10522942008261660637&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2409&xuid=2e000137-6586-4b0e-9d6d-a85959af6d31&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=2e000137-6586-4b0e-9d6d-a85959af6d31&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 04 Dec 2022 18:14:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=2e000137-6586-4b0e-9d6d-a85959af6d31&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Sun, 04 Dec 2022 18:14:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame DEEC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/368631328786926844669?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-gzV.z.5E2oQmNqiElSa7APZuOFlXbw.CQQIEQzV48w--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-gzV.z.5E2oQmNqiElSa7APZuOFlXbw.CQQIEQzV48w--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 04 Dec 2022 18:14:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 04 Dec 2022 18:14:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-gzV.z.5E2oQmNqiElSa7APZuOFlXbw.CQQIEQzV48w--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame DEEC
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=368631328786926844669
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=368631328786926844669&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=368631328786926844669&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9ST7KZMARRFSAWGRF011
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=368631328786926844669&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame DEEC 		42 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=368631328786926844669&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 93AB99CA4A454E068DE9ECD48B62D601 Ref B: SYD03EDGE0707 Ref C: 2022-12-04T18:14:39Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame DEEC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3700458788663942794&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=3700458788663942794&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 04 Dec 2022 18:14:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:39 GMT
AN-X-Request-Uuid
924999a0-c8d1-4122-83d7-0bbcc5245d8f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=3700458788663942794&dongle=4d58&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 1A0B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 08:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
379376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 08:51:43 GMT
tap.php
pixel.rubiconproject.com/ Frame 11F0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECi65O8AMp3VEgSizjPXSAU&google_cver=1
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECi65O8AMp3VEgSizjPXSAU&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECi65O8AMp3VEgSizjPXSAU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 11F0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI5T05YQlMtMTQtMVFHTg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI5T05YQlMtMTQtMVFHTg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI5T05YQlMtMTQtMVFHTg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 11F0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/w_tFNtmdoefsJiAWKd-FPsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-N0PSaDJE2oJ8C5eUDXbMOvIz1rvgZ.hSl9YmMw--~A
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-N0PSaDJE2oJ8C5eUDXbMOvIz1rvgZ.hSl9YmMw--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 04 Dec 2022 18:14:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-N0PSaDJE2oJ8C5eUDXbMOvIz1rvgZ.hSl9YmMw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 11F0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=&expires=30
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
setuid
px.ads.linkedin.com/ Frame 11F0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB9ONXBS-14-1QGN
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB9ONXBS-14-1QGN
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:39 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: EC9D34C45FAF419DBAF2B390B20A7A0B Ref B: SYD03EDGE0716 Ref C: 2022-12-04T18:14:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvBItVyd0N+uwtaKwKZg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB9ONXBS-14-1QGN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 11F0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzMyMDFiNWZmZjFmYTdiM2RlYjEwODVkZTI0N2MwMmZlMzEzNzg5Yw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzMyMDFiNWZmZjFmYTdiM2RlYjEwODVkZTI0N2MwMmZlMzEzNzg5Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzMyMDFiNWZmZjFmYTdiM2RlYjEwODVkZTI0N2MwMmZlMzEzNzg5Yw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 11F0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bFJiSe7pRv6mxPQSDQv0sA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bFJiSe7pRv6mxPQSDQv0sA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bFJiSe7pRv6mxPQSDQv0sA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AVRJV4Y65Z339DQBP9PB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bFJiSe7pRv6mxPQSDQv0sA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 11F0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Q_iapaKzSxiximba7RHdvw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Q_iapaKzSxiximba7RHdvw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Q_iapaKzSxiximba7RHdvw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
HTTP/1.1
Server
52.95.125.22 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AMDE9FHT0301PMH876TB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Q_iapaKzSxiximba7RHdvw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
13926
g2.gumgum.com/usync/ Frame 3883 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.52.64 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-52-64.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ec22911331ba5ee00be954ff32ba3ce5e13cc3b9f3741cbd8447e3866aeab1e9

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 04 Dec 2022 18:14:39 GMT
etag
W/"0c74fc6812f3c12c560d0463c7bd9c7b3"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame E73D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
2ac39c403e5813da1d9513b8b139667c4550c7cb82db4ebf3c9b4f0745f96f7f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1396
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame DBF8 		811 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
96f248a758d0719d8cebb6194ed0a88e8c7aa0355acf267b15acbe6cf4a65281

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
811
content-type
text/html
date
Sun, 04 Dec 2022 18:14:39 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4B16 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c6d940b5267ccc8c4502c2a9d4c4ac82e68bc7c9e7519b0e2fcaa973c339d2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
774685de686b1c54-AKL
content-encoding
br
content-type
text/html
date
Sun, 04 Dec 2022 18:14:39 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oz2gEG5Y%2FhESSGqAW2xGbdSxymzeOjqTGRoyMBaf7M%2FiN8S9n9akE2i2%2FBYjO5cC3rWL5KkWpyi9CxxxbzeXeKM8fg97a%2BTXCI1zjceaYiXvUr63hLshA3VXgPKMb9Y0eINYWAND7dqELg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2F8D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 18:14:39 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 04 Dec 2022 18:14:39 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0FB8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=38590
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 18:14:39 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 05 Dec 2022 04:57:49 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 961B 		145 B
719 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-48.sin2.r.cloudfront.net
Software
/
Resource Hash
ee82ae7fc3b6c087f1dc0488c4787f87460d60caff37b544cc3f4001361ef717

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
145
content-type
text/html
date
Sun, 04 Dec 2022 18:14:39 GMT
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
x-amz-cf-id
TVGDfyqORHcsii0cdMRhsR3SWpMp0qvF8gsHtfoNQN_zwRvPGsRpUg==
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
sync
ads.servenobid.com/ Frame 740E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=3700458788663942794
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=3700458788663942794
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:39 GMT
AN-X-Request-Uuid
8bc304c1-e135-4ff4-86b9-c8d4dde777db
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=3700458788663942794
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 740E
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FwtGDLZH9CmTBwadRIG9QCOx
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FwtGDLZH9CmTBwadRIG9QCOx
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FwtGDLZH9CmTBwadRIG9QCOx
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 740E
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FwtGDLZH9CmTBwadRIG9QCOx
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FwtGDLZH9CmTBwadRIG9QCOx
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sun, 04 Dec 2022 18:14:40 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FwtGDLZH9CmTBwadRIG9QCOx
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync
ads.servenobid.com/ Frame 740E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4273112221
  • https://sync.1rx.io/usersync/tradedesk/3ea8a45f-fb97-4242-9f77-edee9e665fde
  • https://sync.targeting.unrulymedia.com/csync/RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
  • https://ads.servenobid.com/sync?pid=321&uid=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
date
Sun, 04 Dec 2022 18:14:40 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2c4b84cfec024fef88c3dfde16766c73004
content-type
text/html
sync
ads.servenobid.com/ Frame 740E
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=2018245963232033270
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=2018245963232033270
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=2018245963232033270
Date
Sun, 04 Dec 2022 18:14:39 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 740E 		0
0
us
sync.go.sonobi.com/ Frame 740E
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F28434%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D...
  • https://sync.go.sonobi.com/us?gdpr=1&gdpr_consent=&us_privacy=1YN-&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMW...
0
0
sync
ads.servenobid.com/ Frame 740E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-soI6jhVE2uETpDo3u.pklSiZHdv.VuVcvdyhnRM-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-soI6jhVE2uETpDo3u.pklSiZHdv.VuVcvdyhnRM-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-soI6jhVE2uETpDo3u.pklSiZHdv.VuVcvdyhnRM-~A
date
Sun, 04 Dec 2022 18:14:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ImgSync
image8.pubmatic.com/AdServer/ Frame 740E
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYQ____________ASpTa...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee...
  • https://prebid.a-mo.net/cchain/0/12688?gdpr=&gdpr_consent=&us_privacy=&A=95bd1ee5-36e1-4351-b30a-6e839ec99f56&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WX...
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dtriplelift%26...
  • https://prebid.a-mo.net/cchain/3/12688?gdpr=&gdpr_consent=&us_privacy=&A=95bd1ee5-36e1-4351-b30a-6e839ec99f56&bidder=triplelift&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3W...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2e000137-6586-4b0e-9d6d-a85959af6d31&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522942008261660637&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=8700f9b8-eabc-43bd-848e-c6d58f04707b&ssp=pubmatic&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522942008261660637&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209270804355005565780&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10522942008261660637&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
sync
ads.servenobid.com/ Frame 740E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-soI6jhVE2uETpDo3u.pklSiZHdv.VuVcvdyhnRM-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-soI6jhVE2uETpDo3u.pklSiZHdv.VuVcvdyhnRM-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-soI6jhVE2uETpDo3u.pklSiZHdv.VuVcvdyhnRM-~A
date
Sun, 04 Dec 2022 18:14:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame D731
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4zjjkds2i99yIN7uy-JFAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELZx0vd5spCrICJhTg9H_So&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELZx0vd5spCrICJhTg9H_So&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELZx0vd5spCrICJhTg9H_So&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame D731
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0Z3TA33WYF0VNYMZWBT6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4HH0CQJAMPWY414SQTHY
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame D731
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPxooqaFnKvvKnuVIARJ4nk&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPxooqaFnKvvKnuVIARJ4nk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CD8Rd%2BnYK8OLPDvZTvPqWtjBDX4dlooyJp%2FPYYcLwAaZsDVt0eLn4OmukaqXdYmmR%2F968OtWfxA5pWBJNWkttoNN%2Fsgojmbwp6IY1wyuP%2Bawtvr6t4s7C2XBKkoE6eL4pz4fTO68LwFCRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
774685e23af11c54-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPxooqaFnKvvKnuVIARJ4nk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D731
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3ea8a45f-fb97-4242-9f77-edee9e665fde&expiration=1672769679&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3ea8a45f-fb97-4242-9f77-edee9e665fde&expiration=1672769679&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3ea8a45f-fb97-4242-9f77-edee9e665fde&expiration=1672769679&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame D731
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3700458788663942794
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3700458788663942794
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
AN-X-Request-Uuid
a24687d9-7c51-403d-8675-d3be9d2bf324
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3700458788663942794
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D731
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
54.255.4.206 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-4-206.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB
date
Sun, 04 Dec 2022 18:14:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame D731
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAQYuU7HGccAACFj_xQ1lw&expiration=1671387280
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAQYuU7HGccAACFj_xQ1lw&expiration=1671387280
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAQYuU7HGccAACFj_xQ1lw&expiration=1671387280
Date
Sun, 04 Dec 2022 18:14:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame D731
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=xyKVUnlL_2B8q4v5FiU5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD26DZJNLFK...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=xyKVUnlL_2B8q4v5FiU5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=xyKVUnlL_2B8q4v5FiU5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:43 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:42 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=xyKVUnlL_2B8q4v5FiU5
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame D731 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y4zjjkds2i99yIN7uy-JFAAA%264759
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:40 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
21449
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
774685e57ec3fb8c-AKL
content-length
43
expires
Mon, 05 Dec 2022 18:14:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BF3E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCW8Cyk7RI-TtmVmL2ayrYDWYX2K5b7IEdeIMIVPYKiHR0RH9u14Q2Ma-cU7nEF7H2W6bhUsX-LISDiyqVKyHs_ody8t1PfUqTDDtV3vo6KhBAY3Y2AVmaR9F-P1YQ6U4cyRw&sai=AMfl-YRGUmw7YKzPT_qBc0IXT4OXJ5d_lrzKstssAfLzJXd2fHY7gQ2WQ4UACpaWBzznrV6Z67DJ3Crmj3TTf_Oeep30_U9T1gN2oKwn_qPiruoqcNNZg3jBp8dCMcSg63Q&sig=Cg0ArKJSzOy11_DBxpNWEAE&cid=CAQSPADq26N9koUpTzMJ6Aa4fTdxcgyTFhjAkP2cux67g7zliHYo1uo_KvCZA6xWPBclf-R9cJFPdNZreWo92BgBIBM&id=lidar2&mcvt=1075&p=1110,436,1200,1164&mtos=1075,1075,1075,1075,1075&tos=1075,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670177676288&rpt=1996&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 4127 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 08:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
379376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 08:51:43 GMT
async_usersync
ib.adnxs.com/ Frame 6DBC 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:39 GMT
AN-X-Request-Uuid
c5a5f56e-53ed-49de-b5b7-5279756a13aa
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4B16 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.4.206 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-4-206.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 4B16
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y4zjjwABhgRkMgAp
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4zjjwABhgRkMgAp&_test=Y4zjjwABhgRkMgAp
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4zjjwABhgRkMgAp&_test=Y4zjjwABhgRkMgAp
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-mel11263-MEL
pragma
no-cache
date
Sun, 04 Dec 2022 18:14:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1670177680.217274,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4zjjwABhgRkMgAp&_test=Y4zjjwABhgRkMgAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 4B16
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8874452989154502422
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8874452989154502422
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8874452989154502422
pragma
no-cache
date
Sun, 04 Dec 2022 18:14:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 4B16
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=daf4638c-e38e-4b00-8db6-4d838e163c4b
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=daf4638c-e38e-4b00-8db6-4d838e163c4b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 04 Dec 2022 18:14:39 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x15 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=daf4638c-e38e-4b00-8db6-4d838e163c4b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Dec 2022 18:14:38 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 4B16
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPxooqaFnKvvKnuVIARJ4nk&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPxooqaFnKvvKnuVIARJ4nk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaJScovEASmdlECj6WSBRtuUFqLprvrAxz6dpA8pTRrEVzRPBY2HWOMAH8movKSfoZWRKc5ZC7dTg1%2Fvk6PO9cT%2Fsfeqpf5QhNoUTgokxl9LKq6opZSHOL7cGEWHstqMD3ZNdvWvnNUByQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
774685e29b3d1c54-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPxooqaFnKvvKnuVIARJ4nk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4B16
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GGVMGV070M1Q02FGR2E3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K1XE5ZHNJ6MAANEGRKN0
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4B16
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=o_cSDkzOT4pT408sI_4n5XRaSso
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=o_cSDkzOT4pT408sI_4n5XRaSso
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=o_cSDkzOT4pT408sI_4n5XRaSso
Date
Sun, 04 Dec 2022 18:14:40 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 4B16
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=index_exchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y4zjj8Co8YUAACxoEI0AAAAA
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y4zjj8Co8YUAACxoEI0AAAAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

