urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Submission: On December 12 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 9 countries across 87 domains to perform 472 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 93127.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
16 74.125.24.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
6 172.67.71.254 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
15 172.67.72.16 13335 (CLOUDFLAR...)
30 74.125.24.155 15169 (GOOGLE)
3 64.120.88.131 133752 (LEASEWEB-...)
2 69.16.175.42 20446 (STACKPATH...)
13 74.125.68.157 15169 (GOOGLE)
2 74.125.24.97 15169 (GOOGLE)
2 142.250.4.102 15169 (GOOGLE)
6 142.250.4.156 15169 (GOOGLE)
1 74.125.200.94 15169 (GOOGLE)
2 142.251.12.154 15169 (GOOGLE)
4 172.217.194.154 15169 (GOOGLE)
4 74.125.24.156 15169 (GOOGLE)
7 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
3 182.161.74.19 55569 (CRITEO-AS...)
3 182.161.73.148 55569 (CRITEO-AS...)
25 142.250.4.132 15169 (GOOGLE)
5 142.251.12.157 15169 (GOOGLE)
30 182.161.73.129 55569 (CRITEO-AS...)
3 182.161.73.132 55569 (CRITEO-AS...)
2 104.17.24.14 13335 (CLOUDFLAR...)
2 5 103.229.10.211 16509 (AMAZON-02)
31 182.161.73.135 55569 (CRITEO-AS...)
5 182.161.73.142 55569 (CRITEO-AS...)
1 104.16.88.20 13335 (CLOUDFLAR...)
1 182.161.73.145 55569 (CRITEO-AS...)
1 34.107.148.139 396982 (GOOGLE-CL...)
8 34.98.64.218 396982 (GOOGLE-CL...)
8 11 104.254.151.68 29990 (ASN-APPNEX)
1 35.213.117.18 15169 (GOOGLE)
1 35.82.246.6 16509 (AMAZON-02)
3 54.178.188.214 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 2 145.40.88.5 54825 (PACKET)
2 8 172.64.154.237 13335 (CLOUDFLAR...)
1 52.221.131.47 16509 (AMAZON-02)
1 23.58.141.50 16625 (AKAMAI-AS)
4 19 139.99.49.250 16276 (OVH)
11 52.30.129.185 16509 (AMAZON-02)
1 13.33.33.43 16509 (AMAZON-02)
7 142.250.4.106 15169 (GOOGLE)
3 23.108.101.160 59253 (LEASEWEB-...)
3 7 185.84.60.30 198622 (ADFORM)
1 151.101.2.132 54113 (FASTLY)
1 1 172.104.45.159 63949 (LINODE-AP...)
10 36 74.125.200.156 15169 (GOOGLE)
1 1 31.220.27.155 39572 (ADVANCEDH...)
2 3 67.199.150.81 62713 (AS-PUBMATIC)
1 1 18.176.78.48 16509 (AMAZON-02)
4 4 202.241.208.57 4694 (IDCF IDC ...)
1 1 52.45.175.185 14618 (AMAZON-AES)
1 184.51.241.105 16625 (AKAMAI-AS)
1 199.232.46.132 54113 (FASTLY)
1 2 104.18.24.173 13335 (CLOUDFLAR...)
1 2 34.142.175.23 396982 (GOOGLE-CL...)
1 124.146.215.4 2514 (INFOSPHER...)
4 7 13.213.162.168 16509 (AMAZON-02)
1 1 52.221.146.18 16509 (AMAZON-02)
1 2 96.17.188.24 16625 (AKAMAI-AS)
2 3 213.180.204.90 13238 (YANDEX)
5 185.84.60.56 198622 (ADFORM)
3 182.161.73.136 55569 (CRITEO-AS...)
10 11 35.71.131.137 16509 (AMAZON-02)
8 23.75.85.227 16625 (AKAMAI-AS)
1 52.84.45.81 16509 (AMAZON-02)
9 23.58.140.24 16625 (AKAMAI-AS)
3 9 52.223.2.229 16509 (AMAZON-02)
1 172.64.151.162 13335 (CLOUDFLAR...)
1 151.101.129.108 54113 (FASTLY)
2 2 50.116.239.135 ()
2 4 35.244.159.8 15169 (GOOGLE)
2 2 13.33.88.20 16509 (AMAZON-02)
7 7 103.229.205.243 30419 (MEDIAMATH...)
1 2 69.173.144.138 ()
5 10 69.173.158.64 ()
1 2 23.106.127.38 ()
2 3 35.190.60.146 15169 (GOOGLE)
3 8 52.46.151.131 ()
1 67.199.150.82 ()
5 6 52.74.162.2 ()
5 6 35.213.12.39 ()
3 3 23.76.212.194 ()
2 2 198.8.71.131 ()
4 184.51.240.213 ()
2 2 18.138.91.242 ()
1 1 182.161.73.146 ()
2 3 13.107.42.14 ()
1 2 104.18.99.194 ()
1 13.107.21.200 ()
1 54.199.211.51 ()
1 23.106.127.39 ()
1 13.33.88.73 ()
2 3 209.191.163.208 ()
4 139.5.84.243 ()
1 104.18.36.94 ()
1 1 13.33.88.101 ()
1 35.213.109.249 ()
1 1 13.229.2.58 ()
4 4 151.101.194.49 ()
1 3.1.184.194 ()
6 54.238.120.71 ()
1 54.164.66.85 ()
2 67.199.150.86 ()
1 103.231.98.194 ()
2 67.199.150.85 ()
1 42.99.140.26 ()
1 74.125.200.95 ()
472 98
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
16    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
20789ff2abd6e4806ce45b4b74e8b227.safeframe.googlesyndication.com
a1523b9141f52da5d1aef5796faae0a9.safeframe.googlesyndication.com
a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
3    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
6    172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
15    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
30    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
13    74.125.68.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f157.1e100.net
securepubads.g.doubleclick.net
2    74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net
www.googletagmanager.com
2    142.250.4.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f102.1e100.net
www.google-analytics.com
6    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
adservice.google.com
1    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
d-1273038416797963012.ampproject.net
2    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
partner.googleadservices.com
4    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
adservice.google.co.nz
4    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
googleads.g.doubleclick.net
adservice.google.co.nz
7    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
3    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
3    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
25    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
tpc.googlesyndication.com
5    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
www.googletagservices.com
30    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
3    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
31    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
5    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
11    104.254.151.68 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
1    35.82.246.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-246-6.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
3    54.178.188.214 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-188-214.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
8    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
1    52.221.131.47 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-131-47.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    23.58.141.50 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-141-50.deploy.static.akamaitechnologies.com
a.teads.tv
19    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
11    52.30.129.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    13.33.33.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-43.sin2.r.cloudfront.net
rules.quantcount.com
7    142.250.4.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f106.1e100.net
www.google.com
3    23.108.101.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
b1-sindc1.zemanta.com
b1t-sindc1.zemanta.com
7    185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)
asia.adform.net
c1.adform.net
1    151.101.2.132 (United States)

ASN54113 (FASTLY, US)
widgets.zemanta.com
1    172.104.45.159 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1625-159.members.linode.com
a.c.appier.net
36    74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net
cm.g.doubleclick.net
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
3    67.199.150.81 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    18.176.78.48 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-78-48.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
4    202.241.208.57 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
1    184.51.241.105 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-241-105.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    199.232.46.132 (Singapore, Singapore)

ASN54113 (FASTLY, US)
zem.outbrainimg.com
2    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    34.142.175.23 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 23.175.142.34.bc.googleusercontent.com
um.simpli.fi
1    124.146.215.4 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
gdn.socdm.com
7    13.213.162.168 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-162-168.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    52.221.146.18 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-146-18.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
2    96.17.188.24 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-188-24.deploy.static.akamaitechnologies.com
cs.media.net
3    213.180.204.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
5    185.84.60.56 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
11    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
8    23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    52.84.45.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-81.mrs52.r.cloudfront.net
public.servenobid.com
9    23.58.140.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-140-24.deploy.static.akamaitechnologies.com
contextual.media.net
9    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    50.116.239.135 (None, )

ASN- ()
ad.turn.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
jp-u.openx.net
2    13.33.88.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-20.sin2.r.cloudfront.net
cr-p3.ladsp.com
7    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    69.173.144.138 (None, )

ASN- ()
pixel-eu.rubiconproject.com
10    69.173.158.64 (None, )

ASN- ()
pixel.rubiconproject.com
token.rubiconproject.com
2    23.106.127.38 (None, )

ASN- ()
ssbsync-global.smartadserver.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
8    52.46.151.131 (None, )

ASN- ()
s.amazon-adsystem.com
1    67.199.150.82 (None, )

ASN- ()
image8.pubmatic.com
6    52.74.162.2 (None, )

ASN- ()
ups.analytics.yahoo.com
6    35.213.12.39 (None, )

ASN- ()
x.bidswitch.net
3    23.76.212.194 (None, )

ASN- ()
secure-assets.rubiconproject.com
2    198.8.71.131 (None, )

ASN- ()
p.rfihub.com
4    184.51.240.213 (None, )

ASN- ()
ads.pubmatic.com
2    18.138.91.242 (None, )

ASN- ()
pm.w55c.net
1    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
3    13.107.42.14 (None, )

ASN- ()
px.ads.linkedin.com
2    104.18.99.194 (None, )

ASN- ()
p.adsymptotic.com
1    13.107.21.200 (None, )

ASN- ()
c.bing.com
1    54.199.211.51 (None, )

ASN- ()
g2.gumgum.com
1    23.106.127.39 (None, )

ASN- ()
ssbsync.smartadserver.com
1    13.33.88.73 (None, )

ASN- ()
cs-rtb.minutemedia-prebid.com
3    209.191.163.208 (None, )

ASN- ()
ap.lijit.com
4    139.5.84.243 (None, )

ASN- ()
dsum-sec.casalemedia.com
1    104.18.36.94 (None, )

ASN- ()
cdn.indexww.com
1    13.33.88.101 (None, )

ASN- ()
s.ad.smaato.net
1    35.213.109.249 (None, )

ASN- ()
y.one.impact-ad.jp
1    13.229.2.58 (None, )

ASN- ()
match.sharethrough.com
4    151.101.194.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    3.1.184.194 (None, )

ASN- ()
d.adroll.com
6    54.238.120.71 (None, )

ASN- ()
usersync.gumgum.com
1    54.164.66.85 (None, )

ASN- ()
cs.emxdgt.com
2    67.199.150.86 (None, )

ASN- ()
simage2.pubmatic.com
1    103.231.98.194 (None, )

ASN- ()
image2.pubmatic.com
2    67.199.150.85 (None, )

ASN- ()
image4.pubmatic.com
1    42.99.140.26 (None, )

ASN- ()
code.createjs.com
1    74.125.200.95 (None, )

ASN- ()
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
66 criteo.net
static.criteo.net — Cisco Umbrella Rank: 662
pix.as.criteo.net — Cisco Umbrella Rank: 14332
csm.as.criteo.net — Cisco Umbrella Rank: 13902
781 KB
59 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
20789ff2abd6e4806ce45b4b74e8b227.safeframe.googlesyndication.com
a1523b9141f52da5d1aef5796faae0a9.safeframe.googlesyndication.com
a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
540 KB
54 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
515 KB
27 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 885
fastlane.rubiconproject.com — Cisco Umbrella Rank: 451
eus.rubiconproject.com — Cisco Umbrella Rank: 547
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com Failed
53 KB
19 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 727
9 KB
16 bg3.co
www.bg3.co — Cisco Umbrella Rank: 93127
static.bg3.co
15 KB
14 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 17481
ads.as.criteo.com — Cisco Umbrella Rank: 13683
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 14299
bidder.criteo.com — Cisco Umbrella Rank: 734
gum.criteo.com — Cisco Umbrella Rank: 399
dis.criteo.com
160 KB
13 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418
ups.analytics.yahoo.com
6 KB
13 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 680
image8.pubmatic.com
ads.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
36 KB
13 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
4 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15653
e3.adpushup.com — Cisco Umbrella Rank: 17140
campaign.adpushup.com — Cisco Umbrella Rank: 29138
235 KB
12 adform.net
asia.adform.net — Cisco Umbrella Rank: 43847
c1.adform.net — Cisco Umbrella Rank: 639
s2.adform.net — Cisco Umbrella Rank: 5749
101 KB
12 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1589
public.servenobid.com — Cisco Umbrella Rank: 3212
8 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 413
dsum-sec.casalemedia.com
dsum.casalemedia.com
10 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 218
acdn.adnxs.com — Cisco Umbrella Rank: 579
27 KB
12 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13981
u.openx.net — Cisco Umbrella Rank: 667
us-u.openx.net — Cisco Umbrella Rank: 395
jp-u.openx.net — Cisco Umbrella Rank: 9869
3 KB
12 media.net
prebid.media.net — Cisco Umbrella Rank: 1130
cs.media.net — Cisco Umbrella Rank: 1345
contextual.media.net — Cisco Umbrella Rank: 553
18 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 323
6 KB
10 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 501
eb2.3lift.com — Cisco Umbrella Rank: 350
5 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 388
218 KB
8 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com Failed
5 KB
7 gumgum.com
g2.gumgum.com
usersync.gumgum.com Failed
3 KB
7 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 447
4 KB
7 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 853
x.bidswitch.net
4 KB
6 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 10668
55 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27461
sync.aralego.com — Cisco Umbrella Rank: 3093
4 KB
5 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 917
gdn.socdm.com — Cisco Umbrella Rank: 69828
5 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 915
pixel.quantserve.com — Cisco Umbrella Rank: 655
cms.quantserve.com
12 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
234 KB
5 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 135022
1 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 zemanta.com
b1-sindc1.zemanta.com — Cisco Umbrella Rank: 44603
widgets.zemanta.com — Cisco Umbrella Rank: 9318
b1t-sindc1.zemanta.com — Cisco Umbrella Rank: 31520
5 KB
3 lijit.com
ap.lijit.com
1 KB
3 linkedin.com
px.ads.linkedin.com
1 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 536
512 B
3 smartadserver.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com Failed
1 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3995
1022 B
2 adsymptotic.com
p.adsymptotic.com
501 B
2 w55c.net
pm.w55c.net
2 KB
2 rfihub.com
p.rfihub.com
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 24864
1 KB
2 turn.com
ad.turn.com
866 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 605
cdn.indexww.com
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 810
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 795
s.tribalfusion.com — Cisco Umbrella Rank: 1875
1 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 858
790 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
10 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 840
1007 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
502 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
78 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 687
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 16632
10 KB
1 googleapis.com
fonts.googleapis.com
1 KB
1 createjs.com
code.createjs.com
1 emxdgt.com
cs.emxdgt.com
67 B
1 adroll.com
d.adroll.com
181 B
1 sharethrough.com
match.sharethrough.com
355 B
1 impact-ad.jp
y.one.impact-ad.jp
218 B
1 smaato.net
s.ad.smaato.net
672 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com
719 B
1 bing.com
c.bing.com
666 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 646
514 B
1 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 2632
8 KB
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1381
sync.outbrain.com Failed
3 KB
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 15284
561 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 27146
555 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 12019
323 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 15612
590 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 851
633 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1403
502 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3654
518 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 396
2 KB
1 ampproject.net
d-1273038416797963012.ampproject.net
0 audrte.com Failed
a.audrte.com Failed
0 creativecdn.com Failed
creativecdn.com Failed
0 id5-sync.com Failed
id5-sync.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 admedo.com Failed
pool.admedo.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
472 87
Domain Requested by
36 cm.g.doubleclick.net 10 redirects a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
u.openx.net
onetag-sys.com
eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
31 pix.as.criteo.net ads.as.criteo.com
30 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
www.bg3.co
28 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
www.googletagservices.com
25 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
19 onetag-sys.com 4 redirects cdn.adpushup.com
onetag-sys.com
public.servenobid.com
15 static.bg3.co www.bg3.co
13 securepubads.g.doubleclick.net cdn.aralego.net
cdn.adpushup.com
securepubads.g.doubleclick.net
www.bg3.co
11 match.adsrvr.org 10 redirects cdn.adpushup.com
11 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
g2.gumgum.com
ads.pubmatic.com
cs-rtb.minutemedia-prebid.com
ssbsync.smartadserver.com
11 ib.adnxs.com 8 redirects cdn.adpushup.com
acdn.adnxs.com
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
9 contextual.media.net cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
8 s.amazon-adsystem.com 3 redirects onetag-sys.com
eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
8 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
7 sync.mathtag.com 7 redirects
7 pr-bh.ybp.yahoo.com 4 redirects ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
7 www.google.com tpc.googlesyndication.com
a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
7 e3.adpushup.com www.bg3.co
6 usersync.gumgum.com g2.gumgum.com
eus.rubiconproject.com
6 x.bidswitch.net 5 redirects onetag-sys.com
ads.pubmatic.com
6 ups.analytics.yahoo.com 5 redirects onetag-sys.com
6 pixel.rubiconproject.com 1 redirects onetag-sys.com
www.bg3.co
6 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 cdn.aralego.net www.bg3.co
ads.aralego.com
cdn.aralego.net
5 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
5 us-u.openx.net 2 redirects u.openx.net
5 s2.adform.net asia.adform.net
s2.adform.net
www.bg3.co
5 csm.as.criteo.net ads.as.criteo.com
5 www.googletagservices.com googleads.g.doubleclick.net
a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
5 adservice.google.co.nz pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 sync-tm.everesttech.net 4 redirects
4 dsum-sec.casalemedia.com ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 tg.socdm.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adpushup-d.openx.net cdn.adpushup.com
3 cms.quantserve.com 2 redirects a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
3 ap.lijit.com 2 redirects public.servenobid.com
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 secure-assets.rubiconproject.com 3 redirects
3 id.rlcdn.com 2 redirects onetag-sys.com
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 an.yandex.ru 2 redirects www.bg3.co
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 asia.adform.net a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
s2.adform.net
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 cat.sg1.as.criteo.com ads.as.criteo.com
3 ads.as.criteo.com googleads.g.doubleclick.net
a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
3 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
www.bg3.co
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 image4.pubmatic.com ads.pubmatic.com
2 simage2.pubmatic.com ads.pubmatic.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 pm.w55c.net 2 redirects
2 p.rfihub.com 2 redirects
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 ad.turn.com 2 redirects
2 cs.media.net 1 redirects contextual.media.net
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 b1-sindc1.zemanta.com www.bg3.co
2 htlb.casalemedia.com cdn.adpushup.com
2 prebid.a-mo.net 1 redirects cdn.adpushup.com
2 cdnjs.cloudflare.com ads.as.criteo.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 fonts.googleapis.com s2.adform.net
1 code.createjs.com s2.adform.net
1 image2.pubmatic.com ads.pubmatic.com
1 cs.emxdgt.com g2.gumgum.com
1 d.adroll.com ssum-sec.casalemedia.com
1 match.sharethrough.com 1 redirects
1 y.one.impact-ad.jp a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
1 s.ad.smaato.net 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 dis.criteo.com 1 redirects
1 image8.pubmatic.com onetag-sys.com
ads.pubmatic.com
1 acdn.adnxs.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 ads.yieldmo.com 1 redirects
1 gdn.socdm.com a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
1 s.tribalfusion.com a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 zem.outbrainimg.com a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
1 widgets.outbrain.com a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
1 b1t-sindc1.zemanta.com a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
1 im.bluevoox.com 1 redirects
1 ds.uncn.jp 1 redirects
1 s.uuidksinc.net 1 redirects
1 a.c.appier.net 1 redirects
1 widgets.zemanta.com a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
1 pixel.quantserve.com www.bg3.co
1 a1523b9141f52da5d1aef5796faae0a9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 20789ff2abd6e4806ce45b4b74e8b227.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 a.teads.tv cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 campaign.adpushup.com www.bg3.co
1 d-1273038416797963012.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
0 a.audrte.com Failed ssbsync.smartadserver.com
0 rtb-csync.smartadserver.com Failed ssbsync.smartadserver.com
0 creativecdn.com Failed g2.gumgum.com
0 id5-sync.com Failed g2.gumgum.com
0 ad.360yield.com Failed g2.gumgum.com
0 match.deepintent.com Failed g2.gumgum.com
0 sync.technoratimedia.com Failed g2.gumgum.com
0 sync.ipredictive.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 sync.srv.stackadapt.com Failed g2.gumgum.com
0 pool.admedo.com Failed g2.gumgum.com
0 sync.go.sonobi.com Failed public.servenobid.com
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 pixel.tapad.com Failed eb2.3lift.com
0 rtb.mfadsrvr.com Failed contextual.media.net
0 stags.bluekai.com Failed contextual.media.net
ssum-sec.casalemedia.com
g2.gumgum.com
0 sync.targeting.unrulymedia.com Failed contextual.media.net
public.servenobid.com
g2.gumgum.com
472 144