X-SO-Cluster-ID
0
Date
Sun, 04 Dec 2022 18:14:39 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=index_exchange","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.202","key":"Y4zjj8Co8YUAACxoEI0AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad304"}
X-SO-Key
Y4zjj8Co8YUAACxoEI0AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad304
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y4zjj8Co8YUAACxoEI0AAAAA
Cache-Control
private
X-SO-HostName
m-ad304.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-IP
116.90.74.202
sync
ads.servenobid.com/ Frame 4B16 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:39 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 0FB8 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14472645&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
4d064df1cb00507064fb069972ed2e7a6dc7d9bba61ec76708b84c06bf74a569

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 18:14:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame E73D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhN5Y6Sr2U0Ch60PwF7mGGwVlZJj_1t7Q1w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhN5Y6Sr2U0Ch60PwF7mGGwVlZJj_1t7Q1w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhN5Y6Sr2U0Ch60PwF7mGGwVlZJj_1t7Q1w
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame E73D 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:39 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame E73D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEIkyRzO5hGlNOtzg8EGOi8&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEIkyRzO5hGlNOtzg8EGOi8&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEIkyRzO5hGlNOtzg8EGOi8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame E73D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sun, 04 Dec 2022 18:14:39 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x23 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Dec 2022 18:14:38 GMT
/
onetag-sys.com/match/ Frame E73D
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LB9ONXBS-14-1QGN&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LB9ONXBS-14-1QGN&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LB9ONXBS-14-1QGN&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
/
onetag-sys.com/match/ Frame E73D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3700458788663942794
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3700458788663942794
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:39 GMT
AN-X-Request-Uuid
0a23e27a-4e36-4381-89ff-095d24ab5324
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=3700458788663942794
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame E73D 		42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=WG3Ska0RULyXUihgHs2FXfzEZhERr_PnKznniR3StNU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame E73D
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=7928478425872582191
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=7928478425872582191
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=7928478425872582191
date
Sun, 04 Dec 2022 18:14:39 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame E73D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WG3Ska0RULyXUihgHs2FXfzEZhERr_PnKznniR3StNU
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WG3Ska0RULyXUihgHs2FXfzEZhERr_PnKznniR3StNU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0F81E06JGHSV2MCHVPR2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=WG3Ska0RULyXUihgHs2FXfzEZhERr_PnKznniR3StNU
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
SPug
image4.pubmatic.com/AdServer/ Frame E73D
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4061835968315997971
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O3utH4NE2uWc7grSyW4Yo4XsJbvk57I-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O3utH4NE2uWc7grSyW4Yo4XsJbvk57I-~A&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O3utH4NE2uWc7grSyW4Yo4XsJbvk57I-~A&gdpr=0&gdpr_consent=
date
Sun, 04 Dec 2022 18:14:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame E73D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-soI6jhVE2uETpDo3u.pklSiZHdv.VuVcvdyhnRM-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-soI6jhVE2uETpDo3u.pklSiZHdv.VuVcvdyhnRM-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-soI6jhVE2uETpDo3u.pklSiZHdv.VuVcvdyhnRM-~A
date
Sun, 04 Dec 2022 18:14:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame E73D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
/
onetag-sys.com/match/ Frame E73D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cee840bd-5af5-499c-a769-1121227ea1cc&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 04 Dec 2022 18:14:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame E73D 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=WG3Ska0RULyXUihgHs2FXfzEZhERr_PnKznniR3StNU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
asia.adform.net/serving/unload/ Frame C427 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://asia.adform.net/serving/unload/?version=15&unload=4061835968315997971@@56367626,375452873617540223,100|1100|0|0|0|0|0|0|0||43|1|||||1|0|0|V8acoBj0tXJcPlakbYq96cztiJKs8_Hj0iWgaw3DMbD6q6AezDbN2PL_QlhaeLlf0|||11||0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
usync.js
eus.rubiconproject.com/ Frame 5AB1 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2dbe7465dd73540a103dc46209e8fd40dc8e2887d4d333c121c3dae4fd5e6afe

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:39 GMT
content-encoding
gzip
last-modified
Sun, 04 Dec 2022 05:18:58 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=39861
content-length
10067
expires
Mon, 05 Dec 2022 05:19:00 GMT
usync.js
eus.rubiconproject.com/ Frame 2F8D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2dbe7465dd73540a103dc46209e8fd40dc8e2887d4d333c121c3dae4fd5e6afe

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:39 GMT
content-encoding
gzip
last-modified
Sun, 04 Dec 2022 05:18:58 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=39861
content-length
10067
expires
Mon, 05 Dec 2022 05:19:00 GMT
match
c1.adform.net/serving/cookie/ Frame 2E80 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 04 Dec 2022 18:14:39 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 6C86
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=0&gdpr_consent=
42 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 18:14:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 04 Dec 2022 18:14:39 GMT
Expires
Sun, 04 Dec 2022 18:14:38 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master nrt-pixel-x7 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=0&gdpr_consent=
SPug
image4.pubmatic.com/AdServer/ Frame BCAD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4zjjwAADfIi3wAe&gdpr=0&gdpr_consent=&_test=Y4zjjwAADfIi3wAe
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O3utH4NE2uWc7grSyW4Yo4XsJbvk57I-~A&gdpr=0&gdpr_consent=
0
48 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O3utH4NE2uWc7grSyW4Yo4XsJbvk57I-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
date
Sun, 04 Dec 2022 18:14:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

age
0
content-length
0
date
Sun, 04 Dec 2022 18:14:41 GMT
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O3utH4NE2uWc7grSyW4Yo4XsJbvk57I-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
Pug
simage2.pubmatic.com/AdServer/ Frame D04D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3700458788663942794&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3700458788663942794&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 18:14:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
eac54893-7074-4bfb-a828-673d5d9e40c2
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 04 Dec 2022 18:14:39 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3700458788663942794&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 1F6F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bwKRTTwCkU10VZEaYQGESj8DzEx0CZ1Pbwe1PUzF
42 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bwKRTTwCkU10VZEaYQGESj8DzEx0CZ1Pbwe1PUzF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 18:14:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 04 Dec 2022 18:14:39 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bwKRTTwCkU10VZEaYQGESj8DzEx0CZ1Pbwe1PUzF
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
SPug
image4.pubmatic.com/AdServer/ Frame 9ECB
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y2a7kzj33yy
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O3utH4NE2uWc7grSyW4Yo4XsJbvk57I-~A&gdpr=0&gdpr_consent=
0
48 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O3utH4NE2uWc7grSyW4Yo4XsJbvk57I-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
date
Sun, 04 Dec 2022 18:14:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

age
0
content-length
0
date
Sun, 04 Dec 2022 18:14:41 GMT
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-O3utH4NE2uWc7grSyW4Yo4XsJbvk57I-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
sync
ads.servenobid.com/ Frame 1AC4 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sun, 04 Dec 2022 18:14:39 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0FB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=C-gw5d0mS_i-b9lmSE-3qQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
date
Sun, 04 Dec 2022 18:14:40 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=UTF-8
cache-control
max-age=38589
accept-ranges
bytes
content-length
5549
expires
Mon, 05 Dec 2022 04:57:49 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 0FB8
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0429f2eb6229e5f208cb045f0b8ef83b4ab1e0e401702f62ccf90431a545f2bc791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwNDI5ZjJlYjYyMjllNWYyMDhjYjA0NWYwYjhlZjgzYjRhYjFlMGU0MDE3MDJmNjJjY2Y5MDQzMWE1NDVmMmJjNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwNDI5ZjJlYjYyMjllNWYyMDhjYjA0NWYwYjhlZjgzYjRhYjFlMGU0MDE3MDJmNjJjY2Y5MDQzMWE1NDVmMmJjNzkxNDI2YjU0MTdkY2UyMRAAGgwIkMeznAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=58a2f5fe-07df-494b-bb3f-5e04fc0c866a
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=58a2f5fe-07df-494b-bb3f-5e04fc0c866a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:42 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=58a2f5fe-07df-494b-bb3f-5e04fc0c866a
date
Sun, 04 Dec 2022 18:14:41 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 0FB8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=daf4638c-e38e-4b00-8db6-4d838e163c4b
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=daf4638c-e38e-4b00-8db6-4d838e163c4b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 04 Dec 2022 18:14:39 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x14 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=daf4638c-e38e-4b00-8db6-4d838e163c4b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Dec 2022 18:14:38 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0FB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEJFODMwRTUtREQyNi00QkY4LUJFNkYtRDk2NjQ4NEZCN0E5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 18:14:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0FB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH-OZ4MiWI75KkEMEPPvo-Y&google_cver=1
42 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH-OZ4MiWI75KkEMEPPvo-Y&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 18:14:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH-OZ4MiWI75KkEMEPPvo-Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 0FB8
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1C34F62AA6CB4E31B8567C765B368ED8
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
date
Sun, 04 Dec 2022 18:14:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0FB8 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0BE830E5-DD26-4BF8-BE6F-D966484FB7A9?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.4.206 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-4-206.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 0FB8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=
42 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 18:14:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3ea8a45f-fb97-4242-9f77-edee9e665fde&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
sodar
pagead2.googlesyndication.com/pagead/ Frame 9729 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1260793036798672&bg=!VValVhLNAAbvMpMzzzI7ACkAdvg8Wt92RL0Uh45aEa71dHfOLPB2_w8gW6gHFpP-8Agi_IkDnbM82gIAAABpUgAAAAJoAQeZAq-HXDbIK2qfvmG-XLul-GEO0TLPvKKPeJhGfa8WDjto7wxwQZC8nZFucvO_QwL7P4CN1bar0f6Dlq-vIIzpWssA1OJk9eO7kNiu4GjNSW9E_PkpKtWTmBBGk8LxeWDT9kPXljIv8YEtXuPls32r9bvhj3JUG2K9rpj8MBdUO_RlwUzlrs2yIPJTtUmbOj0o4L6K4_XQwA8diClcwUK9-oByh5ie-zBY_tJO8VkVbb20XcK0Hilr4qOdi2F0HScebfHl3bsxnwhJzV4IwzKre71ZVi2vSDRgGDXIUssoXHs2zry8f8gHbXZuaoBPN3G9ucX8GBMfXeByddnTtpE0WCCNnrxM5c_zJk-hpCNyKxiRfiKtXFUj1YsThAFuC35RqoBaAIkUEqdNtUdzAS4-ndf9o697jsD6eEZ04L5DRmlx8fKax8J3PrWD1skGbfZlhoUj2jwSNQcmJOvOf04EuYubl-6X9fS2FAIptylErnoya6PIUUP14KhX8fY2RtcoJn88XYdpN9V45WftscpRaRkZXx7pMvzpQWtzh7dL5fnzUgvJf8OHnlq6VIAOBQil1HsbWnipGe3G1qYfNo80Fo92RUNucyXaLBQ8xtj_MXAaKs7XKuEZqo4kShIYKMmejUTMsFMg-EyfLUenVxP0bSTy-WD9PAhTkA3-M-CWAITjv8nIQXwYgax22Hmp58HwlvZnjoVFSwOXGw8rvQAQEzabpkRxCD4YId-6jZ1rsoK9zkniZAU_EVF-IBQQm5yYpSkfdILSz3EHRbo2qObIfxVVJ4AlNA-2fqbz7trdnGnIH78u7xI09ew9eOkvxkYfekulJrpbWCwWRs94yRWT-Av_sDCXLbPq8VAFxg7W3SfQayy5oB4mUAcHPUwRu3IJmTp9EHJKoJzllyGMlKoECC8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
ads.servenobid.com/ Frame DBF8 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=8768743804732425733&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame DBF8
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=3700458788663942794&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=3700458788663942794&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.38 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 04 Dec 2022 18:14:39 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
AN-X-Request-Uuid
e53539bc-3f8d-4c48-88fe-d3853cf62d2b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=3700458788663942794&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame DBF8
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=eigCtlPaorLRoO0WLkzKxaBkw
43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=eigCtlPaorLRoO0WLkzKxaBkw
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.38 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 04 Dec 2022 18:14:41 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Sun, 04 Dec 2022 18:14:41 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=eigCtlPaorLRoO0WLkzKxaBkw
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
um
sync.teads.tv/ Frame DBF8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=smartadserver&ssp_user_id=71c90ea8-9191-43c8-8e03-5d77a2350f23&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-42TPcC5E2pmSVKeeenFQFo2b3CuDnhAhPCMT0g--~A&expires=5
  • https://sync.teads.tv/um?eid=20&uid=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=&gdpr_consent=&us_privacy=
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=20&uid=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
23.73.13.34 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 04 Dec 2022 18:14:41 GMT
pragma
no-cache
date
Sun, 04 Dec 2022 18:14:41 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

Location
//sync.teads.tv/um?eid=20&uid=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 04 Dec 2022 18:14:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/ Frame DBF8
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8768743804732425733&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8768743804732425733&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
18.136.159.66 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8768743804732425733&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 04 Dec 2022 18:14:40 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cksync.php
contextual.media.net/ Frame 5AB1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LB9ONXBS-14-1QGN
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LB9ONXBS-14-1QGN
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LB9ONXBS-14-1QGN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 18:14:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 04 Dec 2022 18:14:40 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LB9ONXBS-14-1QGN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
usersync
usersync.gumgum.com/ Frame 3883
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=3700458788663942794
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=3700458788663942794
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:40 GMT
AN-X-Request-Uuid
9805c500-e212-48f5-928b-216a9d7d4913
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=3700458788663942794
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3883
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_53d487e6-51ea-4af5-9430-e2dcc473b07b&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4061835968315997971&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=2e000137-6586-4b0e-9d6d-a85959af6d31
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=2e000137-6586-4b0e-9d6d-a85959af6d31
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=2e000137-6586-4b0e-9d6d-a85959af6d31
Date
Sun, 04 Dec 2022 18:14:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 3883
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-3a8e2be3-e94c-47bf-7f19-fef28696e169$ip$116.90.74.202
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-3a8e2be3-e94c-47bf-7f19-fef28696e169$ip$116.90.74.202
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-3a8e2be3-e94c-47bf-7f19-fef28696e169$ip$116.90.74.202
Date
Sun, 04 Dec 2022 18:14:40 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 3883
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_53d487e6-51ea-4af5-9430-e2dcc473b07b&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=OvgR_4EtQ5tDcxetWQec&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2T3WM5JF6NCFORITK5CEMN4GK5CXKFSWG...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=OvgR_4EtQ5tDcxetWQec&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=OvgR_4EtQ5tDcxetWQec&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:41 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=OvgR_4EtQ5tDcxetWQec&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3883
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004&rndcb=4857944226
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=71c90ea8-9191-43c8-8e03-5d77a2350f23&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=2a45317c-0371-4c14-8686-e76856c89596&expires=1&user_group=5&ssp=adconductor&bsw_param=71c90ea8-9191-43c8-8e03-5d77a2350f23
  • https://sync.1rx.io/usersync/bidswitch/2e000137-6586-4b0e-9d6d-a85959af6d31?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:43 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
date
Sun, 04 Dec 2022 18:14:42 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2c4b84cfec024fef88c3dfde16766c73004
content-type
text/html
usersync
usersync.gumgum.com/ Frame 3883
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=t7wiqu805rRp&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=t7wiqu805rRp&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=t7wiqu805rRp&ev=1&pid=558355
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5d75dc9fb4-fqcfd
expires
-1
cookie-sync
sync.outbrain.com/ Frame 3883
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Wvxi5VHFMkH1dbSVjDkUpzjxhTEHQSyK34pDhNe82OjzP7rymmlu_u3jmqiIUPeH%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_53d487e6-51ea-4af5-9430-e2dcc473b07b&obuid=ENC(Wvxi5VHFMkH1dbSVjDkUpzjxhTEHQSyK34pDhNe82OjzP7rymmlu_u3jmqiIUPeH)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://creativecdn.com/cm-notify?pi=outbrain&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=MuyQSg9OpBV9E088Gb5u&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=MuyQSg9OpBV9E088Gb5u&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
66.225.223.191 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 18:14:42 GMT
Cache-Control
no-cache
X-TraceId
0ad031074aed44a79c86f2f0d0056056
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=MuyQSg9OpBV9E088Gb5u&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
pragma
no-cache
date
Sun, 04 Dec 2022 18:14:42 GMT, Sun, 04 Dec 2022 18:14:42 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3883
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=1489fad3-4661-4e6b-9c0f-6e29e41eece5
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=1489fad3-4661-4e6b-9c0f-6e29e41eece5
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 04 Dec 2022 18:14:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=1489fad3-4661-4e6b-9c0f-6e29e41eece5
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 3883
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-0nTlOVZE2pedGlttSDSHIscjK.c18PIzrUOW~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-0nTlOVZE2pedGlttSDSHIscjK.c18PIzrUOW~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 04 Dec 2022 18:14:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-0nTlOVZE2pedGlttSDSHIscjK.c18PIzrUOW~A
content-length
0
usersync
usersync.gumgum.com/ Frame 3883
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=3df363a0-e574-4426-8c75-2396d0dbc692
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=3df363a0-e574-4426-8c75-2396d0dbc692
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=3df363a0-e574-4426-8c75-2396d0dbc692
Date
Sun, 04 Dec 2022 18:14:41 GMT
Connection
keep-alive
X-CI-RTID
afc9cc79-3ab0-4c35-a6e8-55d936844f9f
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 3883 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:41 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
591003092
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 3883 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:41 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 3883
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=95cc9698-bce1-479b-a038-71378498afa2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=95cc9698-bce1-479b-a038-71378498afa2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=95cc9698-bce1-479b-a038-71378498afa2
access-control-allow-origin
*
date
Sun, 04 Dec 2022 18:14:42 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 3883
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8768743804732425733
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8768743804732425733
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8768743804732425733
date
Sun, 04 Dec 2022 18:14:41 GMT
content-length
0
sync
ads.servenobid.com/ Frame 3883 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_53d487e6-51ea-4af5-9430-e2dcc473b07b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 2661
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-ae56chnSFmRosxJyE9VPX5JXNIjgcWXAiZxhe2WIFw
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=inm&i=ID5-ae56chnSFmRosxJyE9VPX5JXNIjgcWXAiZxhe2WIFw
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 04 Dec 2022 18:14:42 GMT
Expires
0
Pragma
no-cache