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
cdn.adpushup.com
R3		 2022-11-16 -
2023-02-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-02-10		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.outbrainimg.com
R3		 2022-12-03 -
2023-03-03		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2022-03-04 -
2023-03-25		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2022-11-08 -
2023-12-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh

This page contains 65 frames:

Primary Page: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Frame ID: 9C5FC9FCB5379A099E1C599C6B891FA8
Requests: 91 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 48F3E70FB7B47BEA1F29B0471223B911
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 2BB07909153056B3B9B8F51EDFD9CCC6
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 6B19E4D961BFE1C77D59810BD5F9E595
Requests: 10 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 21B238EC16785836823272A67C142D38
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296432&bpp=18&bdt=2046&idt=1387&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=2&ga_vid=596370892.1670855298&ga_sid=1670855298&ga_hid=744263272&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1828&biw=1600&bih=1200&isw=336&ish=280&ifk=2011414921&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071113%2C31071267&oid=2&pvsid=1346008572914845&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vc5dpnc3umc0&btvi=1&fsb=1&dtd=1406
Frame ID: F97AF2A5303D739DC95D1B00552037F4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296329&bpp=16&bdt=1964&idt=1528&shv=r20221206&mjsv=m202212070101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=1&ga_vid=1757765834.1670855298&ga_sid=1670855298&ga_hid=1653522079&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2379225532&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44779793%2C31071267&oid=2&pvsid=3172550417314986&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ao631gx25ckg&fsb=1&dtd=1547
Frame ID: D3565272BF8F202013888840724C6F41
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-29616180041933787486&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2982&oid=2&is_amp=5&amp_v=2211250451000&d_imp=1&c=869007644&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&ga_hid=7644&dt=1670855297656&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&bdt=4861&dtd=691&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 45AFCB523D9D73997D2839127F4AF687
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 7F5A79E163CFA89AF0AF7D0C25EBCA0C
Requests: 23 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: EB979758B53B1510CBD761B54CAA4394
Requests: 28 HTTP requests in this frame

Frame: https://20789ff2abd6e4806ce45b4b74e8b227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F3252530E9630FF23B0A9580218FF995
Requests: 1 HTTP requests in this frame

Frame: https://a1523b9141f52da5d1aef5796faae0a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F55947FCDD18E3E0D00291938EB43FAB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4243EC88087AC2E7B0E9355D24D37E1B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4350823A04401DC7BE851A49EC93AFA3
Requests: 2 HTTP requests in this frame

Frame: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 28981903B83034FCBFC592AE2370653A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A4D8F31FBF107D12CD17D2C400FBD2AE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8891AEDA27160EF2C40A77D2ADE34F0
Requests: 2 HTTP requests in this frame

Frame: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 822750FFEF7A769AFA18DA4657D475EA
Requests: 15 HTTP requests in this frame

Frame: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9523AE5FF044C18BFE10306B328A8005
Requests: 14 HTTP requests in this frame

Frame: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 224274247E3832B55013F01721FB09BC
Requests: 10 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 8230CBA501AFCAD534F8B08E4DAB2A88
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 84AC6CCAC715E7B036F253305CC4CE77
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 393CFD4C7CFA5F0C9063027EA7DDD2F7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9F2E1940759069D98DC63CB2424FD40
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CD1F4CA658BEF36E92BAEC80B002CA2B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1EB51F90C6A43F35B3C35F506067A1FB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2B8236894527529DA06476459144FF60
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F7B6EA0A6E1A7E608F97C568F37FCAC0
Requests: 10 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 5A8B22E65D0CF0A2A6A3CA24A2E888B3
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 5B4B500381E13FD4C595A94E6D84318B
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 53FF4489F3679DDE723CDC0976A62F29
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: C8592B44485A96F496D2F65F0D96154D
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 91784A8F4EB39ABFCA0C7B0EE224DE8B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 91A0F158F2F1CB1CAEC565A27FF57015
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670855302152
Frame ID: 5C1A83F50DA2C6E457986F112F307E57
Requests: 14 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 214175C61171855C896C8EB9B7FBA06D
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 52791296E5CD2EE7A207E085D9AEE22B
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3138569057445573000V10&type=rkt&refUrl=&vid=08553060333138569057445573000V10&ovsid=1972084068249698936
Frame ID: 9046B829752A2CE43EF588CB2D5BF31E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Dpba%26refUrl%3D%26vid%3D08553060333138569057445573000V10%26ovsid%3DPM_UID
Frame ID: 6FB801C04B5ABA18A565BF86FACB673E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3B66931CAFBEB3AF8145A5B3B1073A6B
Requests: 9 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 745CEAE8E8F8890339D1ED2A00D6D1D7
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 2764D67BBD185576876433EDC89F9C51
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 640F21F2F6C52D6AC7978E76513B12CD
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 1BD845191E2736FD57E993F15E35C71E
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 235D35B224F7E6F9688B2CE77311C2D4
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 674E4F056B671DB74020F99E17820DE6
Requests: 11 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: F34813DD7AFB406B148073334ED9851C
Requests: 2 HTTP requests in this frame

Frame: https://s2.adform.net/Banners/Elements/Files/2111416/11240094/11240094.js?ADFassetID=11240094&bv=513
Frame ID: AEFD9CF179ED203E694DFCF231301BE1
Requests: 5 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: 87DAF809BD44F9D0CBEE8535FE2457EF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 2D137C71C1E85B227F9A75C4901607B9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=a8f77359-9db5-4714-9b79-a4238e9812fb
Frame ID: 0429989F407877F2A623B0D836A89F0F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=eafc6397-3a8a-4d00-9076-f9217c251418&gdpr=0&gdpr_consent=
Frame ID: 68EE4E1D7C3DED83599E9A611CD3B441
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y5c6iwAADtGUAQAe&gdpr=0&gdpr_consent=&_test=Y5c6iwAADtGUAQAe
Frame ID: DD1C18ABA261496F3390962AFE8D1618
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9kOTZhMTNhMy0xYTFlLTQ3NTItYWE0MC0xZDdjYmU1ZDQxMzI=&gdpr=0&gdpr_consent=
Frame ID: CDB0773B63F640D050D270C9D9A5AF55
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 22AF67C7A39F4D020B153C1B29CAE68F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y5c6iMCo5s8AADVtRYEAAAAA
Frame ID: DE4CA15A98EE272E0DA1B5239C158F08
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y5c6ivAg.JGYThEBey1VrwAA%265337
Frame ID: 7A3032D0E8C27D56114DEE27977D59C9
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
Frame ID: 89E8E63FB341D4424A19F9D3126A4399
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 33DBAE536815223425C56E2D3029B514
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=66FC608F-1C59-4390-8B86-F9C026A2BD5B&gdpr=0&gdpr_consent=
Frame ID: 5CE94B8F12041A4D67832B69B6C9D80E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:eafc6397-3a8a-4d00-9076-f9217c251418&gdpr=0&gdpr_consent=
Frame ID: FF5FAE8435E660E6473EF29309C3BFD5
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Frame ID: 533AD5DEE0F23984C291EC1B05D8C98A
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Frame ID: B2EBCC96F265478A14FCDB7514CEFB46
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KoDSnS_S05wx1dmcfYbGnyzQipMx1ojJeNCjcDSk
Frame ID: 38EC812A96A33D027FC73183A4E8BFBD
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=66FC608F-1C59-4390-8B86-F9C026A2BD5B
Frame ID: A3C9C7FEF910C0236CFBDAC556289500
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