Redirect headers

date
Sun, 04 Dec 2022 18:14:41 GMT
location
https://usersync.gumgum.com/usersync?b=inm&i=ID5-ae56chnSFmRosxJyE9VPX5JXNIjgcWXAiZxhe2WIFw
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 290F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=38589
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 18:14:40 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 05 Dec 2022 04:57:49 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 0CED
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=3ea8a45f-fb97-4242-9f77-edee9e665fde
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=3ea8a45f-fb97-4242-9f77-edee9e665fde
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 04 Dec 2022 18:14:40 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Sun, 04 Dec 2022 18:14:40 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=3ea8a45f-fb97-4242-9f77-edee9e665fde
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame A046
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 04 Dec 2022 18:14:40 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 04 Dec 2022 18:14:40 GMT
Expires
Sun, 04 Dec 2022 18:14:39 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master nrt-pixel-x15 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=daf4638c-e38e-4b00-8db6-4d838e163c4b&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame B18E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y4zjkAABhdNxYwAp
  • https://usersync.gumgum.com/usersync?b=atm&i=Y4zjkAABhdNxYwAp&gdpr=0&gdpr_consent=&_test=Y4zjkAABhdNxYwAp
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y4zjkAABhdNxYwAp&gdpr=0&gdpr_consent=&_test=Y4zjkAABhdNxYwAp
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 04 Dec 2022 18:14:40 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 04 Dec 2022 18:14:40 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y4zjkAABhdNxYwAp&gdpr=0&gdpr_consent=&_test=Y4zjkAABhdNxYwAp
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11263-MEL
x-timer
S1670177681.629106,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame C7F0 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV81M2Q0ODdlNi01MWVhLTRhZjUtOTQzMC1lMmRjYzQ3M2IwN2I=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 18:14:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame DF88 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.104.91 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 04 Dec 2022 18:14:40 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame FA8D
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y4zjj8Co8YUAACxoEI0AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y4zjj8Co8YUAACxoEI0AAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 04 Dec 2022 18:14:40 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 04 Dec 2022 18:14:40 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y4zjj8Co8YUAACxoEI0AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
165
X-SO-Cluster-ID
0
X-SO-HostName
m-ad304.dc4p.scaleout.jp
X-SO-IP
116.90.74.202
X-SO-Key
Y4zjj8Co8YUAACxoEI0AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.202","key":"Y4zjj8Co8YUAACxoEI0AAAAA","privacy_sensitive":false,"uid":"Y4zjj8Co8YUAACxoEI0AAAAA","upstream_id":"m-ad304"}
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-UID
Y4zjj8Co8YUAACxoEI0AAAAA
X-SO-Upstream-ID
m-ad304
usersync
usersync.gumgum.com/ Frame 24F8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y4zjjkds2i99yIN7uy-JFAAA%264759
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y4zjjkds2i99yIN7uy-JFAAA%264759
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 04 Dec 2022 18:14:40 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
774685e41c611c54-AKL
content-length
0
date
Sun, 04 Dec 2022 18:14:40 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y4zjjkds2i99yIN7uy-JFAAA%264759
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APDW3WRjJbKoGvwBHNfEv5hzD8xgw%2BzHPtR3iyWDdthWqbKSzdKlaHkdkTpGilun50lfYg2Oy2JlGX9EgezzLpOLa1rIowmDJqUOg9h%2BMeNaW%2FF11OCUlYA8dph72R0xzCDcizeMgQ2iTg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame B587
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=MuyQSg9OpBV9E088Gb5u&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=MuyQSg9OpBV9E088Gb5u&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 04 Dec 2022 18:14:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 04 Dec 2022 18:14:41 GMT Sun, 04 Dec 2022 18:14:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=MuyQSg9OpBV9E088Gb5u&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame B485
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 18:14:40 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 04 Dec 2022 18:14:40 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
activeview
pagead2.googlesyndication.com/pcs/ Frame A7D5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFZnANxsuJJbFu-jIVmD5bhHWBziQXH2WLPxh-b6C1kz7yh1vlGHITy5CXziUiNWOtlZQcI0t2Jp5L805kmAE_VPb_BPMJPFMFH7GNd25ytoeYFh4phSeob8kB930fiQNKlXI&sai=AMfl-YQp12NrqXMOE70xONdgBO58Tlf9rhMONFTRidPNNHRKMB7owANbSbJrU2GJeCkJSqwyGQ4_R2VsuDmAabdQ02t-uB1YEtpxPSH9299Ei_cc6tWfAyDjFPGSIvXqesU&sig=Cg0ArKJSzEs0sKwiCuq5EAE&cid=CAQSPADq26N9koUpTzMJ6Aa4fTdxcgyTFhjAkP2cux67g7zliHYo1uo_KvCZA6xWPBclf-R9cJFPdNZreWo92BgBIBM&id=lidar2&mcvt=1014&p=60,236,310,964&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670177676265&rpt=2672&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 2F8D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LB9ONXBS-14-1QGN
  • https://ads.servenobid.com/sync?pid=323&uid=LB9ONXBS-14-1QGN
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LB9ONXBS-14-1QGN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LB9ONXBS-14-1QGN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
sync
ads.servenobid.com/ Frame 961B 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=wxjVR2PtC_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 3E40 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2769677050538043&bg=!tbaltvLNAAbvMpMzzzI7ACkAdvg8Wjqm2jZPCm3cUSBNniVB-7a52nFy12ral2mvqflKekO5tpZIzgIAAABhUgAAAANoAQeZArnUf6eNjpWzIGXjMsM3lxtm1XkPV3occ97S3rKoM_LSDOF2IbwCgkhxShJwfXDO_GigD55YXHr5KN9BR5S9sP7dhluWpglLSd5GZS8aNRj7QQBgEPOveI_2NzdKJrjwQx1lCXsM1g_xOL_UK-RH3d9DhcksRalR6-pZNSK9iDuNUlhU4mQwwc8_2CgFZcjJ0ZK7jpJf6u2kNI9SvcS-3MFugGxP77VICrGpgyLcQ4R5yUZ1r9OrrH-S5mk72mmMueyl98M_TDEnIfIQHh1IWV4leE7qsL18OfHWdx1GtL58LeiLNnvYUZ9IyoBktl_YY9QVbpm-YcmEPpKOuoeX2PshOO3oljCU6DE_TZvD8Xk3c1-B8lRciY921DTXMem8grfzltq4nIzNJ-P2sPsKyhTVbzRiVDaZvK1m-bt3wE2TFmhKCr946okBTgsmvMQSv4jtRix5TqZen3OgKDw6W12Hl-XiNUl_kGoKFOxTPHlte-Z1CU46B5O1pD7WZNPlqaL6b3YZCTJ1bf1FXrhk93Fz8o3Mx7lByIGHta37lsbXUdwwboJm5x3EqaRafAfHrhoUOIAAY9hGzb9UYZrPaLaTpggHY66D4hfCwVDScCbX-kDqFEC23qwxTlh5fqVL96FAdxbEMWpqdP5IOzliqczeWLPxQXjVL7KlrhJUiUEL1t9EpLaymzHpFjzVoOUVvXb_aomw8OJXHBz9oPGuBhP6IGpvBKMpsNF4xK1L59BJ7EVZcc0TFxamiwPnnjddZ4WnoDIptjhj0LXkputFigKX_M5AOZ0RjJsvejB2eNBfiddy4GCH_kNKZs0nLGbj2RZP6d6MoHmFnu3SMYe7JIcFnuR1rqc1NVA0bagUbpqBXE4Tm0NiziC4EOndSRu_RpNxJfyGmq9G2reW3E5QFnAnMNpQ--C3aJBv
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame B485 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2dbe7465dd73540a103dc46209e8fd40dc8e2887d4d333c121c3dae4fd5e6afe

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:40 GMT
content-encoding
gzip
last-modified
Sun, 04 Dec 2022 05:18:58 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=39860
content-length
10067
expires
Mon, 05 Dec 2022 05:19:00 GMT
usersync
usersync.gumgum.com/ Frame B485
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LB9ONXBS-14-1QGN
  • https://usersync.gumgum.com/usersync?b=mag&i=LB9ONXBS-14-1QGN
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LB9ONXBS-14-1QGN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LB9ONXBS-14-1QGN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oebu0&_p=3931&cid=1833988877.1670177675&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1670177675&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&dt=%E8%8F%AF%E4%BD%97%E7%A9%80%E7%A5%9E%E9%86%AB%E6%8E%A1%E8%97%A5%20%E5%B1%B1%E6%B3%89%E5%AD%95%E8%82%B2%E5%A8%83%E5%A8%83%E9%AD%9A%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e17b02ed130a4e96b5cde96af00e85ee_cpn_120x600_1.jpg
static.criteo.net/design/dt/77429/221123/ Frame 865C 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/77429/221123/e17b02ed130a4e96b5cde96af00e85ee_cpn_120x600_1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
4de80c8730c0a0e08bc85a916ba0b42c755bf5f9c23987335b202af765d66f20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 23 Nov 2022 14:31:20 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"637e2eb8-7d2f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
32047
expires
Wed, 29 Nov 2023 18:14:41 GMT
/
asia.adform.net/serving/unload/ Frame C427 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://asia.adform.net/serving/unload/?version=15&unload=4061835968315997971@@56367626,375452873617540223,100|3099|0|0|0|0|0|0|0||121|1|||||1|0|0|V8acoBj0tXJcPlakbYq96cztiJKs8_Hj0iWgaw3DMbD6q6AezDbN2PL_QlhaeLlf0|||01||0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
SPug
simage4.pubmatic.com/AdServer/ Frame 0FB8 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 69D0 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54132026&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
53f72a1d76b38ce7950eacb206c4c4f8eb62b0582db3eba0d46685cbd56a2e9c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 18:14:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookie
cm.adform.net/ Frame 8416
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56...
  • https://prebid.a-mo.net/cchain/4/12688?gdpr=&gdpr_consent=&us_privacy=&A=95bd1ee5-36e1-4351-b30a-6e839ec99f56&bidder=pubmatic&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXp...
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99...
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 2259
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Oo4r4-lMR79_Gf7yhpbhaXRaSso
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=385bfe3b1a7c1b23&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALnO9crNjOwQM6_HdmAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