赴武漢尋疫情起源 WHO:找到重大線索了 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

472
Requests

73 %
HTTPS

0 %
IPv6

87
Domains

144
Subdomains

98
IPs

9
Countries

3217 kB
Transfer

8215 kB
Size

63
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 227
  • https://a.c.appier.net/gcm?google_gid=CAESEH4noBmwaOxX-gFUEZODSHQ&google_cver=1&google_push=ASkJ3FYshq29UIf46muCsZFQu0kIKMeqECL-BoxH2zzLKQO37QpnW52oxN2I69CwY9z2j0ahM83ZzrxNSke1mQQYW4qynX33hQ3A-GZU85kRNCxIPmb6LMtL_Bxxw9seLK0sxVqmnXgErA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=SmpWMU0ybC1BQy10aHdtR2lEcVhZdw%3D%3D&google_push=ASkJ3FYshq29UIf46muCsZFQu0kIKMeqECL-BoxH2zzLKQO37QpnW52oxN2I69CwY9z2j0ahM83ZzrxNSke1mQQYW4qynX33hQ3A-GZU85kRNCxIPmb6LMtL_Bxxw9seLK0sxVqmnXgErA
Request Chain 228
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJMGzV3svcsm2xhJaT14160&c_param1=ASkJ3FbvlCqC-eN2g-8imZpmXnTeEB1XksScHownLER--4kLSGj2IMLYk_lw3GvuIHesdflPvpZHpt_QGs12FPT7EOD5pzj9mPR2re5RVioVIsbUxoDx62yAqDhJgt6h0PYcPft7zdmRLaE&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FbvlCqC-eN2g-8imZpmXnTeEB1XksScHownLER--4kLSGj2IMLYk_lw3GvuIHesdflPvpZHpt_QGs12FPT7EOD5pzj9mPR2re5RVioVIsbUxoDx62yAqDhJgt6h0PYcPft7zdmRLaE
Request Chain 229
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC_LjlQ9fU37Q0RwVM3swM0&google_cver=1&google_push=ASkJ3Fb9DmCn7hWo2MsQNogbL6ki0cW0OVID5uHCosM84WNxdH_07QPQlc4gyErcnFItgrdiuBu01yfLwSk8N-n6tlbnm_9nExOYusu8w00e473bRE9vX6rp7rN22j_c2eC6BILUiU-gWUw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC_LjlQ9fU37Q0RwVM3swM0&google_cver=1&google_push=ASkJ3Fb9DmCn7hWo2MsQNogbL6ki0cW0OVID5uHCosM84WNxdH_07QPQlc4gyErcnFItgrdiuBu01yfLwSk8N-n6tlbnm_9nExOYusu8w00e473bRE9vX6rp7rN22j_c2eC6BILUiU-gWUw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ1MDI3MzkzNDc4OTQ5MDU3OQ&google_push=ASkJ3Fb9DmCn7hWo2MsQNogbL6ki0cW0OVID5uHCosM84WNxdH_07QPQlc4gyErcnFItgrdiuBu01yfLwSk8N-n6tlbnm_9nExOYusu8w00e473bRE9vX6rp7rN22j_c2eC6BILUiU-gWUw
Request Chain 230
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELJB-Tz4jO51EWyQY8sBlt0&google_cver=1&google_push=ASkJ3FYf_R-hhp4s-vcPvYD8gYp0u0Ff6cpR_IG3Y8CVZN_ZmHNy4hrLA9KT8-CfkK_C8HPI3mVXQzcAfCOzFb3ejuCbx8QEVWT_AooQ1dC8UWcm9QWw50nOy_euGl7D8eI2EeEDmIVmTDc HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELJB-Tz4jO51EWyQY8sBlt0&google_cver=1&google_push=ASkJ3FYf_R-hhp4s-vcPvYD8gYp0u0Ff6cpR_IG3Y8CVZN_ZmHNy4hrLA9KT8-CfkK_C8HPI3mVXQzcAfCOzFb3ejuCbx8QEVWT_AooQ1dC8UWcm9QWw50nOy_euGl7D8eI2EeEDmIVmTDc&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZvxgjxxZQ5CLhvnAJqK9Ww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYf_R-hhp4s-vcPvYD8gYp0u0Ff6cpR_IG3Y8CVZN_ZmHNy4hrLA9KT8-CfkK_C8HPI3mVXQzcAfCOzFb3ejuCbx8QEVWT_AooQ1dC8UWcm9QWw50nOy_euGl7D8eI2EeEDmIVmTDc
Request Chain 231
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEH4WKdNwbzmvlXM95P3ILjw&google_cver=1&google_push=ASkJ3FYV0HJLMW-2l1fcIl-sRzlOwNZrfKCND67x2ng3AKsaWEFK8I3UotYxQD39NMYgtzNqbzlE4JVtaH47QYY-lBnqpTymBBPaDDN4UBC4W_QYzlNgQ2wipEPvESPbMvkTaZTn_Y79HtM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FYV0HJLMW-2l1fcIl-sRzlOwNZrfKCND67x2ng3AKsaWEFK8I3UotYxQD39NMYgtzNqbzlE4JVtaH47QYY-lBnqpTymBBPaDDN4UBC4W_QYzlNgQ2wipEPvESPbMvkTaZTn_Y79HtM&google_hm=AT8itQpT6kPwi2BKIeSHtdI
Request Chain 232
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEOjcl9knsQX5Mbv8jG9nry4&google_cver=1&google_push=ASkJ3FZb6X40q-8dJgPg5kZ2pJyOyBCJU76tEvSTnJVB-ZzduY6qECerkH2-dkruvZsr4t-Zb_MyK_4w4ij_gTMY2jrlb6mpS9qJPSQ2rMG-qHFe1l4hAPAnQG_7MXS4V8q9zL0QpAIoO8k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZb6X40q-8dJgPg5kZ2pJyOyBCJU76tEvSTnJVB-ZzduY6qECerkH2-dkruvZsr4t-Zb_MyK_4w4ij_gTMY2jrlb6mpS9qJPSQ2rMG-qHFe1l4hAPAnQG_7MXS4V8q9zL0QpAIoO8k&google_hm=WTVjNmlNQ281czhBQURWdFJYUUFBQUFB
Request Chain 233
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEEh-58t6ctEPwDVR-s5qrr8&google_cver=1&google_push=ASkJ3FYDqGpI78rPLnZ7It3-puCFobf7GK43GpMYE1BjGFH65WuNeUnubSOWpabt6lLtQ7NagHaUtft9cNdM_YQWdxJQOcBem0Zmn177fSkqG3KYNoc0vgX03TQSE0WhlZMhPVtWrJBTP6lP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ASkJ3FYDqGpI78rPLnZ7It3-puCFobf7GK43GpMYE1BjGFH65WuNeUnubSOWpabt6lLtQ7NagHaUtft9cNdM_YQWdxJQOcBem0Zmn177fSkqG3KYNoc0vgX03TQSE0WhlZMhPVtWrJBTP6lP&google_hm=QlMuMGJiOS02NmY1LTRmZDMtYmEwYg==
Request Chain 266
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKGIAZxSu1tvOBahdwQSDDw&google_cver=1&google_push=ASkJ3FaLmnmTir76tsmQKk10Jx4mBzm0sh9OS6QRXGnubVhzwx_1kJAV8veH6KfjMXX92WtYoA9OzlONc0GLlizYw9eZeFoLqmR3kzLIFngD1pXp7oHYOCJop-jh_fEXF-pgZj3cjlpvdro3KKbgJ-YzhEs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FaLmnmTir76tsmQKk10Jx4mBzm0sh9OS6QRXGnubVhzwx_1kJAV8veH6KfjMXX92WtYoA9OzlONc0GLlizYw9eZeFoLqmR3kzLIFngD1pXp7oHYOCJop-jh_fEXF-pgZj3cjlpvdro3KKbgJ-YzhEs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKGIAZxSu1tvOBahdwQSDDw&google_cver=1&google_push=ASkJ3FaLmnmTir76tsmQKk10Jx4mBzm0sh9OS6QRXGnubVhzwx_1kJAV8veH6KfjMXX92WtYoA9OzlONc0GLlizYw9eZeFoLqmR3kzLIFngD1pXp7oHYOCJop-jh_fEXF-pgZj3cjlpvdro3KKbgJ-YzhEs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FaLmnmTir76tsmQKk10Jx4mBzm0sh9OS6QRXGnubVhzwx_1kJAV8veH6KfjMXX92WtYoA9OzlONc0GLlizYw9eZeFoLqmR3kzLIFngD1pXp7oHYOCJop-jh_fEXF-pgZj3cjlpvdro3KKbgJ-YzhEs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 267
  • https://um.simpli.fi/gp_match?google_gid=CAESEJbRLbw8T_Ki2e2PHLmH9zI&google_cver=1&google_push=ASkJ3FZn0I7v8tlJ08nOSNx1xRGUrQNAaK5ao4q9oxYnLuvk6s0T8QW4neKz-6wTvWpJBpq8fEazOOGKLkXKN7nfBbO3QvZG-bSltPuHZ280c_D3BEcLee03dVQgXtiCW5Ad3lURWsHOfDWq9AHiNNK4X50 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A8AFE4979E8142898A58F6FD1535CA71&google_push=ASkJ3FZn0I7v8tlJ08nOSNx1xRGUrQNAaK5ao4q9oxYnLuvk6s0T8QW4neKz-6wTvWpJBpq8fEazOOGKLkXKN7nfBbO3QvZG-bSltPuHZ280c_D3BEcLee03dVQgXtiCW5Ad3lURWsHOfDWq9AHiNNK4X50
Request Chain 268
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEFJjZ9VaGboLIzXYDkNNgq0&google_cver=1&google_push=ASkJ3Fb7h3PDw_1FhZn7frWiDxIQzVfImkj6Cf2PzXnvn1Bx7DIDv4pTXdbZTP0t0J6XgffX1cSNPp2l9G-ouD2oLBB-lc5RZ8IYYgALYy40GEa75CSp11J_Rrs0WbQBBVg6ylQ5cZDH6rMRmGhXubIWWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTVjNmlNQ281czhBQURWdFJZRUFBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEFJjZ9VaGboLIzXYDkNNgq0&google_cver=1
Request Chain 269
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENTZGWdNMY1dD2c0ogZ1CP8&google_cver=1&google_push=ASkJ3Fbdqa4jp4Li1WeD8CUtP83hrN4fGE9CdkVUcd_4Y-MVZ_0RYLNzMjJo3PHetuzWgTfpxwqNUC6TChmTNHVv56b5Ehl_zFOMzRdMpJ3ByPxc_GSkDh3DAkvb-r0cgR1GinC7ENcmHI4anv2bKARymjE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbdqa4jp4Li1WeD8CUtP83hrN4fGE9CdkVUcd_4Y-MVZ_0RYLNzMjJo3PHetuzWgTfpxwqNUC6TChmTNHVv56b5Ehl_zFOMzRdMpJ3ByPxc_GSkDh3DAkvb-r0cgR1GinC7ENcmHI4anv2bKARymjE&google_hm=eS1DZUhCZW9kRTJwRks2UlhDSlNnZzROcjRGdmw2M3psTn5B
Request Chain 270
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEAyy2JZnfytrxoyGnNIOc7k&google_cver=1&google_push=ASkJ3FY8_fEcywG0wNjVTu5XxQskRv9J-v4cyX-64DCPwMNFklQK6LHBMTktf22TlOqrh_8hPe_ZS3tVPK2VE4nbKuvlFAQi8IJ1SxncGz8myVbye48RlYhZ-u5MXHX7MdL8ICxo5SGwn5-PX4RTnAe_U08 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FY8_fEcywG0wNjVTu5XxQskRv9J-v4cyX-64DCPwMNFklQK6LHBMTktf22TlOqrh_8hPe_ZS3tVPK2VE4nbKuvlFAQi8IJ1SxncGz8myVbye48RlYhZ-u5MXHX7MdL8ICxo5SGwn5-PX4RTnAe_U08&google_hm=Z2E5NzZiYzlkN2JlYWYzMjU4MmI=
Request Chain 271
  • https://cs.media.net/cksync?type=g&google_gid=CAESEHee-oaf6aA_2plzFFLURkg&google_cver=1&google_push=ASkJ3FazjfzO2-mXANM1o3yJz9J94FRcHl0lb3DgpRp5hoJQCv_aq2DltNfF3jTYLcSCxCBrWJG_xhDHdzmcOmUcDTVs2Kzi1USAXGi_YVS86zrI-WoolVZIdSrNlh99BaUrGsz5mt-kWz7HAlUxST7k7jU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEzODU2OTA1NzQ0NTU3MzAwMFYxMA%3d%3d&mn_hm=MzEzODU2OTA1NzQ0NTU3MzAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FazjfzO2-mXANM1o3yJz9J94FRcHl0lb3DgpRp5hoJQCv_aq2DltNfF3jTYLcSCxCBrWJG_xhDHdzmcOmUcDTVs2Kzi1USAXGi_YVS86zrI-WoolVZIdSrNlh99BaUrGsz5mt-kWz7HAlUxST7k7jU&gdpr=&gdpr_consent=
Request Chain 272
  • https://an.yandex.ru/mapuid/google/CAESEGnbqvSln8O31v7tajFQfJc?ext-param=ASkJ3FZQc1VXN3rQ4YzppDBDVLCcZIsbvZG5Bscz5sGmjq8WMhti174SwfvKDkCEMx42uCLLnng2YpmKvsgywW8usK0lbgkXFjmeoYQ6X6UiHRApRymlRl07ZBRcH0_zAQpYmyoPE_wOwRP5-plscZ9nwJBR&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEGnbqvSln8O31v7tajFQfJc?redir-setuniq=1&ext-param=ASkJ3FZQc1VXN3rQ4YzppDBDVLCcZIsbvZG5Bscz5sGmjq8WMhti174SwfvKDkCEMx42uCLLnng2YpmKvsgywW8usK0lbgkXFjmeoYQ6X6UiHRApRymlRl07ZBRcH0_zAQpYmyoPE_wOwRP5-plscZ9nwJBR&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEGnbqvSln8O31v7tajFQfJc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 289
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 293
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4428618427978381074&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 294
  • https://match.adsrvr.org/track/cmf/openx?oxid=018c8901-b18c-752e-d11e-85aacdd98516&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=018c8901-b18c-752e-d11e-85aacdd98516&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a8f77359-9db5-4714-9b79-a4238e9812fb&ttd_puid=018c8901-b18c-752e-d11e-85aacdd98516&gdpr=0&gdpr_consent=
Request Chain 295
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y5c6iMCo5s8AADVtRYEAAAAA
Request Chain 296
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUgsXFXpKiQTks8ADxwUyKk9vs8AAAGFBrys3w
Request Chain 298
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK13ENJBhLnywW8HHIQiZbg&google_cver=1
Request Chain 299
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 300
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=a76b6397-3a8a-4800-a1c9-daac6428916b&gdpr=1&gdpr_consent=
Request Chain 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1331351485264205355
Request Chain 304
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhQa8qpTq3GXgrEopBCOuWaoYr4ENZNWKkQ
Request Chain 306
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCIr13JwGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 307
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RxzB1r6yjPTXO_nh_IyGTGmpy0UsH3byxxOnHBfI7wY
Request Chain 309
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGv6K5p1rhzOSrK_AMPESNU&google_cver=1
Request Chain 311
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=
Request Chain 313
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 316
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 317
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Drkt%26refUrl%3D%26vid%3D08553060333138569057445573000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3138569057445573000V10&type=rkt&refUrl=&vid=08553060333138569057445573000V10&ovsid=1972084068249698936
Request Chain 319
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Dapx%26refUrl%3D%26vid%3D08553060333138569057445573000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3138569057445573000V10&type=apx&refUrl=&vid=08553060333138569057445573000V10&ovsid=117597611884616147
Request Chain 320
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Dopx%26refUrl%3D%26vid%3D08553060333138569057445573000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3138569057445573000V10&type=opx&refUrl=&vid=08553060333138569057445573000V10&ovsid=c9a0e09e-1a8c-4fce-b251-fbc47f3617ca
Request Chain 321
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Dmma%26refUrl%3D%26vid%3D08553060333138569057445573000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3138569057445573000V10&type=mma&refUrl=&vid=08553060333138569057445573000V10&ovsid=eafc6397-3a8a-4d00-9076-f9217c251418
Request Chain 322
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Dr1%26refUrl%3D%26vid%3D08553060333138569057445573000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Dr1%26refUrl%3D%26vid%3D08553060333138569057445573000V10%26ovsid%3D%5BRX_UUID%5D&cb=1670855306944 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3052993830 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a8f77359-9db5-4714-9b79-a4238e9812fb HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6adccad7-27ff-4625-886f-a470ba92471c-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-6adccad7-27ff-4625-886f-a470ba92471c-004
Request Chain 323
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Ddxu%26refUrl%3D%26vid%3D08553060333138569057445573000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Ddxu%26refUrl%3D%26vid%3D08553060333138569057445573000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3138569057445573000V10&type=dxu&refUrl=&vid=08553060333138569057445573000V10&ovsid=hwq3O7rq1P4JN85
Request Chain 324
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=d8b1dc40-f93e-47f9-8110-eee8d04156f2
Request Chain 325
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=ae11f77e-2cb5-4aa2-8ef9-45f050485375&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-.JyEwNRE2pl0AuJNEdkbhZBZvJ9wusJIugIhkA--~A&expires=5 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=4a4de29a-7eba-432a-bbe8-e0c014e3d592&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 326
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Dzem%26refUrl%3D%26vid%3D08553060333138569057445573000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=SqCuI-akEWQDToiD8uvb&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKTOFBXKSJNMFVUKV2RIRKG62KEHB2XMYRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDQNJVGMYDMMBTGMZTCMZYGU3DSMBVG42DINJVG4ZTAMBQKYYTAJTWONUWIPJTGEZTQNJWHEYDKNZUGQ2TKNZTGAYDAVRRGA
Request Chain 327
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3138569057445573000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3138569057445573000V10
Request Chain 328
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=a8f77359-9db5-4714-9b79-a4238e9812fb
Request Chain 330
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a8f77359-9db5-4714-9b79-a4238e9812fb&dongle=0cfd
Request Chain 331
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc1NDUwMjU2ODYyMTk1Nzc4NjkzMw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEFK4UrnyyiZJT3v5f4p5HM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 333
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc1NDUwMjU2ODYyMTk1Nzc4NjkzMw%3D%3D
Request Chain 334
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2754502568621957786933&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2754502568621957786933&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=72571d73-4406-4a18-8e11-fec7f36aa1d8&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=72571d73-4406-4a18-8e11-fec7f36aa1d8&_noobservation=1&_expected_cookie=7dd17bf851157838d959afc00e264d76
Request Chain 335
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2754502568621957786933&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=2754502568621957786933&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4a4de29a-7eba-432a-bbe8-e0c014e3d592&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522801271569356404&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522801271569356404&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0
Request Chain 336
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2754502568621957786933?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-yC5vqHpE2oT7iuAoDXB6u6eFR9oNUTgh5JhlD28Ywg--~A&dongle=0883
Request Chain 337
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2754502568621957786933 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2754502568621957786933&dcc=t
Request Chain 339
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=117597611884616147&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 344
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yOi54I3sMyCZ9UJqoqCf2Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C.V3cQhE2oIkPPXOoPJMfvOCTd3gzbWyuI_Fwg--~A
Request Chain 345
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBKW3TQF-1B-HY8J
Request Chain 346
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xPd8MEGnRt2kF48XwR-X5g&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xPd8MEGnRt2kF48XwR-X5g
Request Chain 347
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJLVzNUUUYtMUItSFk4Sg==
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFbfuuiT9-VjzEXRc28g5i8&google_cver=1
Request Chain 349
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 350
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI5NTJhNGQ4N2NjYTc2N2ViMmVjODNjYWQ5YmIxODViYzhlNzE3OQ
Request Chain 351
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=&expires=30
Request Chain 356
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 359
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=117597611884616147
Request Chain 360
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FzdkDRZH6wcc7iM_Sd6UxzWf
Request Chain 361
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FzdkCLZHSslaePjASBWsGmAi
Request Chain 362
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1670855306944 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6938377290 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a8f77359-9db5-4714-9b79-a4238e9812fb HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6adccad7-27ff-4625-886f-a470ba92471c-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-6adccad7-27ff-4625-886f-a470ba92471c-004
Request Chain 363
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=2019090387499638504
Request Chain 365
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F7094%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D7ca25c03-5145-422c-90fc-d6e334e34f01%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 366
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-3wWwU_dE2uGKd8BuF4ww6SHlAZq1Ol3S5BWthhE-~A
Request Chain 367
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zNDM1OTk2OC1mYzRiLTNmZGYtYTBjZi1iY2RlNWE2ODAwOTYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0zNDM1OTk2OC1mYzRiLTNmZGYtYTBjZi1iY2RlNWE2ODAwOTYyAhIaOAE=
Request Chain 368
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-3wWwU_dE2uGKd8BuF4ww6SHlAZq1Ol3S5BWthhE-~A
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPH0MXB8oyrhSMF4g-k0Zro&google_cver=1
Request Chain 371
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a8f77359-9db5-4714-9b79-a4238e9812fb&expiration=1673447306&gdpr=0&gdpr_consent=
Request Chain 372
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB&dcc=t
Request Chain 373
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5c6ivAg.JGYThEBey1VrwAA
Request Chain 374
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4356560833940453138
Request Chain 375
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=vgCwqD3o_-OIq-mvSePz&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD25THIN3XCRBTN5PS2T2JOEWW25STMVIHU
Request Chain 376
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=117597611884616147
Request Chain 377
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=087b220419d19e55720d8df9&expiration=[EXPIRATION]
Request Chain 380
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGHKdPz0bW2-8nw-CdUTX6s&google_cver=1&google_push=ASkJ3FbBXQDhGImoeNyJyhecUPWdbvv7hS7ZllKx4MFIEGxr3_gNGX2zWDieb_McsWm3yX7TiLUzg6fYb55cyStAbNtwWc4jddVr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=6vxjlzqKTQCQdvkhfCUUGA&google_push=ASkJ3FbBXQDhGImoeNyJyhecUPWdbvv7hS7ZllKx4MFIEGxr3_gNGX2zWDieb_McsWm3yX7TiLUzg6fYb55cyStAbNtwWc4jddVr
Request Chain 381
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJESHXxmevCZj9Ce6ie1n5E&google_cver=1&google_push=ASkJ3FZXgtjogEFcuDRRRY95VGbbvdXmnJS2bu7p02WmIwXVtjlEGGseH99oG0smsmDG-UGQTR-UUXZVKW3BEwP688o-Nreh9-xE HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJESHXxmevCZj9Ce6ie1n5E&google_cver=1&google_push=ASkJ3FZXgtjogEFcuDRRRY95VGbbvdXmnJS2bu7p02WmIwXVtjlEGGseH99oG0smsmDG-UGQTR-UUXZVKW3BEwP688o-Nreh9-xE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZXgtjogEFcuDRRRY95VGbbvdXmnJS2bu7p02WmIwXVtjlEGGseH99oG0smsmDG-UGQTR-UUXZVKW3BEwP688o-Nreh9-xE&google_hm=cmcSPsdbSD6Tle3kE0XWLA==
Request Chain 382
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC_LjlQ9fU37Q0RwVM3swM0&google_cver=1&google_push=ASkJ3FYO5GkD_E_6FxoZ5PJxOiMOFujl8PWPm_Q7g7_KiPHVvoAVHvy14o4PCyKS_cqCsTjRIA57B7mguEJHfJOrPZUAAy0bxLX1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ1MDI3MzkzNDc4OTQ5MDU3OQ&google_push=ASkJ3FYO5GkD_E_6FxoZ5PJxOiMOFujl8PWPm_Q7g7_KiPHVvoAVHvy14o4PCyKS_cqCsTjRIA57B7mguEJHfJOrPZUAAy0bxLX1
Request Chain 383
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJ1nJQ2lKtzoiMaZEir33Ww&google_cver=1&google_push=ASkJ3Faggx_C9cVkrrpoRuu7TZyNjvbTD3XQ1S_9DSvedb3szGTj8MyX5nMgn3ZayOuwNH11md0rtyuoYdp-OCmbFGXNxlr1AsU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=0ee390ef&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3Faggx_C9cVkrrpoRuu7TZyNjvbTD3XQ1S_9DSvedb3szGTj8MyX5nMgn3ZayOuwNH11md0rtyuoYdp-OCmbFGXNxlr1AsU
Request Chain 385
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEC6tMVAx2SQhrK0iOMjFw7w&google_cver=1&google_push=ASkJ3FY8wXA-nvv2eIwDYV_zTYUEMRngZUSdLa65rusnkB012V1aPLR2MOAgRyOUO7Z8z8_a8d0u8lj_ANA_D30TXJ4emngB6J1oog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MDhkMGQxYTItMjJmYi00ODUzLWFjZjQtNzg0YjJmNjgxMWZk&google_push=ASkJ3FY8wXA-nvv2eIwDYV_zTYUEMRngZUSdLa65rusnkB012V1aPLR2MOAgRyOUO7Z8z8_a8d0u8lj_ANA_D30TXJ4emngB6J1oog
Request Chain 388
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=117597611884616147
Request Chain 390
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB
Request Chain 391
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5c6iwADbqhd7AAo HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5c6iwADbqhd7AAo&_test=Y5c6iwADbqhd7AAo
Request Chain 392
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=SWqtnkw4rJ9SP6afHmy5nE869ZBSPPfKGzpxexTa
Request Chain 394
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=087b220419f9cd3ff514e707&expiration=[EXPIRATION]
Request Chain 395
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB&dcc=t
Request Chain 399
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhQa8sABTYaB4zCx1e4Ts4J2i8C4eaEFtBw
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGv6K5p1rhzOSrK_AMPESNU&google_cver=1
Request Chain 402
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=eafc6397-3a8a-4d00-9076-f9217c251418&gdpr=0&gdpr_consent=
Request Chain 403
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LBKW3TQF-1B-HY8J&gdpr=0
Request Chain 404
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=117597611884616147
Request Chain 406
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=1635681172013442184
Request Chain 407
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UiACcel3Dqblh3JScc3UJ1z6ezy-OHj3HE9Iv8glx4c
Request Chain 408
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8450273934789490579 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 409
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-3wWwU_dE2uGKd8BuF4ww6SHlAZq1Ol3S5BWthhE-~A
Request Chain 410
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=
Request Chain 411
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=0&user_id=tPPOobGhz6CvpsWg4_Xao7Kjlq-vpZT15qP-JTyY
Request Chain 417
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=117597611884616147
Request Chain 418
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_d96a13a3-1a1e-4752-aa40-1d7cbe5d4132&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=ae11f77e-2cb5-4aa2-8ef9-45f050485375
Request Chain 420
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_d96a13a3-1a1e-4752-aa40-1d7cbe5d4132&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=bTi25SH6UZmOQAI506d0&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YSUNEZDKU2IGZKVU3KPKFAUSNJQGZSDAJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Request Chain 421
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2717262021 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a8f77359-9db5-4714-9b79-a4238e9812fb HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6adccad7-27ff-4625-886f-a470ba92471c-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-6adccad7-27ff-4625-886f-a470ba92471c-004
Request Chain 422
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=5tzNNy1jEaYy&ev=1&pid=558355
Request Chain 424
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=f6b12d71-9999-4d78-b665-954705898450
Request Chain 434
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Request Chain 436
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=a8f77359-9db5-4714-9b79-a4238e9812fb
Request Chain 437
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=eafc6397-3a8a-4d00-9076-f9217c251418&gdpr=0&gdpr_consent=
Request Chain 438
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5c6iwAADtGUAQAe HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y5c6iwAADtGUAQAe&gdpr=0&gdpr_consent=&_test=Y5c6iwAADtGUAQAe
Request Chain 441
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5c6iMCo5s8AADVtRYEAAAAA
Request Chain 442
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5c6ivAg.JGYThEBey1VrwAA%265337
Request Chain 443
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
Request Chain 444
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 446
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:eafc6397-3a8a-4d00-9076-f9217c251418&gdpr=0&gdpr_consent=
Request Chain 447
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y5c6iwADeV6QWQAp HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5c6iwADeV6QWQAp&gdpr=0&gdpr_consent=&_test=Y5c6iwADeV6QWQAp HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 448
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=117597611884616147&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 449
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KoDSnS_S05wx1dmcfYbGnyzQipMx1ojJeNCjcDSk
Request Chain 451
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZvxgjxxZQ5CLhvnAJqK9Ww%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 452
  • https://idsync.rlcdn.com/420486.gif?partner_uid=66FC608F-1C59-4390-8B86-F9C026A2BD5B HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=1d6b8db7bbd82361fa59b0141d4c6347ec03bd3eaafa156d92ca534052750685791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAxZDZiOGRiN2JiZDgyMzYxZmE1OWIwMTQxZDRjNjM0N2VjMDNiZDNlYWFmYTE1NmQ5MmNhNTM0MDUyNzUwNjg1NzkxNDI2YjU0MTdkY2UyMRAAGgwIjPXcnAYSBAgCEABCAEoA
Request Chain 453
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=eafc6397-3a8a-4d00-9076-f9217c251418
Request Chain 454
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjZGQzYwOEYtMUM1OS00MzkwLThCODYtRjlDMDI2QTJCRDVC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 455
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECQx6nophEJskcXD5YAXbKs&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 458
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=
Request Chain 459
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=66FC608F-1C59-4390-8B86-F9C026A2BD5B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-75GlkqdE2uWNNQ5.HhbsSjadEMkwI7I-~A&gdpr=0&gdpr_consent=
Request Chain 466
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=31356468e78cb08a7c7660e1ecd0fc93&gdpr=0&gdpr_consent=0
Request Chain 468
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=08d0d1a2-22fb-4853-acf4-784b2f6811fd&gdpr=0
Request Chain 469
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=0ee390ef
Request Chain 471
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LBKW3TQF-1B-HY8J HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LBKW3TQF-1B-HY8J
Request Chain 474
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LBKW3TQF-1B-HY8J HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LBKW3TQF-1B-HY8J

472 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
www.bg3.co/a/ 		51 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8446cd29c8c42825dba51a9fce9cd24e34923d54b6d395853eb4a3b54c691131

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Dec 2022 14:28:12 GMT
ETag
"cd76-fKOXWVRAGiKucRz4L+eNZeC11CI"
Expires
Mon, 12 Dec 2022 15:28:12 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
bf6f60a055b019602629d95982d61eced679e3cbde3e55c32dce65f1342f1578
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 12 Dec 2022 14:28:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72696
x-xss-protection
0
server
sffe
etag
"11d3192c948151e4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 12 Dec 2022 14:28:13 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
46fd03ad0e7c040579da228f8f3fb42d3f001bba54b18b191129c1e28426809d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 12 Dec 2022 14:28:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9658
x-xss-protection
0
server
sffe
etag
"277fa370290e80bc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 12 Dec 2022 14:28:14 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
dfc1ae905584b3fe8354704d515e61dc46633c8c336bd03ca8cc6e5a9ee827eb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 12 Dec 2022 14:28:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7577
x-xss-protection
0
server
sffe
etag
"1fc5fc3dbf11f9c2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 12 Dec 2022 14:28:13 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
f2b1394c266679234f8815d286939c77adabf3f435cdf5abd572df9279c8625f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 12 Dec 2022 14:28:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31960
x-xss-protection
0
server
sffe
etag
"06ffb2d97fe92d88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 12 Dec 2022 14:28:14 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
44 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4267
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44566
last-modified
Wed, 16 Nov 2022 08:39:32 GMT
server
cloudflare
etag
"6374a1c4-ae16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AcXCR0438SBJo0SOnIxAVwHn9bZym9BKSWqJJjnvYYxySqXhqXJkoZ6543tYd%2FWZqy8Z%2BSyW5P6VAVfy1pHX%2FfP0oQofXAK0%2BMgGxIaVMGsMT8qPCZ%2FPX%2BHP99EaN9Jf3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
778725345b70a961-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
38699d129a523f13737145cdae16928a789fbc5a3398c6107f133f133a39d080

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Mon, 12 Dec 2022 14:28:14 GMT
content-encoding
br
last-modified
Mon, 12 Dec 2022 08:00:31 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=20, origin; dur=223
x-cf-geodata
NZ
content-length
9195
expires
Mon, 12 Dec 2022 15:28:14 GMT
adpushup.js
cdn.adpushup.com/42753/ 		518 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6bfd228178a7920f79853de46df09c0a6ee732b6d92100be5bb99174d05a9c07

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Mon, 12 Dec 2022 14:28:14 GMT
content-encoding
br
last-modified
Thu, 17 Nov 2022 09:46:28 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=7
x-cf-geodata
NZ
content-length
114452
expires
Mon, 12 Dec 2022 15:28:14 GMT
883629ff47866b7825d16be4d5940824.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/883629ff47866b7825d16be4d5940824.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
de296fa30694f80b8bfd1b3d35f978d7.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/de296fa30694f80b8bfd1b3d35f978d7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e555540b83bd59710088ce7589a20300.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e555540b83bd59710088ce7589a20300.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
416d19f5c16e0d9f5bdb880964ce8611.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/416d19f5c16e0d9f5bdb880964ce8611.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ea742c87b706b9a4024f94e70c03cad5.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ea742c87b706b9a4024f94e70c03cad5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
c42a59e20f7550982a33e981bc27eb55.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/c42a59e20f7550982a33e981bc27eb55.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ba930db0a1bbc624680a08cf0331e2a6.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/ba930db0a1bbc624680a08cf0331e2a6.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
493708045b2472b42b0a71e9ab553565.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/493708045b2472b42b0a71e9ab553565.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
42012131453261223f9707b69ef8e941.jpg
static.bg3.co/imgs/202107/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/42012131453261223f9707b69ef8e941.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
7b786e34d19afadb0dab40df0f99234a.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/7b786e34d19afadb0dab40df0f99234a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f2a28ac34330bc40e3282585ecef241b.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/f2a28ac34330bc40e3282585ecef241b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
737bf281f0301eb5f4efc08d28100af2.jpg
static.bg3.co/imgs/202109/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202109/737bf281f0301eb5f4efc08d28100af2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
efb15eac2921868ca99e138343e27ea1.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/efb15eac2921868ca99e138343e27ea1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4662f13ca7dc0ea266ea5a1f78c22362.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/4662f13ca7dc0ea266ea5a1f78c22362.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
76f7162d796c184607a078b395be3868.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/76f7162d796c184607a078b395be3868.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012211250451000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211250451000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
73761714541df3d1ab550de43c590774bb5f2b2b61a47f1d1ca26cdfd548947a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 10 Dec 2022 22:41:24 GMT
age
143212
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2991
x-xss-protection
0
server
sffe
etag
"dcdd55c0613f0957"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 10 Dec 2023 22:41:24 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012211250451000/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211250451000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
877867e00430940d315048a852e94d02574bcf6be9bca197a14f30427323667a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 11 Dec 2022 16:30:49 GMT
age
79047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23083
x-xss-protection
0
server
sffe
etag
"0cc6b80380f4a1b6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 11 Dec 2023 16:30:49 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		4 KB
934 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
6a9414baa5c5b9c250487e0c806a08c69ff92914382db9f03bfde147c8bcc3a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
493
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012211250451000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211250451000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
8f020d78a98d87a0c9e91cc4fd4cfa00128a0b716aa3ae48da1958c55ad222fb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 08 Dec 2022 18:01:58 GMT
age
332778
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3940
x-xss-protection
0
server
sffe
etag
"108ff93a1e52b9c8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 08 Dec 2023 18:01:58 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1711
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BNa2wTrA58MUFLeB63pcL8kraMSfhVE3Rj4QFtxD30ze8Nop1DuDK7T%2F1bwXMwFdM%2BUmItpInhwkUgxEnvHLsSVluETcx0CM6fvp%2Bb1%2BVGyn8EGTqFCFO6zaw%2BcPSR%2F6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
778725363c5ea961-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
43ede94b0cc7dd8b2e3a22b8171332baaa72d694d355ccaa506103338b7d3c15

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 14:28:15 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
43ede94b0cc7dd8b2e3a22b8171332baaa72d694d355ccaa506103338b7d3c15

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 14:28:15 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.4736355857899508&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 14:28:15 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.2445539316403642&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 14:28:15 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:17 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJGR3ZwGEogBCiQ2NTYyOGZhYi1jZmVjLTRlMWYtODc1OC0wYzAzNGQ4YjdjZTkQ+OiCoKvU+wIaBgiB9dycBiINMTE2LjkwLjc0LjIxNSjQmwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGJmZDM0NWI5LWNjYzgtNGExMC1iNTE4LTY0ZmU4NmQ1ZGFjMhi46QE=.ir3O2etJCGPKHwpgP5Xyjl19cdvkaigvbd/hZ1A+Bko=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1670855297.dop208.la3.t,1670855297.cds213.la3.hn,1670855297.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:17 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJGR3ZwGEogBCiQ0MjJhODY3My0zOWY4LTRlNTgtYTI5OC05NmM5YjIzNTg2NTkQ+OiCoKvU+wIaBgiB9dycBiINMTE2LjkwLjc0LjIxNSjQmwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGQ0OGZlMTMwLWMzYTAtNDJjZC1iM2QwLTcxYjBhNzRiNGUyNhib8QE=.O/N7Eyy4ybyrakVQhZL926n4aq77J/c1TltDZ0xBqsA=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1670855297.dop208.la3.t,1670855297.cds213.la3.hn,1670855297.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012211250451000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211250451000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
0fe25e11cf66e27cbd81c5224de3ce4679885baf5c0b9fc4e6adb7c969a28316
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 08 Dec 2022 18:02:19 GMT
age
332757
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10289
x-xss-protection
0
server
sffe
etag
"73d8a5207c1ad4a4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 08 Dec 2023 18:02:19 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 48F3 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
35fe2714ccde61e15f0a7852ab9b333ac47361a8470994da3855d2cdad8ca05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34091
x-xss-protection
0
server
cafe
etag
17238724122355897099
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 14:28:15 GMT
gtag.json
cdn.ampproject.org/rtv/012211250451000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211250451000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 08 Dec 2022 18:01:40 GMT
age
332795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"50d055a9eca0f95b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 08 Dec 2023 18:01:40 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2BB0 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
14e4b82e72ca592dcccfa168d05bf08639a47b493674555dd10d647428912843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34171
x-xss-protection
0
server
cafe
etag
2725486569081692460
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 14:28:15 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 6B19 		1003 B
914 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07df915eecf7938b5554497a4a5095bcb62603976bbee787ba56b4426365f045

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1720
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7787253cf88baad8-SYD
content-encoding
br
content-type
text/html
date
Mon, 12 Dec 2022 14:28:15 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22%2BkA6xh9Zu51bYNcAgbTHHcrK5VARelDbsVr%2BXD8YxYF3o%2B2ZUEJW0ME2BCnv%2Fqd%2BvVI8hsBoaJ%2F7HPNZNnN4HFFu0HqYi0cAYN0YZsV%2FumWJBbl%2B29w2kZwbqvR9O1rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 14:28:17 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 21B2 		1003 B
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d42afbed51d06beb9e4ab3e0c12d3c6c0933e5a1410b3ef94ce6ee0077cde7