date
Sun, 04 Dec 2022 18:14:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 04 Dec 2022 18:14:44 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cookie
cm.adform.net/ Frame 08A4
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=LQYYmLcMADGsxhKEk-OMYw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56...
  • https://prebid.a-mo.net/cchain/4/12688?gdpr=&gdpr_consent=&us_privacy=&A=95bd1ee5-36e1-4351-b30a-6e839ec99f56&bidder=pubmatic&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXp...
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99...
0
0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 54D4 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 04 Dec 2022 18:14:43 GMT
Pragma
no-cache
Server
nginx
expires
-1
cm
ipac.ctnsnet.com/int/ Frame A63F 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 04 Dec 2022 18:14:42 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
ImgSync
image8.pubmatic.com/AdServer/ Frame B78B
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=a900f04cc4274ea6b5671e836b4b7c92
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3700458788663942794
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 04 Dec 2022 18:14:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 04 Dec 2022 18:14:45 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
pxd
dps.jp.cinarra.com/ Frame 1542 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.132.235 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Sun, 04 Dec 2022 18:14:43 GMT
cookie
cm.adform.net/ Frame 73D7
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Tdc03r9i1P1TvF5&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56...
  • https://prebid.a-mo.net/cchain/4/12688?gdpr=&gdpr_consent=&us_privacy=&A=95bd1ee5-36e1-4351-b30a-6e839ec99f56&bidder=pubmatic&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXp...
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3CD1
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1508%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=4058437249
  • https://sync.1rx.io/usersync3/appnexus/1508/3700458788663942794?zcc=0&sspret=1&rndcb=4058437249
  • https://sync.targeting.unrulymedia.com/csync/RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
42 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 18:14:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Sun, 04 Dec 2022 18:14:43 GMT
etag
RX2c4b84cfec024fef88c3dfde16766c73004
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
bridge
cm.adgrx.com/ Frame 659D 		0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.14.27 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
date
Sun, 04 Dec 2022 18:14:43 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1c-delivery-3
141
match.deepintent.com/usersync/ Frame 54C6 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Sun, 04 Dec 2022 18:14:42 GMT
server
a
i.match
s.tribalfusion.com/z/ Frame 3F6B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.173 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
774685f89a96fb94-AKL
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 18:14:43 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
774685f6ca1efb94-AKL
content-type
text/html
date
Sun, 04 Dec 2022 18:14:43 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
556
cookiesync
core.iprom.net/ Frame 280B 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 04 Dec 2022 18:14:44 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-7e67f6fe207e@version_1.531
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 81F2
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 04 Dec 2022 18:14:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 04 Dec 2022 18:14:44 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
_
ImgSync
image8.pubmatic.com/AdServer/ Frame 2166
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:1C34F62AA6CB4E31B8567C765B368ED8&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=48a1af0fb230226f&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMO73GepsLDQMI6YRNAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

date
Sun, 04 Dec 2022 18:14:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 04 Dec 2022 18:14:44 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cksync.php
contextual.media.net/ Frame C7A2 		45 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3131792787444237000V10&type=pba&refUrl=&vid=01776786713131792787444237000V10&ovsid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Sun, 04 Dec 2022 18:14:42 GMT
expires
Sun, 04 Dec 2022 18:14:42 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
info2
uipglob.semasio.net/pubmatic/1/ Frame 69D0
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
HTTP/1.1
Server
119.9.108.191 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:42 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:42 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 69D0
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Server
46.137.212.121 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.7.163
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:43 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.9.126
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 69D0
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8700f9b8-eabc-43bd-848e-c6d58f04707b%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3ea8a45f-fb97-4242-9f77-edee9e665fde&ttd_puid=8700f9b8-eabc-43bd-848e-c6d58f04707b%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3ea8a45f-fb97-4242-9f77-edee9e665fde&ttd_puid=8700f9b8-eabc-43bd-848e-c6d58f04707b%2C
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H3
Server
107.178.244.193 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3ea8a45f-fb97-4242-9f77-edee9e665fde&ttd_puid=8700f9b8-eabc-43bd-848e-c6d58f04707b%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
ImgSync
image8.pubmatic.com/AdServer/ Frame 69D0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=2a45317c-0371-4c14-8686-e76856c89596&expires=1&user_group=5&ssp=pubmatic&bsw_param=2e000137-6586-4b0e-9d6d-a85959af6d31
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2e000137-6586-4b0e-9d6d-a85959af6d31&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5cca5054f5c120c4&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALpApZ94ck8AMj1-WjAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 04 Dec 2022 18:14:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 69D0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5e2f04a8729020c4&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJpBgqPSO9XANVh4nfAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 04 Dec 2022 18:14:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 69D0
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=10fb18e4222c20b0&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALnO9crNjOiwMH8gSaAAAAAAA&expiration=1670264083&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&...
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALnO9crNjOiwMH8gSaAAAAAAA&expiration=1670264083&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 18:14:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 18:14:43 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALnO9crNjOiwMH8gSaAAAAAAA&expiration=1670264083&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cookie
cm.adform.net/ Frame 69D0
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3700458788663942794
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56...
  • https://prebid.a-mo.net/cchain/4/12688?gdpr=&gdpr_consent=&us_privacy=&A=95bd1ee5-36e1-4351-b30a-6e839ec99f56&bidder=pubmatic&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXp...
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99...
0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 290F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55537329&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
8f504be511c4e8c8048a00a4ab5892b940c2d32cc29a063dabd3b4a859c0dd20

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 04 Dec 2022 18:14:43 GMT
content-length
1649
content-type
text/html; charset=UTF-8
ImgSync
image8.pubmatic.com/AdServer/ Frame 37FD
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1296d98c03621b23&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALnO9crNjOuANDwDO5AAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

date
Sun, 04 Dec 2022 18:14:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 04 Dec 2022 18:14:44 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 290F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8874452989154502422&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1239ffdcd8141b23&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALnO9crNjOvgMyENYWAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 04 Dec 2022 18:14:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame D12D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Oo4r4-lMR79_Gf7yhpbhaXRaSso
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=ec2f76cc7631b23&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMO73GepsLDgM2uVtxAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

date
Sun, 04 Dec 2022 18:14:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 04 Dec 2022 18:14:44 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 40AA
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=oTummR-WCSayzy5yk-OMYw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2fbbe67124d820b0&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALpApZ94ck5QM8p1MEAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

date
Sun, 04 Dec 2022 18:14:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 04 Dec 2022 18:14:44 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 995A 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 04 Dec 2022 18:14:44 GMT
Pragma
no-cache
Server
nginx
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 290F
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5cde6196d887226f&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJpBgqPSO9LQMORxT9AAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3700458788663942794
42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3700458788663942794
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 18:14:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 18:14:45 GMT
AN-X-Request-Uuid
fb4040b8-1de4-4a8a-86ca-b166ad87dc8d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3700458788663942794
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 290F
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3700458788663942794
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3700458788663942794
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:45 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 04 Dec 2022 18:14:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cm
ipac.ctnsnet.com/int/ Frame 1FC2 		43 B
62 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 04 Dec 2022 18:14:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
ImgSync
image8.pubmatic.com/AdServer/ Frame 80A5
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=99bf46fa287041a3b5475144050e62be
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7db1d72b24eb226f&is_secure=true&networkId=17100&version=1&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALpApZ94ck8QMSNWErAAAAAAA&expiration=1670264084&nuid=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 04 Dec 2022 18:14:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 04 Dec 2022 18:14:45 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
pxd
dps.jp.cinarra.com/ Frame 0288 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.132.235 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Sun, 04 Dec 2022 18:14:43 GMT
usersync
usersync.gumgum.com/ Frame C172 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 04 Dec 2022 18:14:43 GMT
Expires
0
Pragma
no-cache
all
csm.as.criteo.net/ Frame F43C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=Ak0JgxxTWef3-gbVv5jyIeNbegGGNXOBjvNbT4FYLaajgEpbmN1VDPWcMughMseXCCpAE6qP-rDx_0b8yrNIv6kZDPbEdZiyh8kaDpRCaee6NqyYONaOVWnaRH-2lWRZRP4kNnn-NtRFqWNbVCoVovfjuLzBJtjG17YwLWXY02OFpqKS-v-F1jgQq09oVQwtk9osXTPBmLWnZ8Si4nVg1r8ns3Q_IsDDdc-v8eKcHRYQvFp3Do0u9mQMqmontBOEODNBaXz6GRMWCQrf&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiAAMYXYKaGmDAAD7ZFJ5UuxoiBcgqX65tQ&u=%7CCxVbjwGQUVJvcTjsZaJDqErrdNkmBBmZInW5zEy62L4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u5674SdndBUm4PD7td3GaprmbRsXE9SpvDepKYMMUTGkVSdxeFX35egc1PppAh9ywvDtrljhs35pvbsLwO-L3i1PbLNVE60RC5vHrkxsuVDgz3Fgul6z9_gBsDyD2Z4bnf0zlpbSUfsDNLA93mMmIiN68hDleNQc8tBnHt1CqxYYswol7mSjePqAghCIv2pM5AWcbETs6c2YBfpwnZW3qxil61ElxIROl_m__VpaQt1UNUD8GJaUiKbiWlT8oBtZW3PS4pX5NYnB3EkqxsuO7FjCN9jDoGocapowuOi1FK_PhzsBauvAeLM_jyiDr6jIiXAjVPqusQjFN80GWYxVxE6E-DFNHQt9ocki_xacg5MqwwkZRFyzxkT3ma_haYk67kIqcEcY0zOohYuIQ8wbr634KslTpmrN7mFwfAtJikWtSZiwR1sO-kgNJvrOYqoOoTJPEp9JzVIKnKOU6CQOfoGci4hdG8nf6fmc8eNmvFB0_hJKxK3bMUhAZMKI96vHLt-CyY_ZE0RAy8XE98Fx5yp0qrM7M4qGeKajNJPiIzXW6Z9nUNpY5vFv1-l7xCpgN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsB86iOOMY_bCMYPToQPk9oPQAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAk76NJfHyKY-qAMBqgT2AU_QAJjVYE16KTqNxH7CJEnYXuuD2TVsmOU1bzGBSr4UKrUweiXsYsb-NkuPveykQP4c_FJU12gWQ1-dtKjuzCZcL347Y6sALHGE4-nnhOjjT6a3MkeTUB2iTyKli21pQCVnMnkx4258jp8S_W52EdUucJQojRZE0oLePrdmKn6VXZKg3vJx30hHcaI0tCKq0AQP7tOkXCMcGKJTuDITcO_lriVZEdIvXpXJKHIxpGRCnynruPoCvWfZ072Q0w78kld3qYFCdyZwMUv0p2s9K-ZbE2auHzhpdAXyxGMT_gnj6VzMxyGUxgdPh0zb91m2m9G8-5-9kYAGmKKc0-2nnt0joAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1xQlMXvzVhqHqfe2bZdFJvZAnzCg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Dec 2022 18:14:43 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 69D0 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3131792787444237000V10%26type%3Dpba%26refUrl%3D%26vid%3D01776786713131792787444237000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
all
csm.as.criteo.net/ Frame 865C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=xAxCOnQ0ehJG8olT9-YhL9DiGvuUa3lXjPzME5GyOtN-XsXwCOcKOl1XUIXL1rYG3kX8IkWBNVgSWDl1FHaX5ox6Y7UgcQeND87bmdH1OC3gnsi06tUXzpo0DW8FMvb1ZXLa-nDy0bFT0IR06Anv3YwrDujsFV6sHxJ_qYcmbckAk5pJKC5noP8DYuAUaNAqTWHG3DBLWvdsGSlCB-Vp1ntdMYBfJdf8pjRdy-_HOyIvFpeyVJEPIpokHMfye9VJtcQwTQ&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y4zjiwAJwdIK1SNhAANV4OlzdeDQ0ThBggz3AA&u=%7CjblWTFGEN74fkMUYgH%2FPsxfejqZtlYrHgOYpmV3B3U0%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40rg6vS6mnmCETFvMeMoktCgf4uukYaS2dW4p8-HqjawXKAzqSy0i6q8oWM5_0KofzFWUv8zzBaCQ0fqH79kL4Vn_iX9-4_FUtGy3v3kb0D6P8UmnXe7JMyNHG9uejt-AQfNDBIP63k2JGD9UR-l4xRj9aOi21R5c3tlNCNBBMHHziCMvneKTCLN3P_DqTIk_QZmwM0T_kAZnrDSqPUCz6Mg3Z2s-rQLz6KuMaGrKWRVygzF0RplL8YwVh_k86_hS-hTl4k3sWnwuKnfYlkjiJhl5868u6KL6nU8dpRAiMAkIpZ4sP7qLA3xxr_gWEjcIg-CCDbGfzb4XMSVERvdxdvSgQv7EZpqjNe9OJmuL_KoDqdkjo386rMoV1B2KIgqJLICfNV24MzONlwy1IEjkmDyyfxzjfDHRzGI8KGa0xKmpu0bR94-ks0Z7ApPlzBQ1NumqRqp6S8GL1Fh8mz8dYpSlh3R8FWiRiGpAV4gT5fVXD1UOe2IoTUK3MwQ7ZPSu3fv5NH7qfFC3GubtQ3OQIO5YY4nQEfNz6OlUADb1U1j1TUvS0xtQZubfZLlSXz1HP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbtRZi-OMY9KDJ-HG1Abgq424CZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAk76NJfHyKY-4AIAqAMBqgSYAk_Qq-dNSlexuQQtRDWSlGQ8hChR-5Z79ToRnYZGLZgcncdQGI_r2LcCC5bF4r6wDbnF2_ZUao-kln6UOxwAJhMSZXnhXQW5QxO9o6EBI8dl-QZt4PUJjYjs9NfbsztX2QPgUw3r5Z8Q2ncu1U5uvSnLkKdN-D5EMDVx45KV_cpFUN5QPVen1G-pdpwp0gEMBmapwJjbFkkcbJd0llLa_JZNm9ihOFuGJhoTKhB6_rYjdNn2OyXYhE1TSpxDt8FOWBx4v8bXkGxhNX0DtBdWQ8X3tng0Q8RpjE28HjRkds1IVPXrmYX5gH_KXTzC8rHjPkMSW3970e2LMr_d02Xk6SkXwOzWQ2eNMpXt536q9XZu1oNokQ63IwjgBAGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31ACApmD5QQKvaXhsQVZi0kzmHwA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Dec 2022 18:14:44 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 290F 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 18:14:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=1&gdpr_consent=&us_privacy=1YN-&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYQASIEMVlOLSrtAWh0dHBzOi8vcHJlYmlkLmEtbW8ubmV0L2NjaGFpbi8wLzI4NDM0P2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9MVlOLSZBPTk1YmQxZWU1LTM2ZTEtNDM1MS1iMzBhLTZlODM5ZWM5OWY1NiZiaWRkZXI9emV0YSZjYng9YUhSMGNITTZMeTloWkhNdWMyVnlkbVZ1YjJKcFpDNWpiMjB2YzNsdVl6OXdhV1E5TXpJM0puVnBaRDAlM0QmdWlkPXVhLTBjNWE3OTgwLWE5MjctM2UyNC1hZGEzLWRlMDAxZWEyZTA4NjICEho4AQ==
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D%24UID
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D%24UID
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D%24UID
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F12688%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95bd1ee5-36e1-4351-b30a-6e839ec99f56%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D%24UID