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1720
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7787253d0893aad8-SYD
content-encoding
br
content-type
text/html
date
Mon, 12 Dec 2022 14:28:15 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuihehnZ4UvjJBg8QGT7sr3kbMi0Bnj9cDi3jRWpinZebNEkt44SZf8mqHlqTAedK0wskN95e14oU607RbJlvyw6YBkqEhdackW%2BxPt6P4gMZB4nEFKZ0CqJWFaQHWs%2FvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rocket-loader.min.js
cdn.aralego.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 6B19 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Dec 2022 18:45:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6390df59-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2jP%2FtVQtgYq1OWdeIGR0U0Qgr4XoURrFcoDFj69rVtd8JL20Ar9t146RfPYn1K6PvgVu0SlaXxnTCXRAu%2BkZJvl7aVPETl1KizY0hGvP%2FwsmAiWsk9IJ79hyfJsAAhgHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7787253e092eaad8-SYD
expires
Wed, 14 Dec 2022 14:28:15 GMT
rocket-loader.min.js
cdn.aralego.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 21B2 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Dec 2022 18:45:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6390df59-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zzk8K5bUSOJ%2B89OcuDFyvSV0dIFFrONx0h9cuQcjk0PaWbWs%2ByA44g9%2F9eQCMEHP4fnqIe6AFA94FDfB5IGiDHolD9m9hLUZRcO1sY1z%2F0s0%2Fz%2F8mbeyC%2FHsGHlHsafBxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7787253e1935aad8-SYD
expires
Wed, 14 Dec 2022 14:28:15 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6B19 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
7f2ddf88e0baf7c39f74a0c6dd396b8e611bc18c18c3d0cb179f579ec56cd2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1419 / 319 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 12 Dec 2022 14:28:19 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 21B2 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
e6cb1293dd91b2446f363ff95710128ae90197d33cb70bbc70b35f7609d4b267
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1419 / 655 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 12 Dec 2022 14:28:19 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Mon, 12 Dec 2022 14:28:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ Frame 2BB0 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071251
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
75cbae1b4b979d7cbd3221a5379672c4ddd67f1d2470ca776efed180d0375e96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119788
x-xss-protection
0
server
cafe
etag
10496253485193560295
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 14:28:17 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/ Frame 48F3 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js?bust=31071113
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
1e5edc902cbde58b027562bab0c91259272b9ec1b2641c4a0020a5c4c1b69728
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119774
x-xss-protection
0
server
cafe
etag
14940088122359976905
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 14:28:17 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%B5%B4%E6%AD%A6%E6%BC%A2%E5%B0%8B%E7%96%AB%E6%83%85%E8%B5%B7%E6%BA%90%20WHO%EF%BC%9A%E6%89%BE%E5%88%B0%E9%87%8D%E5%A4%A7%E7%B7%9A%E7%B4%A2%E4%BA%86%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-heprdNQx8f6KCm-zEtg9yg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.545329693362467&gjid=0.8179220719372016&_r=1&a=7644&z=0.9355873714583212&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012211250451000/v0/ 		215 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211250451000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
b17c983a08120b50fc7a1b16c9c909983790ba35642223aa24c9188c5c26db4e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 11 Dec 2022 05:40:22 GMT
age
118075
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57950
x-xss-protection
0
server
sffe
etag
"a072373a85684010"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 11 Dec 2023 05:40:22 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-1273038416797963012.ampproject.net/2211250451000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-1273038416797963012.ampproject.net/2211250451000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1670855297796
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Mon, 12 Dec 2022 14:28:18 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
631
expires
Mon, 12 Dec 2022 15:28:18 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 48F3 		379 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js?bust=31071113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
708e62ac096a55b6b6018b0189b9dc1bbd8130d356d540c3c00a7d2b87bb2ca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 48F3 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js?bust=31071113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 48F3 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js?bust=31071113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F97A 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296432&bpp=18&bdt=2046&idt=1387&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=2&ga_vid=596370892.1670855298&ga_sid=1670855298&ga_hid=744263272&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1828&biw=1600&bih=1200&isw=336&ish=280&ifk=2011414921&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071113%2C31071267&oid=2&pvsid=1346008572914845&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vc5dpnc3umc0&btvi=1&fsb=1&dtd=1406
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js?bust=31071113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
d7b90c8f0eb030c74b9d8eeba0f9b11a9420e00a7dac6047d944147bb6a9131b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9939
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:18 GMT
expires
Mon, 12 Dec 2022 14:28:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 2BB0 		379 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
c4b9bdabb1ffa597eae9b9d56c6f0d963b6ba9644c10341cb47df1a083a3b77c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 2BB0 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2BB0 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D356 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296329&bpp=16&bdt=1964&idt=1528&shv=r20221206&mjsv=m202212070101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=1&ga_vid=1757765834.1670855298&ga_sid=1670855298&ga_hid=1653522079&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2379225532&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44779793%2C31071267&oid=2&pvsid=3172550417314986&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ao631gx25ckg&fsb=1&dtd=1547
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
4815b2641e793381617f60dea9a1f28aa4a1a27d12f1fc3214c057ea08fb7152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9939
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:18 GMT
expires
Mon, 12 Dec 2022 14:28:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Mon, 12 Dec 2022 14:28:19 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=11
content-length
94168
expires
Tue, 12 Dec 2023 14:28:19 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Mon, 12 Dec 2022 14:28:19 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=5
content-length
211
expires
Tue, 12 Dec 2023 14:28:19 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
eea7f2becc647238abd72cc42f3f1892bc2a2204136bc0d4b989ebd8c13a0dda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
br
last-modified
Mon, 12 Dec 2022 04:53:17 GMT
server
nginx/1.18.0
etag
W/"6396b3bd-12bdd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=453
content-length
18111
expires
Mon, 12 Dec 2022 15:28:20 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
0efe5a2440bc8207ce66ffdef2f4f59e6cdbcf0b02da8ebd623df6e8344167d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1419 / 802 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 12 Dec 2022 14:28:19 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:19 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzA4NTUyOTgxNTEsInBhY2tldElkIjoiMDAwMEE3MDEtODg3NjUxYjctMDM5Ny00YzY2LWJmMmUtODM2MjdjNmJmMDA4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Z1LXd1LXlpLXh1bi15aS1xaW5nLXFpLXl1YW4td2hvLXpoYW8tZGFvLXpob25nLWRhLXhpYW4tc3VvLWxpYW8uaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=6837.60000038147
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:19 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzA4NTUyOTgxNTIsInBhY2tldElkIjoiMDAwMEE3MDEtODg3NjUxYjctMDM5Ny00YzY2LWJmMmUtODM2MjdjNmJmMDA4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Z1LXd1LXlpLXh1bi15aS1xaW5nLXFpLXl1YW4td2hvLXpoYW8tZGFvLXpob25nLWRhLXhpYW4tc3VvLWxpYW8uaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=6838.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:19 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzA4NTUyOTgxNTIsInBhY2tldElkIjoiMDAwMEE3MDEtODg3NjUxYjctMDM5Ny00YzY2LWJmMmUtODM2MjdjNmJmMDA4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Z1LXd1LXlpLXh1bi15aS1xaW5nLXFpLXl1YW4td2hvLXpoYW8tZGFvLXpob25nLWRhLXhpYW4tc3VvLWxpYW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19&c_b=6838.700000762939
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:19 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:19 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
593
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Mon, 12 Dec 2022 18:28:19 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzA4NTUyOTgxNTcsInBhY2tldElkIjoiMDAwMEE3MDEtODg3NjUxYjctMDM5Ny00YzY2LWJmMmUtODM2MjdjNmJmMDA4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Z1LXd1LXlpLXh1bi15aS1xaW5nLXFpLXl1YW4td2hvLXpoYW8tZGFvLXpob25nLWRhLXhpYW4tc3VvLWxpYW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=6843.60000038147
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:19 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzA4NTUyOTgxNjAsInBhY2tldElkIjoiMDAwMEE3MDEtODg3NjUxYjctMDM5Ny00YzY2LWJmMmUtODM2MjdjNmJmMDA4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Z1LXd1LXlpLXh1bi15aS1xaW5nLXFpLXl1YW4td2hvLXpoYW8tZGFvLXpob25nLWRhLXhpYW4tc3VvLWxpYW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M18xMjBYNjAwXzEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=6846.400000572205
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:19 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame 45AF 		603 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-29616180041933787486&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2982&oid=2&is_amp=5&amp_v=2211250451000&d_imp=1&c=869007644&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&ga_hid=7644&dt=1670855297656&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&bdt=4861&dtd=691&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211250451000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:18 GMT
expires
Mon, 12 Dec 2022 14:28:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame F97A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CCHQvgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSDAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0yS6zfOc265ySg3p1xwCKyJ4xjRBrezPvaEeZd1_YX6xyB_tRdFaABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=EdmEtItoVOw&uach_m=[UACH]&cid=CAQSGwDq26N9fWmmuN-dak3jYVltDyYXx2zftxmQbxgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296432&bpp=18&bdt=2046&idt=1387&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=2&ga_vid=596370892.1670855298&ga_sid=1670855298&ga_hid=744263272&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1828&biw=1600&bih=1200&isw=336&ish=280&ifk=2011414921&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071113%2C31071267&oid=2&pvsid=1346008572914845&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vc5dpnc3umc0&btvi=1&fsb=1&dtd=1406
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296432&bpp=18&bdt=2046&idt=1387&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=2&ga_vid=596370892.1670855298&ga_sid=1670855298&ga_hid=744263272&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1828&biw=1600&bih=1200&isw=336&ish=280&ifk=2011414921&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071113%2C31071267&oid=2&pvsid=1346008572914845&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vc5dpnc3umc0&btvi=1&fsb=1&dtd=1406
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 12 Dec 2022 14:28:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 12 Dec 2022 14:28:19 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame F97A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k-qNEp_IC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQgjqXYzypnttZBBp4y3FFABIAAA&wp=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296432&bpp=18&bdt=2046&idt=1387&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=2&ga_vid=596370892.1670855298&ga_sid=1670855298&ga_hid=744263272&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1828&biw=1600&bih=1200&isw=336&ish=280&ifk=2011414921&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071113%2C31071267&oid=2&pvsid=1346008572914845&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vc5dpnc3umc0&btvi=1&fsb=1&dtd=1406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
140353
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 7F5A 		165 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296432&bpp=18&bdt=2046&idt=1387&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=2&ga_vid=596370892.1670855298&ga_sid=1670855298&ga_hid=744263272&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1828&biw=1600&bih=1200&isw=336&ish=280&ifk=2011414921&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071113%2C31071267&oid=2&pvsid=1346008572914845&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vc5dpnc3umc0&btvi=1&fsb=1&dtd=1406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
853791586b98204d9dd999cc8e57fc18b18c7f8394b8f1865a47fd361c1e4ca5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:18 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=r5ZBsmfqe4STNYbESdvyeXoHV8FcS0Mv9qCM5YNCHOMtRsx2EOOVB5nBCookhzD1CZCEXZat_scwmi0jmbiswHsFnDJV_FrQJJvqC8kvfxqwak5Oc9nU_9bBTPTqzTxgTJpChQ0_i9cQ3TY6rYh0jolJqgiJji4ld1DPi70QOzA154532pj_WnIz7OpT-F4cFiokwIdn-I16740wLhREahMPIDA_IO_I4iHplB9sJWdXY-jxlQ5r98s3zYAwpdt8sXmQ-A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
46883117
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame F97A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296432&bpp=18&bdt=2046&idt=1387&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=2&ga_vid=596370892.1670855298&ga_sid=1670855298&ga_hid=744263272&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1828&biw=1600&bih=1200&isw=336&ish=280&ifk=2011414921&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071113%2C31071267&oid=2&pvsid=1346008572914845&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vc5dpnc3umc0&btvi=1&fsb=1&dtd=1406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 18:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
71057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 18:44:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame F97A 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296432&bpp=18&bdt=2046&idt=1387&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=2&ga_vid=596370892.1670855298&ga_sid=1670855298&ga_hid=744263272&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1828&biw=1600&bih=1200&isw=336&ish=280&ifk=2011414921&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071113%2C31071267&oid=2&pvsid=1346008572914845&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vc5dpnc3umc0&btvi=1&fsb=1&dtd=1406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 05:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
32372
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Dec 2022 05:28:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F97A 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296432&bpp=18&bdt=2046&idt=1387&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=2&ga_vid=596370892.1670855298&ga_sid=1670855298&ga_hid=744263272&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1828&biw=1600&bih=1200&isw=336&ish=280&ifk=2011414921&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071113%2C31071267&oid=2&pvsid=1346008572914845&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vc5dpnc3umc0&btvi=1&fsb=1&dtd=1406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 14:28:22 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D356 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cx1jhgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSVAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIctrOsKI9Yrz1B25jr5w0Uyi4pW4K3VRmldM4phrGNCLmxgMZUJDOmABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=aVzWOz0BJ2Y&uach_m=[UACH]&cid=CAQSGwDq26N9dr6jNE47F-xrnAYI0z1hCQQFWNkcFhgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296329&bpp=16&bdt=1964&idt=1528&shv=r20221206&mjsv=m202212070101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=1&ga_vid=1757765834.1670855298&ga_sid=1670855298&ga_hid=1653522079&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2379225532&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44779793%2C31071267&oid=2&pvsid=3172550417314986&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ao631gx25ckg&fsb=1&dtd=1547
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296329&bpp=16&bdt=1964&idt=1528&shv=r20221206&mjsv=m202212070101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=1&ga_vid=1757765834.1670855298&ga_sid=1670855298&ga_hid=1653522079&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2379225532&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44779793%2C31071267&oid=2&pvsid=3172550417314986&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ao631gx25ckg&fsb=1&dtd=1547
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 12 Dec 2022 14:28:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 12 Dec 2022 14:28:19 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame D356 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k-qNEp_IC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQgjqXY43dtkoJwDjuAKPjABIAAA&wp=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296329&bpp=16&bdt=1964&idt=1528&shv=r20221206&mjsv=m202212070101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=1&ga_vid=1757765834.1670855298&ga_sid=1670855298&ga_hid=1653522079&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2379225532&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44779793%2C31071267&oid=2&pvsid=3172550417314986&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ao631gx25ckg&fsb=1&dtd=1547
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
184647
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame EB97 		172 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296329&bpp=16&bdt=1964&idt=1528&shv=r20221206&mjsv=m202212070101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=1&ga_vid=1757765834.1670855298&ga_sid=1670855298&ga_hid=1653522079&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2379225532&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44779793%2C31071267&oid=2&pvsid=3172550417314986&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ao631gx25ckg&fsb=1&dtd=1547
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
d42b8d678031d9d6ee15d5b554f41a4047c1d3b608584afc8c6e639e7e3f46bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:19 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=sMXAYGfqe4STNYbEVag-00--1tXGVpScl3ya-Nqc4XUOB660OEcg8e5TC0H6VWiOQDrUo63armvFlyzwD_FeS_Dm82WHRHph0KcWvWpEh078tm-fckwhjUiuJbKueXNANS-yBZR0UuKhoF-bEsoJzmNPXbkygJtJ1vUgEYnfAoFy2TzGFP0IbCbbgiStaofh9JhYGuQexPAfu4INxFbKWHbmRFSX6AM7LA8hE0nOCHoujRsWuc-6lXjfVc0lbs-Wh9e7hQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
48010541
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame D356 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296329&bpp=16&bdt=1964&idt=1528&shv=r20221206&mjsv=m202212070101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=1&ga_vid=1757765834.1670855298&ga_sid=1670855298&ga_hid=1653522079&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2379225532&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44779793%2C31071267&oid=2&pvsid=3172550417314986&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ao631gx25ckg&fsb=1&dtd=1547
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 18:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
71057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 18:44:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame D356 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296329&bpp=16&bdt=1964&idt=1528&shv=r20221206&mjsv=m202212070101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=1&ga_vid=1757765834.1670855298&ga_sid=1670855298&ga_hid=1653522079&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2379225532&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44779793%2C31071267&oid=2&pvsid=3172550417314986&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ao631gx25ckg&fsb=1&dtd=1547
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 05:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
32372
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Dec 2022 05:28:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D356 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296329&bpp=16&bdt=1964&idt=1528&shv=r20221206&mjsv=m202212070101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=1&ga_vid=1757765834.1670855298&ga_sid=1670855298&ga_hid=1653522079&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2379225532&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44779793%2C31071267&oid=2&pvsid=3172550417314986&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ao631gx25ckg&fsb=1&dtd=1547
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 14:28:22 GMT
truncated
/ Frame F97A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0386e6cb985cea5204d7c7a6ac9257953c5db5b0572bd2263e33ebb472927716

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D356 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
179b5d27132a82d24c347051513936d5c49a2df17c6cc3444aae986096d170e6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2022120601.js
securepubads.g.doubleclick.net/gpt/ Frame 6B19 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 12:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
526899
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132161
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 09:39:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 06 Dec 2023 12:06:41 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 7F5A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:20 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 7F5A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:20 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 7F5A 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 07 Dec 2023 14:28:20 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 7F5A 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 07 Dec 2023 14:28:20 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 7F5A 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=dUn0w_75XM3tyKw0QFopdBT6cT2P_iA0ugQb8tnrBWZCuiYYlXub5txQtfT8cgCewfPJ8cI9lVMKcajSA6Vtr3AKLeGOXxgC0qY9mdX6hobE1P84pPfIKCrpf_PPcUX8xvqbTKJm-IlZ9dOfJU3mUuNDGLxRv3OwKcC9YTfm789acYNr_STCIawdqCBmE9zMO2VxY_E_6TQBTNsYlNbzQPy-hVfT18PBmijOrlXa9FgvZtN3I5YdCNVWtEIGpGkbhRKLzdR0eA3zKBqQ9VL8MR7lNO-ekSI7tmOqFBHKXMaOSSFJws60nJCvK-G1rk58AhEfKWO3WAxmgZ26szc37vZ_HnOsH5ykEmA63n8m_yJCzRdMhpWL6-Thr0Q3os_vV9FTZhxpCJOKJkHhpmBKorcoFNQJrRfUjhLAh_iDiIOSEyWL
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3016097
expires
Mon, 26 Jul 1997 05:00:00 GMT
795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
static.criteo.net/design/dt/ Frame 7F5A 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a63352e1cd1d58eb182679f2a2ec9bc94bfe34c5ddb594cec95384bb145d9cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-cbac"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:20 GMT
1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
static.criteo.net/design/dt/ Frame 7F5A 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
385eb75d03c130230da212fba0a0d230e0d09b8335067a3eb7e4d9167590a59b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-50d0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:20 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7F5A 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
418327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krhhH3CfRac3IhFzf7vosrYFMuniwrxWzdWVR7%2FSd8%2BYF7%2Fb%2FskwvU0UcLd4kVPpj1E5DiboCtj72XNnr5hIvwLtWXiAZqfuckyFUGQM%2B0yAqnM5WApGrJoynWkRK8dVutH51DfU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7787255f0ec6a829-SYD
expires
Sat, 02 Dec 2023 14:28:20 GMT
pubads_impl_2022120701.js
securepubads.g.doubleclick.net/gpt/ Frame 21B2 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 11:50:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132289
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 09:34:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 07 Dec 2023 11:50:48 GMT
animejs.js
static.criteo.net/animejs/ Frame 7F5A 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:20 GMT
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
gzip
etag
"KvGSi9leJgKNKEGESzHjYw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 19 Dec 2022 14:28:20 GMT
7395b51838104e93b35090bac8fa5639_cpn_336x280_1.jpg
static.criteo.net/design/dt/85833/221202/ Frame 7F5A 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/85833/221202/7395b51838104e93b35090bac8fa5639_cpn_336x280_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
160a0ae1429f0dc06b33c95765a37fa96bc032e333fb6ad6327da181e730af8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 02 Dec 2022 13:28:23 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6389fd77-607f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
24703
expires
Thu, 07 Dec 2023 14:28:20 GMT
img
pix.as.criteo.net/img/ Frame 7F5A 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=152&m=0&partner=85833&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F55107%2F210723%2Fe9cd2ec2f5594aef93573b54d93251c1_brandlogo.png&v=3&w=668&s=Plfybc99RBiiwXw0FK6zcWVJ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4b5faf9fe073ac81c10c229dccf3deca39d02f9869eac293777ca1942bc20f55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27429557
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23355
expires
Thu, 26 Oct 2023 01:47:39 GMT
img
pix.as.criteo.net/img/ Frame 7F5A 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5556953_png%2Fthe-little-mermaid--limited-edition-swarovski-5556953.png&v=3&w=400&s=6TbXhE-XLC1G3jFvBYSivPza&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
3b2d5da22437f8bf5796d57c4a4dcf018773e5a48c8885671c810149777d7b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28067249
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28184
expires
Thu, 02 Nov 2023 10:55:50 GMT
img
pix.as.criteo.net/img/ Frame 7F5A 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5494230_png%2Fswarovski-power-collection-bracelet--beige-swarovski-5494230.png&v=3&w=400&s=v7T9Lsl8pxLeGvenGgdbotm8&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
b396002a752cafc6957dca3dc447ccc045d5447ea8c21c9dec482ce39a7bf532
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31103918
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30682
expires
Thu, 07 Dec 2023 14:26:59 GMT
img
pix.as.criteo.net/img/ Frame 7F5A 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5636567_png%2Fmillenia-drop-earrings--round-cut--black--rhodium-plated-swarovski-5636567.png&v=3&w=400&s=AuqyPq0iGbv3ETD-S-uwXAAf&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
802a61c6dd1783d38b7ed0cb19637dab75797cdcd8902c3b291d8f5fd374fa45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27983242
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9146
expires
Wed, 01 Nov 2023 11:35:44 GMT
img
pix.as.criteo.net/img/ Frame 7F5A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5613740_png%2Fgema-drop-earrings--asymmetrical-design--mixed-cuts--long--multicoloured--rhodium-plated-swarovski-5613740.png&v=3&w=400&s=GmaMXzpD9JFD-Jg6vZ3bKdAx&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
21295c187205746a49fa6654b6bff00a75127e2c58d51a5432802c03ec09632b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27636013
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11900
expires
Sat, 28 Oct 2023 11:08:34 GMT
img
pix.as.criteo.net/img/ Frame 7F5A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5646718_png%2Fattract-trilogy-drop-earrings--round-cut--green--rhodium-plated-swarovski-5646718.png&v=3&w=400&s=rt748iczdRc5ZjXeZmBSuaL6&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
15f1b58ead79c83219c0f09582b331fb46234a195d3f07716d56da237fa93638
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28315235
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10460
expires
Sun, 05 Nov 2023 07:48:57 GMT
img
pix.as.criteo.net/img/ Frame 7F5A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5522772_png%2Fbirthstone-pendant--round-cut--red--rhodium-plated-swarovski-5522772.png&v=3&w=400&s=Kr8Jua8q6NdMGV5IgonsylvM&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
7b2da9d190197859458cadc1b767940660442a3751ef215bfe6d362a06feb51d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31184541
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5918
expires
Fri, 08 Dec 2023 12:50:43 GMT
all
csm.as.criteo.net/ Frame 7F5A 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=r5ZBsmfqe4STNYbESdvyeXoHV8FcS0Mv9qCM5YNCHOMtRsx2EOOVB5nBCookhzD1CZCEXZat_scwmi0jmbiswHsFnDJV_FrQJJvqC8kvfxqwak5Oc9nU_9bBTPTqzTxgTJpChQ0_i9cQ3TY6rYh0jolJqgiJji4ld1DPi70QOzA154532pj_WnIz7OpT-F4cFiokwIdn-I16740wLhREahMPIDA_IO_I4iHplB9sJWdXY-jxlQ5r98s3zYAwpdt8sXmQ-A&sds=2&rev=83862.2&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7F5A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:21 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 7F5A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:21 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame EB97 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:20 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame EB97 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:20 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame EB97 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 07 Dec 2023 14:28:20 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame EB97 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 07 Dec 2023 14:28:20 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame EB97 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=bzdOKP75XM3tyKw0QFopdBT6cT26FAcYQugbHRcpXpr1feOqc-ZIWuhbb6Zkc2Y0GWnIMDOoaBgQPBYIAZaJeGYbocFb8ZSWBanBEbn4l3Sp0ESYIjTJ6UVqTUwJaF8kchG8A6phciKO3tjTq3w-Xdp2m8SIrkGsNdKUAWkAGjI72aalmPj63yyROP9WwolPJwI9bNmmv48af0XBp52rovqm8YErec8_2Ocf2ANsvPs69GWzrgEEf_57HPz5EBESOn5OzMQq5gnhwdw2icLUti6SPz3BJ30uek_79K0n5xbi2-iJmZnz5HF57W1wIZ9zhu-mmgbqVAtD3yqZ8n1xwPaPdfyMQCzMUrO-RhnJLBXRjNHgIp0sQKYM7BZK6fUDc0WePpcx7yiscEWaPMhjVps-lbjjC8sXDkBVXn75lTrDYYMw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3068133
expires
Mon, 26 Jul 1997 05:00:00 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 16:28:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Dec 2023 16:28:12 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Mon, 12 Dec 2022 14:28:20 GMT
795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
static.criteo.net/design/dt/ Frame EB97 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a63352e1cd1d58eb182679f2a2ec9bc94bfe34c5ddb594cec95384bb145d9cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-cbac"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:20 GMT
1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
static.criteo.net/design/dt/ Frame EB97 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
385eb75d03c130230da212fba0a0d230e0d09b8335067a3eb7e4d9167590a59b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-50d0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:20 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame EB97 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
418327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtUAWhMs0v2FVmFAUCYht5Bh47tMIaHrUVOjAgGL7dFivpkvsSd%2Bu6GW3LdAn8ITaUXq%2B9lAnIzclEl0bDFxeYGPZS7rLvBaN%2BQog0PAM8jGSIXsnQT9JEDyqaLDGa1bLKTugw02"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7787255f0ec8a829-SYD
expires
Sat, 02 Dec 2023 14:28:20 GMT
animejs.js
static.criteo.net/animejs/ Frame EB97 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:20 GMT
7395b51838104e93b35090bac8fa5639_cpn_336x280_1.jpg
static.criteo.net/design/dt/85833/221202/ Frame EB97 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/85833/221202/7395b51838104e93b35090bac8fa5639_cpn_336x280_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
160a0ae1429f0dc06b33c95765a37fa96bc032e333fb6ad6327da181e730af8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 02 Dec 2022 13:28:23 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6389fd77-607f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
24703
expires
Thu, 07 Dec 2023 14:28:21 GMT
img
pix.as.criteo.net/img/ Frame EB97 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=152&m=0&partner=85833&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F55107%2F210723%2Fe9cd2ec2f5594aef93573b54d93251c1_brandlogo.png&v=3&w=668&s=Plfybc99RBiiwXw0FK6zcWVJ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4b5faf9fe073ac81c10c229dccf3deca39d02f9869eac293777ca1942bc20f55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27429557
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23355
expires
Thu, 26 Oct 2023 01:47:39 GMT
img
pix.as.criteo.net/img/ Frame EB97 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5494230_png%2Fswarovski-power-collection-bracelet--beige-swarovski-5494230.png&v=3&w=400&s=v7T9Lsl8pxLeGvenGgdbotm8&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
b396002a752cafc6957dca3dc447ccc045d5447ea8c21c9dec482ce39a7bf532
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31103918
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30682
expires
Thu, 07 Dec 2023 14:26:59 GMT
img
pix.as.criteo.net/img/ Frame EB97 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5556953_png%2Fthe-little-mermaid--limited-edition-swarovski-5556953.png&v=3&w=400&s=6TbXhE-XLC1G3jFvBYSivPza&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
3b2d5da22437f8bf5796d57c4a4dcf018773e5a48c8885671c810149777d7b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28067249
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28184
expires
Thu, 02 Nov 2023 10:55:50 GMT
img
pix.as.criteo.net/img/ Frame EB97 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5522772_png%2Fbirthstone-pendant--round-cut--red--rhodium-plated-swarovski-5522772.png&v=3&w=400&s=Kr8Jua8q6NdMGV5IgonsylvM&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
7b2da9d190197859458cadc1b767940660442a3751ef215bfe6d362a06feb51d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31184541
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5918
expires
Fri, 08 Dec 2023 12:50:43 GMT
img
pix.as.criteo.net/img/ Frame EB97 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5559860_png%2Fglobe-drop-earrings--round-cut--blue--rhodium-plated-swarovski-5559860.png&v=3&w=400&s=gA_x6SuRDfwYWHPRIlnzGd4q&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
eaaefaca19e89e915092c5ae4c6560f4657d323e594b612d133e36143921f53a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27993547
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10738
expires
Wed, 01 Nov 2023 14:27:28 GMT
img
pix.as.criteo.net/img/ Frame EB97 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5607345_png%2Flucent-cocktail-ring--octagon-cut--green-swarovski-5607345.png&v=3&w=400&s=U0vy4pt2mIevOovDSDgc3GWE&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
9358740368550deef62e86024d058cf26bc49c63c27bcdb0e3ea5eb80b4e7346
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29524183
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9850
expires
Sun, 19 Nov 2023 07:38:05 GMT
img
pix.as.criteo.net/img/ Frame EB97 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5636703_png%2Fconstella-pendant--round-cut--white--gold-tone-plated-swarovski-5636703.png&v=3&w=400&s=BO5rCAD_llk4PKgU1Rgc-AAa&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
dcead546971cf118bd68d7d94f515c340e50e1ec108a36ac0ec8dba71236aa28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29624934
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5664
expires
Mon, 20 Nov 2023 11:37:16 GMT
img
pix.as.criteo.net/img/ Frame EB97 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5621173_png%2Fwatch--octagon-cut-bracelet--white--stainless-steel-swarovski-5621173.png&v=3&w=400&s=eTiKhCPwUnpUirsucFYYD6Az&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
5476599dfec66400431c1735e26f7ac6272248349156ddd6a5d3f7dbe2443e03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28396614
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5780
expires
Mon, 06 Nov 2023 06:25:15 GMT
img
pix.as.criteo.net/img/ Frame EB97 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5636332_png%2Fsunglasses--octagon-shape--pav%25C3%25A9--sk0345-39e--orange-swarovski-5636332.png&v=3&w=400&s=-PONUYI2JZyIuTcfD0fKE2UD&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
18eaab1a1f41857fe66d742f192fe48bd6761747df97d53491c48a61cfe4cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27769351
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8102
expires
Mon, 30 Oct 2023 00:10:53 GMT
img
pix.as.criteo.net/img/ Frame EB97 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5636422_png%2Flilia-necklace--butterfly--white--rose-gold-tone-plated-swarovski-5636422.png&v=3&w=400&s=69_dC-6WUA9Zv34Mhvqe34pY&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
675b80ab9bb9a8e0acd2b3433a16cba29c95d38494916f563770e7375b73b9cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27964008
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6636
expires
Wed, 01 Nov 2023 06:15:11 GMT
all
csm.as.criteo.net/ Frame EB97 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=sMXAYGfqe4STNYbEVag-00--1tXGVpScl3ya-Nqc4XUOB660OEcg8e5TC0H6VWiOQDrUo63armvFlyzwD_FeS_Dm82WHRHph0KcWvWpEh078tm-fckwhjUiuJbKueXNANS-yBZR0UuKhoF-bEsoJzmNPXbkygJtJ1vUgEYnfAoFy2TzGFP0IbCbbgiStaofh9JhYGuQexPAfu4INxFbKWHbmRFSX6AM7LA8hE0nOCHoujRsWuc-6lXjfVc0lbs-Wh9e7hQ&sds=2&rev=83862.2&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Dec 2022 14:28:22 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EB97 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:21 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame EB97 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:21 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221212
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05934d7b0fef3ada823d64f6825db606b9f186585e766053ebb43060cbc0d09c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
37632
x-jsd-version
1.0.1553
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4550-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66f-5yaGYK+Z8yEYy+jhnewVDvDOi/o"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0oHPXD%2Fds5F%2FTfuW3U79AuAfAT54ZI5kZB3Si9gVfPTiQ3VmoR2i7ddZFJZ4B4qS5aH2ldzl1CCocDndgkQYRoqmdv83O6r3FQ2yC8GP7IDVoi9l6sKLWPAz5nKt%2FitN6M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7787255e0a0d55bd-SYD
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=15011201036
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a3b8559f9264e5006e9d8e0d80287a4c439dcc84a5e1c61de43cb3d004bd4bb9

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
294
alt-svc
clear
expires
Mon, 12 Dec 2022 14:28:20 GMT
arj
adpushup-d.openx.net/w/1.0/ 		174 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b78217c0-a360-4120-9663-1ad22b67cda7%2C7998fa8c-9522-474e-aec2-3e9d4f9de61a%2C7b80a8ce-a50b-4978-803d-3b9f00b8423e&nocache=1670855300469&pubcid=d220b658-180b-4ad9-8bc8-4d42a9feb6eb&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3ea7c115e03fd3406a12df2dea6c5eda586e885d731f6ea09a9b8754a1f881cf

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3e910a05-e27b-4c20-82ee-16d8441a081f&nocache=1670855300470&pubcid=d220b658-180b-4ad9-8bc8-4d42a9feb6eb&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:20 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=61e5d5ce-0537-469c-b1cd-609e2a33d77e&nocache=1670855300470&pubcid=d220b658-180b-4ad9-8bc8-4d42a9feb6eb&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:20 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3432d92e-ed6b-4d83-9b12-653dc212582e&nocache=1670855300470&pubcid=d220b658-180b-4ad9-8bc8-4d42a9feb6eb&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:20 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:21 GMT
AN-X-Request-Uuid
7d566044-d2bd-43e7-9398-ea79042174a5
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1bc1467412d0d8003c61ee7a03080fdabc5d549981fc94ab48c31786d41200ae

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Dec 2022 14:28:21 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.246.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-246-6.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
15
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.188.214 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-188-214.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
69a641f3e5761039151d8b224300b1789dd9077dd2ac347cfa25179ff6285de5

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.188.214 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-188-214.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
4d627cc10e488ac8a04a23a25aeff82bbcafbc1d3867ff1a916831e860f427c3

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.188.214 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-188-214.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
2df481fc955f524aa224caa4443d7348037f16447f63209b86ed5f43e2d61ca1

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:22 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=d220b658-180b-4ad9-8bc8-4d42a9feb6eb%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=ddc6e76a-ef7d-4453-b727-ba59283f8f87%3Bf7fb6c5a-49f0-472f-9a16-fe31bb88553b%3Bac325d52-94a9-4636-9e3b-9f9c87c94686&l_pb_bid_id=316c96885c2e078%3B32fb7e0efdb977a%3B33a00d6e6fcb46&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.20788686679292545
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e5df4b3cedd222a9c3de185ca9931e11fffcfadca6834a69df05c3120f48cd8a