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| oncontentvisibilityautostatechange object| adpushup object| ucfad_async object| ucf object| request string| paramsString object| AMP object| adRecover object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| google_reactive_ads_global_state undefined| $ undefined| jQuery function| jqAlias number| ampAdSlotIdCounter string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| ggeac object| google_tag_data object| google_js_reporting_queue object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo boolean| noPreviewPage object| dataLayer function| gtag undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| quantserve function| __qc object| ezt object| _qoptions object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

118 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQv8rj8s0wCgoIgQIQv8rj8s0wCgoI4gEQv8rj8s0wCgoI5gEQv8rj8s0wCgoIhwIQv8rj8s0wCgkICRC_yuPyzTAKCQg6EL_K4_LNMAoKCIwCEL_K4_LNMAoJCF8Qv8rj8s0wCgkIHxC_yuPyzTA=
.aralego.com/ Name: sspid
Value: 68f51386-dc42-344a-be53-ce4f52f4068c
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: 6e29430e-377e-45f0-b690-fd7af8ff3a0a
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 301861fa-c7f3-49ca-a1a2-b62c4869de5e
.doubleclick.net/ Name: IDE
Value: AHWqTUm_ZGrpW5EDey7WnL2KeR-grZv_j0ixTvJAQrBNAMMd_nrELn2B5OUK219Rd18
.adpushup.com/ Name: ap_uid
Value: 80d57181-73ff-11ed-8ff9-6045bd220379
.adpushup.com/ Name: ap_usid
Value: 80d57182-73ff-11ed-8ff9-6045bd220379
.openx.net/ Name: i
Value: 301861fa-c7f3-49ca-a1a2-b62c4869de5e|1670177673
.omnitagjs.com/ Name: ayl_visitor
Value: c4f40da6ee3ef8b941b3a571c544ffe3
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwiseznAY4AUABSAEQiseznAYYAA..
.adnxs.com/ Name: uuid2
Value: 3700458788663942794
.teads.tv/ Name: tt_viewer
Value: 62ee5573-4801-4185-bf67-573205a956bf
.adform.net/ Name: C
Value: 1
.rubiconproject.com/ Name: khaos
Value: LB9ONXBS-14-1QGN
.bg3.co/ Name: __gpi
Value: UID=00000b89ad6384dc:T=1670177675:RT=1670177675:S=ALNI_Mb8nlgVfrUUGy9ymcF4h6wYQNOZ-w
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1670177675.1.0.1670177675.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1833988877.1670177675
.adform.net/ Name: uid
Value: 4061835968315997971
.adform.net/ Name: TPC
Value: 1670177675861
.bg3.co/ Name: __gads
Value: ID=b995c848cfabdfa1-22383548bed8002c:T=1670177675:S=ALNI_MYpTwV_QrvzArqLS1S5kX4MVpOfJw
.quantserve.com/ Name: mc
Value: 638ce38c-d8480-df2eb-84a66
.bg3.co/ Name: __qca
Value: P0-269279033-1670177675515
.adingo.jp/ Name: ID
Value: dc800114418eeeea635954311d0cf3bb
.yahoo.co.jp/ Name: XA
Value: 94h942thoposc&sd=B&t=1670177676&u=1670177676&v=1
.yahoo.co.jp/ Name: XB
Value: 94h942thoposc&b=3&s=m5
.send.microad.jp/ Name: TR
Value: 397a2c813c0af53d3dccfde287e1904e0e56f3e4d7b8a9b1
.fout.jp/ Name: uid
Value: KcPyqtnf6baqj9piVsK9mdX_0H4
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
.uuidksinc.net/ Name: jcsuuid
Value: siCbBKRnpbsVOsrE1hpN
.adsrvr.org/ Name: TDID
Value: 3ea8a45f-fb97-4242-9f77-edee9e665fde
.turn.com/ Name: uid
Value: 8874452989154502422
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%223ea8a45f-fb97-4242-9f77-edee9e665fde%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-04T18%3A14%3A37%22%7D
.openx.net/ Name: pd
Value: v2|1670177678|jElYiuvOiahI
.mathtag.com/ Name: uuid
Value: daf4638c-e38e-4b00-8db6-4d838e163c4b
.mathtag.com/ Name: mt_mop
Value: 4:1670177678
.doubleclick.net/ Name: DSID
Value: NO_DATA
.yandex.ru/ Name: yuidss
Value: 9400760531670177678
.yandex.ru/ Name: yandexuid
Value: 9400760531670177678
.3lift.com/ Name: tluid
Value: 368631328786926844669
.openx.net/ Name: univ_id
Value: 537072971|3ea8a45f-fb97-4242-9f77-edee9e665fde|1670177678455142
.media.net/ Name: visitor-id
Value: 3131792787444237000V10
.casalemedia.com/ Name: CMID
Value: Y4zjjkds2i99yIN7uy-JFAAA
.casalemedia.com/ Name: CMPS
Value: 4759
.casalemedia.com/ Name: CMPRO
Value: 4759
.ladsp.com/ Name: cr
Value: 1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjcwMTc3Njc4fQ
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004%22%7D
.media.net/ Name: data-mm
Value: daf4638c-e38e-4b00-8db6-4d838e163c4b~~8
.media.net/ Name: data-a
Value: 3700458788663942794~~8
.ladsp.com/ Name: smn_uid
Value: KIBoBbcocR-76c_ESx2MYw8d5myuaTw
.ladsp.com/ Name: lum
Value: CInO4_LNMBIFCAMQ0AU
.bg3.co/ Name: cto_bundle
Value: dbRNzF9jdXpaNXZBSjJSJTJCZzlYeGVvb211SFJaVDhYOG81TUlUcXhLMDdLbFNRWSUyRkhJMm9mTmlFZHhUb2xwJTJGYSUyQkxYRDJjOGZwT2pZaUxSYiUyQkg0ZUpPSzJ6Q2ZlSnlZd0Roam96YjFUVzBRemFsZGMlM0Q
.bg3.co/ Name: cto_bidid
Value: 9aCi4l8lMkJzWjlseVZ1ZEVkcEtjU01jYWVTTm1hMU9FZmZicE9rZ2hxdkV6M2tkNHFIS0hiQm1yc1pLZVlpb2UyQ3FHJTJGMmhORXdudmw5dkQ4dFNEazhFMHdqN1ElM0QlM0Q
.media.net/ Name: data-o
Value: 2b98373c-c574-4cdd-983b-00aa9ea17f7f~~8
.prebid.a-mo.net/ Name: _sv3_10
Value: 1
.a-mo.net/ Name: amuid2
Value: 95bd1ee5-36e1-4351-b30a-6e839ec99f56
.prebid.a-mo.net/ Name: sd_amuid2
Value: 95bd1ee5-36e1-4351-b30a-6e839ec99f56
.criteo.com/ Name: uid
Value: 1b21b56d-c1a1-4a1f-8780-aef1ae259053
.ads.pubmatic.com/ Name: KCCH
Value: YES
.linkedin.com/ Name: li_sugr
Value: d3784b89-8532-493d-b74b-278a5bc9d2eb
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&08db23b2-6466-4802-85d4-1fb6b56c3c62"
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2782:u=1:x=1:i=1670177679:t=1670264079:v=2:sig=AQGNemj_a4KThrgnEHViDweqpKhNgfCT"
.rlcdn.com/ Name: rlas3
Value: ll7eaB+I4hQq5EOuAh4Sd53QiEecZtxLMVauJbfQ31k=
.w55c.net/ Name: wfivefivec
Value: Tdc03r9i1P1TvF5
.media.net/ Name: data-c
Value: 1b21b56d-c1a1-4a1f-8780-aef1ae259053~~1
.media.net/ Name: data-c-ts
Value: 1670177679
.pubmatic.com/ Name: DPSync3
Value: 1671321600%3A201_197%7C1670716800%3A164%7C1670198400%3A174
.media.net/ Name: data-g
Value: CAESEObxUmh_eNTiRFUJI8vXuzI~~8
.socdm.com/ Name: SOC
Value: Y4zjj8Co8YUAACxoEI0AAAAA
.bing.com/ Name: MUID
Value: 1DEE84A142BC6DF0066796D1432C6CB3
.c.bing.com/ Name: MR
Value: 0
.bidswitch.net/ Name: c
Value: 1670177679
.servenobid.com/ Name: pid_312
Value: 3700458788663942794
.w55c.net/ Name: matchmedianet
Value: 5
.smartadserver.com/ Name: pid
Value: 8768743804732425733
.gumgum.com/ Name: vst
Value: a_53d487e6-51ea-4af5-9430-e2dcc473b07b
.lijit.com/ Name: ljt_reader
Value: FwtGDLZH9CmTBwadRIG9QCOx
.quantserve.com/ Name: d
Value: EKIBDgHdJ4EO-TA
.minutemedia-prebid.com/ Name: wrvUserID
Value: wxjVR2PtC_mm
.yahoo.com/ Name: A3
Value: d=AQABBI_jjGMCEMQcxP4GOS5Kv2cSEyXw7Q8FEgEBAQE1jmOWYwAAAAAA_eMAAA&S=AQAAAvvCWudvg2ySnofY79nh6Wg
.rlcdn.com/ Name: pxrc
Value: CI/Hs5wGEgUI6AcQABIFCOhHEAASBgjtuSsQAA==
.media.net/ Name: data-ttd
Value: 3ea8a45f-fb97-4242-9f77-edee9e665fde~~1
.servenobid.com/ Name: pid_333
Value: Y4zjjkds2i99yIN7uy_JFAAAEpcAAAIB
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjIwtDAyMbU0MzYyNjIwNjYyNxDiM9QNy0m2NPJzKixw9SoFAFD7eS0lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjIwtDAyMbU0MzYyNjIwNjYyNxDiM9QNy0m2NPJzKixw9SoFAFD7eS0lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZm5gaG5uZm5paWwOAJRNoLoQAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y4zjjwABhgRkMgAp
.media.net/ Name: data-xu
Value: Tdc03r9i1P1TvF5~~8
.servenobid.com/ Name: pid_316
Value: 0BE830E5-DD26-4BF8-BE6F-D966484FB7A9
.casalemedia.com/ Name: CMTS
Value: 5006
.pubmatic.com/ Name: SyncRTB3
Value: 1671321600%3A71_54_22_8_56_3_21_247_220_13_7
.pubmatic.com/ Name: ipc
Value: 159706^https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID^2^0
.pubmatic.com/ Name: pi
Value: 159706:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIotTY_q2LqzsQBRIWCgdzdng5dDUwEgsIkLfIia6LqzsQBRIXCghwdWJtYXRpYxILCKqU15Kui6s7EAUYASABKAIyCwjSkqXDxIurOxAFOAFaB3Z3Nml5cm5gAg..
.media.net/ Name: data-rk
Value: 2018245963232033260~~8
.media.net/ Name: data-r1
Value: RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004~~8
.servenobid.com/ Name: pid_317
Value: 8768743804732425733
.onetag-sys.com/ Name: OTP
Value: dOQij7Rf72-3zBblX2Rw4iyJVcOoMWHnfh8N8aWpfw8
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2c4b84cf-ec02-4fef-88c3-dfde16766c73-004%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.bidr.io/ Name: checkForPermission
Value: ok
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~28nu:194o~28nu"
.adsymptotic.com/ Name: U
Value: 202d55cccf644ad9b51ba3a5272add37
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMKuArNONKkt33Xrd8oPN4aCcT7C6NTbijS7qkQXGsm6ditzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.bidswitch.net/ Name: tuuid
Value: 2e000137-6586-4b0e-9d6d-a85959af6d31
.bidswitch.net/ Name: tuuid_lu
Value: 1670177680
.media.net/ Name: data-r
Value: LB9ONXBS-14-1QGN~~1
.servenobid.com/ Name: pid_348
Value: wxjVR2PtC_mm
.servenobid.com/ Name: pid_337
Value: y-soI6jhVE2uETpDo3u.pklSiZHdv.VuVcvdyhnRM-~A
.amazon-adsystem.com/ Name: ad-id
Value: A_17bg334kMGvsGcDtTPV-w|t
.ambientdsp.com/ Name: _aGeoIp
Value: NZ-Auckland
.ambientdsp.com/ Name: _aUID
Value: y2a7kzj33yy
.servenobid.com/ Name: pid_324
Value: 2018245963232033270