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Mon, 12 Dec 2022 14:28:20 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
cygnus
htlb.casalemedia.com/ 		37 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2238a321ee9d08546%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2245acd2a378f08ee%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2248235c19027abda%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2249a05c15b1263d8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d220b658-180b-4ad9-8bc8-4d42a9feb6eb%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20660d97bce81dee2c4c7aff50dbba6c10e57942e7c33a12b03aa75f098c3b08

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Blss7CkksKvYz0sxj8QeSlalXWbosmyj9A5TCJF78VtGvz%2FHq5hD2a%2BnB%2BPtZkzeNH5cdJWDfWZa%2BO3IfMWb0dWFyaZotPXr2keGbTDkeP2AW125c4picka2S2UnQCwR%2FPDo3P8a"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7787255dfc261c58-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2238a321ee9d08546%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2248235c19027abda%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2249a05c15b1263d8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d220b658-180b-4ad9-8bc8-4d42a9feb6eb%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20660d97bce81dee2c4c7aff50dbba6c10e57942e7c33a12b03aa75f098c3b08

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzJM3Ost%2FWrVaIFwHS%2F0yYqy%2Bo5goRERQkjj009b8YR28OM%2BsA2A%2Fn%2Bowz4mckJU0AjMdRYDKpmrc%2BGf67hcTRHHB6V%2FPKOo5IFqQ3wUaVTtP4PdRdQ7ktlyxZI%2Ft9JDfbh%2F1Wyk"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7787255dfc271c58-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.131.47 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-131-47.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:21 GMT
accept-ch
sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent
x-auction-status
12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.141.50 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-141-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 12 Dec 2022 14:28:21 GMT
prebid-request
onetag-sys.com/ 		15 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
adreq
ads.servenobid.com/ 		717 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9279
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
integrator.js
adservice.google.co.nz/adsid/ Frame 6B19 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6B19 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6B19 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1779579407742615&correlator=3382976280309859&eid=31071222&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1670855300797&lmt=1644386353&dlt=1670855295610&idt=5164&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=1vzkmmtkyd2j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1027419656.1670855301&ga_sid=1670855301&ga_hid=707850987&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
1fd04e9e9a5040fb56563e373d46099639ec19bbae27e1c7c519324c441c9eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6B19 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
0ca0f62724afd700aad5dd81d4065f4afafcfa3fdee9fb3784ce3b78adae7779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12534
x-xss-protection
0
container.html
20789ff2abd6e4806ce45b4b74e8b227.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F325 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20789ff2abd6e4806ce45b4b74e8b227.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:21 GMT
expires
Tue, 12 Dec 2023 14:28:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-43.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 13:34:11 GMT
via
1.1 446026fb3dafe55d3602866eda0c744a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
3251
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
0zDUOYGoxos-K-xRoNvWP-wg51pb4JY_1uZj6Ka0CvMKzWuUQfFSFA==
integrator.js
adservice.google.co.nz/adsid/ Frame 21B2 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 21B2 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 21B2 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=365639046826897&correlator=868892671961460&eid=31071151%2C31071257%2C31061167&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1670855301025&lmt=1644386353&dlt=1670855295619&idt=5382&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=ni5r0iumja8s&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1991454771.1670855301&ga_sid=1670855301&ga_hid=1023872091&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
eb3eceb1888cdd2026aee6163619df164d69728a40fd2085033b4b8d55999291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
236
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 21B2 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
f3d4b2a80907ad24b9431ccdda34f9898f907513da1033fcbb19efca0a1ab2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12574
x-xss-protection
0
container.html
a1523b9141f52da5d1aef5796faae0a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F559 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a1523b9141f52da5d1aef5796faae0a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:21 GMT
expires
Tue, 12 Dec 2023 14:28:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
all
csm.as.criteo.net/ Frame EB97 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=sMXAYGfqe4STNYbEVag-00--1tXGVpScl3ya-Nqc4XUOB660OEcg8e5TC0H6VWiOQDrUo63armvFlyzwD_FeS_Dm82WHRHph0KcWvWpEh078tm-fckwhjUiuJbKueXNANS-yBZR0UuKhoF-bEsoJzmNPXbkygJtJ1vUgEYnfAoFy2TzGFP0IbCbbgiStaofh9JhYGuQexPAfu4INxFbKWHbmRFSX6AM7LA8hE0nOCHoujRsWuc-6lXjfVc0lbs-Wh9e7hQ&sds=2&rev=83862.2&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Dec 2022 14:28:22 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6B19 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 14:28:21 GMT
L2EvZnUtd3UteWkteHVuLXlpLXFpbmctcWkteXVhbi13aG8temhhby1kYW8temhvbmctZGEteGlhbi1zdW8tbGlhby5odG1s.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvZnUtd3UteWkteHVuLXlpLXFpbmctcWkteXVhbi13aG8temhhby1kYW8temhvbmctZGEteGlhbi1zdW8tbGlhby5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Mon, 12 Dec 2022 14:28:22 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=7, origin; dur=891
content-length
555
expires
Mon, 12 Dec 2022 15:28:22 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 21B2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 14:28:22 GMT
img
pix.as.criteo.net/img/ Frame 7F5A 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=152&m=0&partner=85833&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F55107%2F210723%2Fe9cd2ec2f5594aef93573b54d93251c1_brandlogo.png&v=3&w=668&s=Plfybc99RBiiwXw0FK6zcWVJ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4b5faf9fe073ac81c10c229dccf3deca39d02f9869eac293777ca1942bc20f55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27429557
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23355
expires
Thu, 26 Oct 2023 01:47:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4243 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
527972
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 11:48:50 GMT
expires
Wed, 06 Dec 2023 11:48:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4350 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
92428f21714c24954dd3f316cca4362f16a7b7910f63ed5bd79ce597d0611c70
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qlUF0VUUYed5QYFcSbAEaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-qlUF0VUUYed5QYFcSbAEaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:22 GMT
expires
Mon, 12 Dec 2022 14:28:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
img
pix.as.criteo.net/img/ Frame EB97 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=152&m=0&partner=85833&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F55107%2F210723%2Fe9cd2ec2f5594aef93573b54d93251c1_brandlogo.png&v=3&w=668&s=Plfybc99RBiiwXw0FK6zcWVJ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4b5faf9fe073ac81c10c229dccf3deca39d02f9869eac293777ca1942bc20f55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27429556
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23355
expires
Thu, 26 Oct 2023 01:47:39 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9mdS13dS15aS14dW4teWktcWluZy1xaS15dWFuLXdoby16aGFvLWRhby16aG9uZy1kYS14aWFuLXN1by1saWFvLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS04ODc2NTFiNy0wMzk3LTRjNjYtYmYyZS04MzYyN2M2YmYwMDgiLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV8xMjBYNjAwXzEwNGIyIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6ImI0YWJiMTZmLWFjMGItNDZhMC1iNjExLTVlMmZlZWVhMDcyOSIsInRpbWVPZkF1Y3Rpb24iOjE2NzA4NTUzMDA0NTUsImJpZHMiOltdLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdfSx7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6ImI0YWJiMTZmLWFjMGItNDZhMC1iNjExLTVlMmZlZWVhMDcyOSIsInRpbWVPZkF1Y3Rpb24iOjE2NzA4NTUzMDA0NTUsImJpZHMiOltdLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdfSx7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJiNGFiYjE2Zi1hYzBiLTQ2YTAtYjYxMS01ZTJmZWVlYTA3MjkiLCJ0aW1lT2ZBdWN0aW9uIjoxNjcwODU1MzAwNDU1LCJiaWRzIjpbXSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXX1dfQ%3D%3D&c_b=10928.800000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:22 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		82 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4464843506869766&correlator=4319247796013926&eid=44769661&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-40&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3Da0f658701c7d2ead-220a0509d5d800fa%3AT%3D1670855299%3ART%3D1670855299%3AS%3DALNI_MZpMOaBdMlMniXDJBO3SYxK6_7qVg&gpic=UID%3D000008d01d62087d%3AT%3D1670855299%3ART%3D1670855299%3AS%3DALNI_MacX9imv188-3eH-8RdEPUHMjeUzA&arp=1&abxe=1&dt=1670855302264&lmt=1670855302&dlt=1670855292795&idt=8546&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1952779668.1670855302&ga_sid=1670855302&ga_hid=7644&ga_fc=false&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
516726fc94923667f20e390b20e086383094f4e9070f9852b2695a49b89a2922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19793
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2898 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:22 GMT
expires
Tue, 12 Dec 2023 14:28:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A4D8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
527972
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 11:48:50 GMT
expires
Wed, 06 Dec 2023 11:48:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F889 		783 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
91487fed3c54d93da8312a25d66b1628f518c3bf77d69bccf633345170be06ed
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xmyCZkdOAQhJUnM_Jhj_wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-xmyCZkdOAQhJUnM_Jhj_wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:22 GMT
expires
Mon, 12 Dec 2022 14:28:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
img
pix.as.criteo.net/img/ Frame 7F5A 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5556953_png%2Fthe-little-mermaid--limited-edition-swarovski-5556953.png&v=3&w=400&s=6TbXhE-XLC1G3jFvBYSivPza&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH340Kj8sVAA04Mjmxm5RrAi4XHFXDPw&u=%7CJ6yusamUEe6XoBRMFtB2WgfbPMLI9H0u4HL7Efn4ZUA%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxvzi8G-nNz53lUehpxQDniwItzlPlcZNqIpN2Pju8isEK7mxDFYA9cvesFPF7zBkEcs6OfbhInTHeijwdeLm8K9qIPJqliHjhsw2h3TjpRgAhfSLl_PMmGf57GSLDRHikUGwfIDQOWEQWaSW4-UL3alY1Vhb3xVEa3C9YLnChF2OExvGdJzjsZvSrIzqNqbrmL15kzIlH5DVzhD6o-yO3qvr4VcnET3Nii8ajTRf22qohDBHhAOr92cQaCz10mJsbSIHlFKz29LZ9Tr_DW9dNYUWdcE0o5NbdKvzFB-or_ZCuMYTX8RnAVl2cpSabunhb87zALQq5IY4oPGfQWdmMtHKLWbBnpQvd2bm2U9LI8QiJqyI8fZqpHM-fBIAT8GKqaztbOCs-FQqMi9WXGDqs59hidYyTMKQshCOsB_is8PyErMNAC2q1p4WzCqMZoIKUksgP-Qg7m0FxCcheTlhidb9XfE-IkigS02QQlNDKU2AixyhKh13EkQAYRQJfbhpUlttZG3rzre4e-x0o-6oQ8-5ytzkbUMZvQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJENmgjqXY42_H5WWvwSy8LSoBJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSGAk_Q_E0nc0RrEwV-tzw-GF8z5wUg_QHOjkRiDnI0YIlNctFCIzuQRFoei7t2vWeF7cWqFxK4FC4dzqHimYftvXzg5WIs8bhOVQDOjIsaBuK9QyRJnu_6yno5_G7cvfyVsRO7lZgFc1vIyXBbhCZDpouKUggSzmzM3E0Li-P4gWICDl5QktRCRcS6GODE0qGTe0b3-glGCgfxO09SNeyLoLXhH25GD8ICZzrr-4YiF-mbJE43oA-2qraF_xKhV9mht3zaxsMwZxqKobuNzIIddXkkTRF7jsiP03Tr6Dg0iyyS7gL4YuJtCgvrLFYQC7clh4dhVSsH4LTP7ZZmQYBq4BDACqkaBl-ABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wcWfRbfOf0sXFGXgNLCY_KmneyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
3b2d5da22437f8bf5796d57c4a4dcf018773e5a48c8885671c810149777d7b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28067248
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28184
expires
Thu, 02 Nov 2023 10:55:50 GMT
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame 4243 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 16:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 16:04:23 GMT
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame A4D8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 16:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 16:04:23 GMT
img
pix.as.criteo.net/img/ Frame EB97 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=85833&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5556953_png%2Fthe-little-mermaid--limited-edition-swarovski-5556953.png&v=3&w=400&s=6TbXhE-XLC1G3jFvBYSivPza&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6ggAH1WAKj5lbAA2D6l_SiZxaNs4AN_qf_w&u=%7CJ6yusamUEe6XIs8iHkzqy5a8vZZCGi4mbQTiT%2FQCerk%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ug7PGGroKV2tyTVfGSV8iLPKyJmr8Em6TUfkkN8Bbqxs0iQ8ojLd1jQphOyQTm4L2nFPOPpLJhSSBomxg-TpNpBNMasZ77MtfRlk-xOncsgbc3EdieNaRvOJYI_vlne1GU02ZGl3Nh0TMUPye-1pKeAIApCPTUYpIdgsQo34IqNnTeZfzuFxF0m6PpfQgrInV16lFs0-XOwe5v6QWaif4Ti_qsPtkmi0zSlamBgfe_ifWk9rkbauaSMscrQCunAAVDpPsC5rZ0i3wx_ipnYwg58P5gd5WitD9wMkVF3zTeEy3zNauNGCWRPPFlD_-p4tqTM9be2XlV9kruefxJz8cMb5ga4eg_Nne2m9UWZzbJa9nC6cP72AvM9oVH4LGemQF171-OfFTEUIZMk4uBs5e88Ahr_4j--cIu0Wp3O14sY8OeEStDDxD3m8dp8gbnLR7w5YxMD7pSsFUu_5BcTyr2fqwJRN57nZnP03f-XRi_RyUJnjMkFBAVAesbjg-XEvI30WLqJqI4IGn1kiZgucLLHC97hFcUy8IL8w-cVkL1nujnP8jydN7Xo1GMPyk3UvGzOXMKNauEOU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5MLIgjqXY-CqH9uyvgTqh7aAC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAoYGVW6LzKY-qAMBqgSYAk_Qp46yrGYh6tPrrjIeVPfj4RZgdNGCyFMaPuVWCLTXwvlPyw9h0Vw0Bot6f183d2LQCKCg5GmOgL4KZu7j2dbeInR0qFlUa3TEi8Gmvu79JD4tRrM883Ei7EKGdbgmrZfGZn4WZawMCzZLMKxgWTo9DLPQMx79egFDAkV2EX0-1SOEkJezzEiPCV88lAqJu3dcrLbezUV0hPW-nQhY7DtdiFKqhSuUpWdSxou6mAYaaLDDyu0iI-f6ZD5LIKmfiuKY3879DLLIcBW0mt_J1737occo5L10UilWT6fG1JYRywy2Itx3vej_VpGCLIct7ukrsTPlRi6Jb0tnKBOoSKNC6jrfaHG1u3k3Nqr8MEB41n6YchYUwKeABtSTjZfzv_WYfaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3RTDFRo4_POrVM2SBFYAy9QIOMQA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
3b2d5da22437f8bf5796d57c4a4dcf018773e5a48c8885671c810149777d7b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:21 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28067248
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28184
expires
Thu, 02 Nov 2023 10:55:50 GMT
generate_204
tpc.googlesyndication.com/ Frame 4243 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?xTw7hw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
ab351037f6fb3fc2bce4775994735479f0982083cf57e77c8ee0557ace7cb06b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78500
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 12 Dec 2022 14:28:23 GMT
pixel;r=1351543906;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb092...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1351543906;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-154517067-1670855300817;pbc=d220b658-180b-4ad9-8bc8-4d42a9feb6eb;ns=0;ce=1;qjs=1;qv=b2bd41b7-20221206125257;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1670855302870;tzo=0;ogl=;ses=eafa7e8c-088d-4db3-8fac-9887aa163705
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:22 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4350 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120601&jk=1779579407742615&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F889 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120701&jk=365639046826897&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8227 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:22 GMT
expires
Tue, 12 Dec 2023 14:28:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9523 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:22 GMT
expires
Tue, 12 Dec 2023 14:28:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2242 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:22 GMT
expires
Tue, 12 Dec 2023 14:28:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame A4D8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nLaF1g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 48F3 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js?bust=31071113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
427917023533672070815d6d87beab06005f42bfed7cb112ed69d9355436cdbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12357
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2BB0 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
2d49496149f30d049fcc35692756f87b88523268998d633826088960811a5212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12419
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 48F3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js?bust=31071113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 14:28:23 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 13 Dec 2022 14:28:23 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8227 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjfF3hjqXY9ucGsrorQHHq53QAY6h_-9tnZy51YoKwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQngAgCoAwGqBKUCT9BrADEMUuE3Zrt4Ko_SlLwR-1gN5SlAznXVD68wTs_N4XlVuDO9Cnfni27lJ9x8gth37-3VX-sxR5xGYznkdXfq7Fv4GCDj6AXBcombwi56TFf_ua0ncpR1XbMtcoh_Fkedbk0QdDWwVgX6_Cgw2YseEP4BllZJlA7r3GHUxR0IkMuaYBVqOFS3XIYYy_2mfMFlyMH1HMr1PF2h20z6HOticbDZ0CmEVo5eBzuiX2FDcZBQL6YpyCaPrsYKvJltRu0gGG-zVvH_qUCo6pqlYg60swhEiTKRbY43mTCe74FdzYIyzWz18mdJDvfiXY8nPFnwUP9l8lMB1Ibu45lnNDHhMOb_0T1Hc6xxjxHmU2YjHJbAMUmwdkOgY_ap3bv0HB3gnufgBAGABofS48zJpOj8VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=nKVu-Zw4BtM&uach_m=[UACH]&cid=CAQSPADq26N9kPgw15UATDQ6-9WUZQurqRDknO-In-87eRSRje3maJpnJuBDnihPy1E1j0kHZlD790XVJnZJfhgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
b1-sindc1.zemanta.com/bidder/win/googleadx_display/3b4d6ad4-7a29-11ed-94da-bc95caabb0a1/Y5c6hgAGjlsKK3RKAAdVx8WjGryzQxePdS067Q/QGV7HF6L2DKFCUXGJZ2RRDG33JEOJIPROXNU2YYJC52XVIEO6PJDLH6DQFUGNXBR6HF57R... Frame 8227 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1-sindc1.zemanta.com/bidder/win/googleadx_display/3b4d6ad4-7a29-11ed-94da-bc95caabb0a1/Y5c6hgAGjlsKK3RKAAdVx8WjGryzQxePdS067Q/QGV7HF6L2DKFCUXGJZ2RRDG33JEOJIPROXNU2YYJC52XVIEO6PJDLH6DQFUGNXBR6HF57RSZBSET2DF5JF6KUEN5CTYYU5ROG4HHOER63VF6PSIMVQ4FKGTCYM772XWLVPIPOCXEY3BN4M4FE3AZALKKJCYNJ7FHWDVOBWIJA57F5JSEFHUTPXK5IPPPBIRVCBUHJ5XY3UJ3YIT5NXF227Q2K572FJUSA5Q7KFKKOOI7JBCS4JH6BP6HOMJNXHYH4AQWBSMLCYPHYUVT3UXBKZADG6W6W7MCVQRVDGZZ7KBGB365TBMBTP5CHGI4KRURVMMQFNHGAP2XYKU424TWT7SWAPGJREDC2GWJ56WWHPEMTAQJ7YW43KBT5UHO2QUN4PYIIP46K2TBB6P7MIRKFI2QYUMVRP2B23SXVLDXDKQC3B5IXO4QT2EB5UBSFADV36PINPP3GQJMVYFPLCAL2YL7OLMQ7RE333EPMVRFKIB2EQSHUUHQ/?
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 12 Dec 2022 14:28:24 GMT
Content-Length
0
/
asia.adform.net/adfscript/ Frame 8227 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asia.adform.net/adfscript/?bn=56367621;click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCchWihjqXY9ucGsrorQHHq53QAY6h_-9tnZy51YoKwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQngAgCoAwGqBKgCT9BrADEMUuE3Zrt4Ko_SlLwR-1gN5SlAznXVD68wTs_N4XlVuDO9Cnfni27lJ9x8gth37-3VX-sxR5xGYznkdXfq7Fv4GCDj6AXBcombwi56TFf_ua0ncpR1XbMtcoh_Fkedbk0QdDWwVgX6_Cgw2YseEP4BllZJlA7r3GHUxR0IkMuaYBVqOFS3XIYYy_2mfMFlyMH1HMr1PF2h20z6HOticbDZ0CmEVo5eBzuiX2FDcZBQL6YpyCaPrsYKvJltRu0gGG-zVvH_qUCo6pqlYg60swhEiTKRbY43mTCe74FdzYIyzWz18mdJDvfiXY8nPFnwUP9l8lMB1Ibu45lndjPAolsxClu4qKDDDXtn-V0DFhLJH1Fl0tnK4lYW9Jfso_Yj-BiBUsjgBAGABofS48zJpOj8VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0cfSO5boi05YZGqIgujH1rbvMUEw%26client%3Dca-pub-8933329999391104%26adurl%3Dhttps%253A%252F%252Fr1-usc1.zemanta.com%252Frp2%252Fb1_googleadx_display%252F27660748%252F92404980%252FAGKG7OXTSH5KT4AWFG7IIEA6LWEB5BAJXESCUJ5ER23NP5DE77AWUECK6E5Z2UC6XJBJBOVECXVVRBVRIKF6MIJ7XW2KOATYW45AZMUEKMQX2ZR5R7VPD3RLS22AFVHZJA5XHQMJQKRRRDTDT3NUPHMHBYQVMLB7WSNCYWTAO6GB34MEUQAEVHVAC3HQANYS4TGEAJ7S36PQFLB4M4LQLIZ2D4XZ2MOHN2HNATVMSIGKXUWOBZ4LQFDOKBSZTDHFX2ROBZMR67F3EE7OYQYSXXTWUZB7ACJJLTLKW7HN3YCLI4F6MGJLJQ5SRGWUJSCL3R7IOFXL6DHCOSHUZDHJ4GYH5LO4662L37WQES7327DD7L5ATL4RRWPPRFQRC2LMDNYP36TNMKHISJFQAD64EGAI3BFMQLARBDNRBZFZQUG3RXRTR4IJIRUZXNQKOP7KN5QRQAPYNC26J3SVG3OA37OJDFFQOKCV24AOTJORBBXSDI5LTRCUXBJZ5PZRY3BYDNCV5Z2A3DH6QHUHATVVQ4R2JKXFUOZB6YD3MS3AQ5A6ZP5GHTGMDIN7J3W7M3OR%252F%253Frurl%253D
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
421e1e950e8d7b4229c381f25e04791f9c6d2d76a291db0627004b381a37f3c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2166
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 8227 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 18:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
71062
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 18:44:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 8227 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 05:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
32376
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Dec 2022 05:28:47 GMT
l
www.google.com/ads/measurement/ Frame 8227 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIGQslZ5G4XO6EyTw2ndXJDGx79cBTlRW1rnFvuy8iflS-etITxcS-wmTtTj_3HsIMFlNNlDlRfSjppOrYLsRb-Ybiiw
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8227 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 11:48:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
527969
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 06 Dec 2023 11:48:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8227 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 14:28:25 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9523 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CaZwzhjqXY9ycGsrorQHHq53QAY6h_-9tnZy51YoKwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQngAgCoAwGqBKQCT9DHoc05A8yqatn2ODEwi8cb_K9uSuctOmTUDD02tbc8JKC9t8k9L6Eav76xLdLjNS6NiYaPACWmJQYWBlvDZhFqo2pz84aDQo9dFH_u6tcWY1wzLpwcP25IHUkypz6dPdjJ1U8rXJ2ULP3bH9poQjo-hCF3I2hFH_H9Vm0TS0INJ7yONNkwuVf6Cmz48wdhTXSc3vfhZGZp1V8yHbYRBQ4DIaErANuNHTkQEg-xEeLQ8wFGc_XcemJhlcPF0KVDHpD2jUXSS_qC0GiX0ntBRPynbR_vDXqGHOE6ft7zyQB76YSVv0T_2DDcWSucBt7fiWIyCdWDQ1ea-HrgsMP024XgKFy0uvPJ6dtKsFlj6-VzCPSUmAYx0n1pU7N7xsgS3CgVyuAEAYAGqMWKobjmg5AVoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=_5Y4xZ_6PlY&uach_m=[UACH]&cid=CAQSPADq26N9kPgw15UATDQ6-9WUZQurqRDknO-In-87eRSRje3maJpnJuBDnihPy1E1j0kHZlD790XVJnZJfhgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
b1-sindc1.zemanta.com/bidder/win/googleadx_display/3b4c60d8-7a29-11ed-a18d-0c5282b7b68c/Y5c6hgAGjlwKK3RKAAdVx_r0n1sq1bIpPrPkjA/QGV7HF6L2DKFCUXGJZ2RRDG33JAPJTK7MW5ICOYJC52XVIEO6PJEQRI3SANOAIEY3YSARZ... Frame 9523 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1-sindc1.zemanta.com/bidder/win/googleadx_display/3b4c60d8-7a29-11ed-a18d-0c5282b7b68c/Y5c6hgAGjlwKK3RKAAdVx_r0n1sq1bIpPrPkjA/QGV7HF6L2DKFCUXGJZ2RRDG33JAPJTK7MW5ICOYJC52XVIEO6PJEQRI3SANOAIEY3YSARZCRXL4A3WJX75AX73JL5CQHS354N5ODR5OADE3LDN2HRQT2BYUWNR77E6H6S6IEUU7CKLN6J6ID7LSQIKDWM2YNJ7FHWDVOBWJLUUQOYXTOYTKNPBOJKQ6EQGFDCBUHJ5XY3UJ3YIT5NXF227Q2K572FJUSA5Q7KFKKOOI7JBCS4JH6BP6HOMJNXHYH4AQWBSMLCYPHY472GYYAAAE7WOW6W7MCVQRVDGZZ7KBGB365TBMBTP5CHGI4KRURVMMQFNHGAP2XYKU424TWT7SWAMC5G2Z5LRG3YUVCHRHLL7RVLYRUDPWIFUS37XTY4PYIIP46K2TBB6P7MIRKFI2QYUMVRP2B23SXVLDXDKQC3B5IXO4QT2EB5UBSFADV36PINPP3GQJMVYFPLCAL2YL7OLIQP3VQE5DDBTRXJ275NKLJBNDA/?
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 12 Dec 2022 14:28:24 GMT
Content-Length
0
widget-728x90.js
widgets.zemanta.com/1661433531/ Frame 9523 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.zemanta.com/1661433531/widget-728x90.js
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e45932891062de514a6738f4c3be3b2d9ac0c79efe98ceba9674c773b1573f37