27 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202106/4eac425849d763bfb1a39d41a7528fa2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/40facc546a1e990c621627200b6c9d8a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/aacf8f086c760aa7466434b4b9bed4ef.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/d135e03e834c8adacbda67302fb6a13b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202206/a8afac1ba0c24b16646ddd719427619f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/b4d131f406950b72ef791515c1555911.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/7ddc017281b952abcb6fbbff4ce3c76f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/8eadaaaeba62620686b62a14ab61a0db.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/a73c14cd09d0c8e890e8f159f84089d4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/9d01266bdc37e76f2caf4a843ef28d8b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202104/0a0de8769dd744c6476d9dfbd5efd8ef.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/b50d3677c379b8c95a1386d41d992b11.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/baf54d872106f347a0bf476292460863.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/626045907fbbe78e4d97d2cb38798866.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/b03ab2a5d36006b92913982845e7b765.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/cf9c429bf478cce978c710e685583c03.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202110/f8e1ec2c24335c70d4e83c2f8a157255.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202110/504dc3559b51b81aa3f4a3dfcea4522f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/85ae1158ea36f4c8cdf2060b7dc6b935.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202111/7466f9224b7be4a5c08872c6e6837640.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202112/fdc24baede2eb32cb964bd23ef4a539e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/f4588fb031314b282a6962f4ee0c670f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202203/483e9ce8aaa3552c93446dab39418cf9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670177672&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhua-tuo-gu-shen-yi-cai-yao-shan-quan-yun-yu-wa-wa-yu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670177670444&bpp=13&bdt=1912&idt=1671&shv=r20221110&mjsv=m202211150101&ptt=5&saldr=sa&correlator=7556808221017&frm=23&ife=1&pv=2&ga_vid=58647860.1670177672&ga_sid=1670177672&ga_hid=704215445&ga_fc=0&ga_cid=amp-N-iFY2TlSrFrOKvn2v4WgA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2728&biw=1600&bih=1200&isw=336&ish=280&ifk=2645147040&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44769305&oid=2&pvsid=1260793036798672&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.entewpu2fqze&btvi=1&fsb=1&dtd=1688
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvaHVhLXR1by1ndS1zaGVuLXlpLWNhaS15YW8tc2hhbi1xdWFuLXl1bi15dS13YS13YS15dS5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEMnpGljeJLf4e8AzO8brwlI&google_cver=1&google_push=ASkJ3FZYQ0AD6IukwzCQpSpV24O3Xsn-Ly50OshHESTk3fA7856lm3N1MFKnq1wj0I3TE_LKO4bqUnwfiULOy-xCdbKQNtqF72C7IuCFgWqbMFsVYPNQYf0LONXgFuVMDmYFryKdLtci6WGsOwyTPzRsLSTy
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/11683254097880138339/ad.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

781a1f482e95e08681cadbc88556adb5.safeframe.googlesyndication.com
9729d5087ff818b0b79a62ce4bdbce37.safeframe.googlesyndication.com
a.audrte.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
adservice.google.co.nz
adservice.google.com
aid.send.microad.jp
an.yandex.ru
ap.lijit.com
aplogger.adpushup.com
asia.adform.net
b1-sindc1.zemanta.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
campaign.adpushup.com
cat.sg1.as.criteo.com
cc.adingo.jp
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cksync.yahoo.co.jp
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
csync.loopme.me
d-7704976793518555037.ampproject.net
delivery.adrecover.com
dis.criteo.com
dps.jp.cinarra.com
dsp.nrich.ai
dsum-sec.casalemedia.com
e2dd83f92ede647e34b862d5f3015f49.safeframe.googlesyndication.com
e3.adpushup.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gocm.c.appier.net
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.turn.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s2.adform.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.ad-stir.com
sync.aralego.com
sync.crwdcntrl.net
sync.fout.jp
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cm.adform.net
image8.pubmatic.com
sync.go.sonobi.com
103.229.10.247
103.229.205.243
103.231.98.194
103.231.98.197
104.16.85.20
104.17.25.14
104.18.102.194
104.18.24.173
104.18.33.19
104.18.36.94
104.254.151.36
104.254.151.69
104.26.5.103
104.83.196.24
104.83.197.63
107.178.244.193
107.178.254.65
119.9.108.191
124.146.215.50
13.107.21.200
13.107.42.14
13.114.67.130
13.115.132.235
13.33.33.127
13.33.88.32
13.33.88.48
13.76.45.37
139.162.58.205
139.5.84.243
142.250.4.97
142.251.10.139
142.251.10.156
142.251.12.155
142.251.12.157
145.40.88.5
150.136.25.38
151.101.1.108
151.101.130.49
152.199.39.108
162.19.138.83
172.217.194.101
172.217.194.147
172.253.118.100
172.253.118.132
172.64.154.237
172.67.72.16
18.136.159.66
18.138.18.111
18.139.36.230
18.155.68.41
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
182.22.31.252
184.25.248.23
184.31.5.52
185.184.8.90
185.84.60.23
185.84.60.57
195.5.165.20
198.8.71.131
20.127.253.7
202.131.200.84
202.232.238.37
202.233.84.1
209.191.163.208
209.191.163.209
209.58.171.197
23.106.127.38
23.106.127.52
23.106.127.53
23.108.101.160
23.44.0.196
23.73.13.201
23.73.13.34
3.1.14.27
3.126.154.37
3.92.104.91
31.220.27.135
34.102.253.54
34.107.148.139
34.200.120.154
34.83.125.63
34.98.64.218
34.98.67.3
35.172.92.2
35.186.193.173
35.190.60.146
35.213.117.18
35.213.12.39
35.213.93.179
35.214.223.115
35.227.202.26
35.244.159.8
35.77.144.188
38.91.45.7
42.99.140.144
42.99.140.170
42.99.140.200
46.137.212.121
50.116.239.135
51.68.39.188
51.79.234.101
52.183.162.69
52.198.52.64
52.223.2.229
52.223.40.198
52.32.7.184
52.46.130.91
52.74.13.196
52.95.125.22
54.151.240.183
54.199.9.21
54.237.254.37
54.238.104.137
54.238.120.71
54.254.167.239
54.255.4.206
54.75.59.39
64.120.88.131
65.8.66.24
66.225.223.191
67.199.150.81
67.199.150.85
67.199.150.86
69.16.175.10
69.173.144.139
69.173.151.100
69.173.158.64
69.173.158.65
70.42.32.127
74.118.186.44
74.125.130.155
74.125.200.155
74.125.24.132
74.125.24.155
74.125.24.94
74.125.24.95
74.125.68.156
74.125.68.94
74.214.196.131
84.17.37.44
87.250.250.90
89.207.22.108
0025aa08addc9008f9be153b8ed1569e0c74eb55b9d28e865d3a7be7c837a618
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
024641dad2df6d9972c954d4cc90a62b8b41ef0678a5ec243096ecdb5ed47f70
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
0393b569a5017b539700e1ffc461021ddf1cd87fb20453c39c42c246625fdc08
04d5cb4a5d092402cc0bc9b999c4cbfc01d1fd895bcfdfc36747668ab967a1c0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06c6d940b5267ccc8c4502c2a9d4c4ac82e68bc7c9e7519b0e2fcaa973c339d2
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19b079c04b65c654a9d41165e57e8d55216331ce8008edd25958e383a30f2160
1b847bd9136c5d6ec835ff06b01c3ffa1c64ca8cdfed5af31db6118082055d78
1bd5b76c27f14dcf178807f6a204ab8b42e21cb46f736d6b4b07ffad2f2d8b4b
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1f87ba80d5116f9c61731ecf915a813d8d29cf03c48d3ffea68360fc372a02ce
1f9589bc9008fdf8ecef5ed384fd2288ded96290a3e85ba340dc41354565f03c
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00
27b7c48c85913ebde0737def5188024fc06ed84a84f11e37c5f90c123b02088a
29685361313686d0c22606aa8b69480617206cc3c84b4bdc77cb3376773b9c61
2ac39c403e5813da1d9513b8b139667c4550c7cb82db4ebf3c9b4f0745f96f7f
2cca407391ab15efb011c3f537055f380b288270d071e54e057d908e39350223
2dbe7465dd73540a103dc46209e8fd40dc8e2887d4d333c121c3dae4fd5e6afe
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ac8767cea18f1e30a3802d1b14b2a416023ad85e042ece628494b8c077e8dc
321e39ddeed6917973425fc21189e51b459379ec61eab959a3858a4215a7a839
326876f5fc6840b5cedf84df6c1f4731c1c90341ebf7556e6e1f2f1ec3c24a32
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34f4914936c44fb25997c33a6ba9a1c0ba0566b2c0178da9245228e4c91e3194
363b7808e7bcdb212b6c9c0d08d31ef22a2128168459bcbc9e3e834a2214e7ae
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
398b6ad3f27000beaa3dc741a62da981e585b46f9bb3f0c9de11cf08c7f9e30d
3d2a95f8eb067d178bb65e3879342dae9e84446893ba2456efa761f5a9f50c54
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41112c6a967d8bd529244b94e0c117b2ae2827c419261826bb8ac5b590466945
430f033ca0fe86a158a657438d6cb42f04131f8e1022b67507da59508b7b986b
44c9bf74943ff5bd8bb37d5a2580e9430b7ecb859141dabb2ab68743e4188ad7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4700d29fdf505171824ab0d136e7ce6bce2b2a3030e4f5a00f7a8a72ff5182d7
48868011bf0a674e15944b6033d8deb29e6a70267034217a4b573d0be2d267ee
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a746e5276bb6c3e0bf2424475296a2c429a7c34e5716a8466b008cb5ba01c4c
4ce9ae52814b6857b6def6fb94871c5d86fb2eff613c24c38b75775445a9e0e1
4d064df1cb00507064fb069972ed2e7a6dc7d9bba61ec76708b84c06bf74a569
4de80c8730c0a0e08bc85a916ba0b42c755bf5f9c23987335b202af765d66f20
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e134faa7cf31404fe664a49ad6fc802852bd7e2867543dda94d20cba1ca8fce
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50806093f98917a990e7c84ed862ca8054a4b88915734cebfc15b3d5fe3fa598
531ced95d00fc8c26a6140869fb583238b0ccf457b7bb9e98d42d6b8a29323d6
53f72a1d76b38ce7950eacb206c4c4f8eb62b0582db3eba0d46685cbd56a2e9c
5443370aacb2127522f8e0c6333cad01c906bbcd510dbd352216e39bf52456e8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5e2df8262e92950212e7f76e7723d7d0208fe500a4ac49b75492b4b56f4c9c59
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63000f1d5ddcd10ff7812cf6f2eee53820014c23995b5c2b62919fb0ce6e0a50
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bea380818c86e33533ac6374891866e96adb5add81d4f359c5da93aabf0d3c2
6bfd228178a7920f79853de46df09c0a6ee732b6d92100be5bb99174d05a9c07
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
748126b5aa983ea6de48c1f3946cbd7f578363fdea7a42a944a69d629db41ddd
75421959fd0e01aace5426f5cc5b434a990f84f23d4b18d764392016f25cc101
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
79e3ea3976fa9edbe81670b235f4894978187f61f62a80118a26b5d43fc76e23
7a54aa12755205f52b15f5b7ab0dac976d3d24815ac15199cb6b63dbe542d90a
7ad04b2badabcf30f85b8ebd363e3a90be5af777d8b9b641f4f333cd95e14218
7cd8920c6b82e590e69f6a5a7f8366f97f761ff15498a0a88976c4cef996a367
7ec70108a49369dc3f73734dacf94050c28049d32fe708c968782483ae8cabda
7f01f82be3cf3c7c48628663b215e40b3620adee0f35235e8fbc0b0ae71d7d7c
7f55dc7390f19919a895b47cf00c75191a09028630323329d5cc40a968a8dbdb
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
86252d45b94f2714a04c68eda19f9c327c1730ca8595c66740ab0beece2c5b93
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b1719d28e80205c8ce4ec2285a705276ff3bd6c2e6ba01ecb73d0a4f77b94a9
8c6af3eda3fb057943991e6f4cb4b09706f6fc422de9f6fd6130347e4446493e
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f504be511c4e8c8048a00a4ab5892b940c2d32cc29a063dabd3b4a859c0dd20
903cbdd1e7ac7fe874f0c2989b1f84c59969b89029038616f8e3e26784598b20
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9148f395243f1778ab36d814fa625b42431d0689160f1305e45fd74642cd598a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
96f248a758d0719d8cebb6194ed0a88e8c7aa0355acf267b15acbe6cf4a65281
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0fde8a39f06a9ab2072dbb9729f06a8e3ab8ea6aa1113b4f4dc4d17d9391df
9cd5a393df4f0201d8439ac2170ee7d9a4672ac5737131a78ebf0b541f6a28d5
9d1f4186901a9a5293204646b9c1748b495e3e4dc4b13dfe89b1cbceaf442e49
a036083ef5b76036f2ecefb872fd42be50f3bfa51848fbb13c12d5a83f810276
a03b6995702abfb4d5daaac6afa1c699b58c3e15cd0b07d951e05aafe5063e9c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1073d2acb61c2fba86a55ec8ddc9c5f784296a6bd31d7d90904fa004df2c06d
a12f64cad3e3b6dbad5d094c5ec316e18b64cbab9b4a1481e46d0afe4d707110
a28ac4d4339e2f6134a8fe3deb1e48c52775739e671a904d10f6238667449547
a2a756cf5911a35290f13783316b5916d1df393cda5fe005a3f5b408e3997906
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a713781b13903ac6cd38d181349370a1c3bb822fdf78b11f44c5245550ae9e37
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a764d8fa0542053f90b23883eebaed46ce92833ad3d74c86f9b570f55aca0801
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a92db6dd3e5d507d15e34d178943ade193b93d96100adde7b8d6bd70b92a1b4a
a95822f1c1371dc03a934df5f495fc124a15b9439a94eb474dd0ee21a8e156ee
acbd967b013195d0a2c5f8ce38feb0c925bb330d8a684ee902c6b063e8ee0897
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
ae7bcac8580f3e937c28e786c947aea636a5ebe3e7b6f57c06410cb5cb1ad057
aee4e76db6bf16ef539fb860a248be6ff869cdd93a68857ea0e9234bf443b372
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2
b45877f190f4c596fa5b3906a34e9413a2f50a36fdc470bda9d3376c1ef73bb1
b847d28ccf464711494965c769e73a17ebb04fc32dc28b4a60ec8dcd103541a5
ba48da77676fb0fc521977986cf9d5186f7698b08214348cfae440981cbc5f01
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbbafeba5415c90e50e90b12cd5d90bb75a6735ab46f97457d1f67e214f2fe97
bceaaa8df473b26f22fda4afc2bc638fbcd6d3b157450a859910dd70fb9d92ca
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22d480d89accbfcdff49d03e40f8642b1f1e867492cfd13604e3cc11df78b56
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd0a2be6c757326ca21d44bba498265cb843048e7bce420ae65bd54c9f339ef
d48d978cae70de03658a8bb9a208bc7eb905b09eae9bf8efb40a0d5afbf0f238
d7d1fde491a699f603f55fe3944e3081330387f8cadc6ed7490ae23ab135cdf3
dd44ce753222e21a3a233b56923b209aeb2443a7625cf468300bd1e5ef083618
ddce71f85a370bf2976e7a5ea345b6751d383505bcb0d6aa4284481eda5cc6be
df466acf0d08569d751ea4784c2716b0e106b5623f80ba3930e64b5a7650900e
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e30a2970aea56ba873dc88426b8aa97a97eae9e6c404bfce7452cc9a9f4e6fa1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e940c26d8c38594e38187b2432ee96e6ab0d6849f539d46ecd5dd79d0e8fe605
ea3fbc7b348cac9981f19ca7cbed06ef85af77ca276551b5e074dbe88c7f3285
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
ec22911331ba5ee00be954ff32ba3ce5e13cc3b9f3741cbd8447e3866aeab1e9
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee82ae7fc3b6c087f1dc0488c4787f87460d60caff37b544cc3f4001361ef717
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05d9a32665adfa9a3d01d6b6bfa4550b5444578f7408503a44944d435cfc736
f1324e2bffed7c9652b2d6324d3df72202b5958b725684919ded1fb07706c470
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5da9e3278a823a9d1b068c25e70c72b97f71f3d5b919793abf38422c6425490
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f85b221e07f505ecdb564fb4e0311d534bb10fd16b26a4d6af26ca077cca6f40
f8c6274be8ab5d7dafd695c4683723ea43bc60fa25fa75d6834b4aabadc0cb2e
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
fa25c073d50c2e8ec00a208ee08913ab77a71f07df3fed33833c0957754dfda2
fb7162b5f392bb1ce91069a283086a5106c0b6d9758a1800fd68ec0f05d96f42
fb793fe449b3e028c3ce7965fa9bddfaf1259150f8a60e0dfb0ff7782419f49e
fbb99341176b3438238014d8216f0dfac9e5ffe51417f93ade3f2742a9905324
fc392e66c8480302b8b139922da3d69c5bc65f057b101bc1ba0737a0fdf650fd
fd8faa81ca468e4d96953f770ad08ec2356b6a429935b647de2e09cc554532ce
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e