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
E2bF2wcVXprPu97La_YduNv.uWYz03Sx
content-encoding
gzip
via
1.1 varnish
date
Mon, 12 Dec 2022 14:28:23 GMT
x-amz-request-id
1VZSB0ZCDQDBNJZ0
age
3155
x-cache
HIT
content-length
4508
x-amz-id-2
WsT4V7oDpiNUPBJtu18HA8449uOaEHd5CQPAErl1a3WWXMIxq2WTzUdlAK2QWXKgGqYJ4dXXzL0=
x-served-by
cache-mel11271-MEL
last-modified
Thu, 25 Aug 2022 13:20:34 GMT
server
AmazonS3
x-timer
S1670855304.960324,VS0,VE0
etag
"525626d20445cd4f5ff19a5da039fe83"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-cache-hits
24
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 9523 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 18:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
71062
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 18:44:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 9523 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 05:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
32376
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Dec 2022 05:28:47 GMT
l
www.google.com/ads/measurement/ Frame 9523 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBMJkQYmp5v18qcPU1NanzqnmpjwYnZWwX2ThKgyw2RULWafkh8RDyVDdvOkG0nzWwK0qguBt4g4JQu7jpAi8YG_M27w
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9523 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 11:48:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
527969
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 06 Dec 2023 11:48:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9523 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 14:28:25 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2242 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cc4dkhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSlAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ4lTsmmzboshxG1hk7qOMBA-4okhcHdXVtx4JFvW3XcKgZDdbZZh4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=wIowLfjHbIs&uach_m=[UACH]&cid=CAQSPADq26N9kPgw15UATDQ6-9WUZQurqRDknO-In-87eRSRje3maJpnJuBDnihPy1E1j0kHZlD790XVJnZJfhgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 2242 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kOvgFPn1BnjYBGL4LRICAAAA-ONZtFtuTcMQhjqXY8_PBZx99XmkYCbOABIAAA&wp=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
153998
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 8230 		163 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
2a125400bb746edadd9b32ee20a91e018b87d7586879f9c386858d26cb6d3e1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:22 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=bpllXmfqe4STNYbEIMZszXubunhbIJZQCJREiqaPMGqjOgOMzbGOBdwXkiMXkUpKit14MQTXHUGIJoItDV_dvtI3TavaYF-g3HSSfqz-reTCdkAh8CKq0C5iP5Zz2KFa5mRB71FwPHBVywj2bEP4wuo-y8VY-TAFbR9SMfFVNV1VCVNL8jHJdaJ5TZB6qe4n_V_zwOcQMXrL5_n8ru40ZjLtbuQiFje6OCtOiV_QFQAuJvg2gM3xmQVtxHjyMZzAcXDae6BwuTnORIDo"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
53845760
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 2242 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 18:44:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
71061
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 18:44:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 84AC 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
85735
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 14:39:28 GMT
etag
48472445140208031
expires
Mon, 12 Dec 2022 14:39:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 2242 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 05:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
32376
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Dec 2022 05:28:47 GMT
l
www.google.com/ads/measurement/ Frame 2242 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3FOqioQO76ap-znzyOykPtLUoiN-H394WM2L6kVgf6Qq_WDYMA8mZL0D57yAQ3fImWCFVco4kMNzxxJF_icDpBHi9wg
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2242 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 11:48:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
527969
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 06 Dec 2023 11:48:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2242 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 14:28:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2BB0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_fy2021.js?bust=31071251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 14:28:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 393C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
527973
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 11:48:50 GMT
expires
Wed, 06 Dec 2023 11:48:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B9F2 		783 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
eebdbde64fba2fb474ca576d5fd08cbe0ba748975abb4e6efc2ec6b173682a55
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S3eJRvrsQoDIQX6ICpQ1Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-S3eJRvrsQoDIQX6ICpQ1Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:24 GMT
expires
Mon, 12 Dec 2022 14:28:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 13 Dec 2022 14:28:23 GMT
pixel
cm.g.doubleclick.net/ Frame 84AC
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEH4noBmwaOxX-gFUEZODSHQ&google_cver=1&google_push=ASkJ3FYshq29UIf46muCsZFQu0kIKMeqECL-BoxH2zzLKQO37QpnW52oxN2I69CwY9z2j0ahM83ZzrxNSke1mQQYW4qynX33hQ3A-GZU8...
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=SmpWMU0ybC1BQy10aHdtR2lEcVhZdw%3D%3D&google_push=ASkJ3FYshq29UIf46muCsZFQu0kIKMeqECL-BoxH2zzLKQO37QpnW52oxN2I69CwY9z2j0ahM83ZzrxNSke1m...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=SmpWMU0ybC1BQy10aHdtR2lEcVhZdw%3D%3D&google_push=ASkJ3FYshq29UIf46muCsZFQu0kIKMeqECL-BoxH2zzLKQO37QpnW52oxN2I69CwY9z2j0ahM83ZzrxNSke1mQQYW4qynX33hQ3A-GZU85kRNCxIPmb6LMtL_Bxxw9seLK0sxVqmnXgErA
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=SmpWMU0ybC1BQy10aHdtR2lEcVhZdw%3D%3D&google_push=ASkJ3FYshq29UIf46muCsZFQu0kIKMeqECL-BoxH2zzLKQO37QpnW52oxN2I69CwY9z2j0ahM83ZzrxNSke1mQQYW4qynX33hQ3A-GZU85kRNCxIPmb6LMtL_Bxxw9seLK0sxVqmnXgErA
date
Mon, 12 Dec 2022 14:28:24 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
285
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 84AC
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJMGzV3svcsm2xhJaT14160&c_param1=ASkJ3FbvlCqC-eN2g-8imZpmXnTeEB1XksScHownLER--4kLSGj2IMLYk_lw3GvuIHesdflPvpZHpt_QGs12FPT7EOD5pzj9mPR2re5RVioVIsbUxoD...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FbvlCqC-eN2g-8imZpmXnTeEB1XksScHownLER--4kLSGj2IMLYk_lw3GvuIHesdflPvpZHpt_QGs12FPT7EOD5pzj9mPR2re5RVioVIsbUxoDx62yAqDhJgt6h0PYcP...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FbvlCqC-eN2g-8imZpmXnTeEB1XksScHownLER--4kLSGj2IMLYk_lw3GvuIHesdflPvpZHpt_QGs12FPT7EOD5pzj9mPR2re5RVioVIsbUxoDx62yAqDhJgt6h0PYcPft7zdmRLaE
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FbvlCqC-eN2g-8imZpmXnTeEB1XksScHownLER--4kLSGj2IMLYk_lw3GvuIHesdflPvpZHpt_QGs12FPT7EOD5pzj9mPR2re5RVioVIsbUxoDx62yAqDhJgt6h0PYcPft7zdmRLaE
date
Mon, 12 Dec 2022 14:28:24 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame 84AC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC_LjlQ9fU37Q0RwVM3swM0&google_cver=1&google_push=ASkJ3Fb9DmCn7hWo2MsQNogbL6ki0cW0OVID5uHCosM84WNxdH_07QPQlc4gyErcnFItgrdiuBu01yfL...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC_LjlQ9fU37Q0RwVM3swM0&google_cver=1&google_push=ASkJ3Fb9DmCn7hWo2MsQNogbL6ki0cW0OVID5uHCosM84WNxdH_07QPQlc4gyErcnFItgrdiuBu...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ1MDI3MzkzNDc4OTQ5MDU3OQ&google_push=ASkJ3Fb9DmCn7hWo2MsQNogbL6ki0cW0OVID5uHCosM84WNxdH_07QPQlc4gyErcnFItgrdiuBu01y...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ1MDI3MzkzNDc4OTQ5MDU3OQ&google_push=ASkJ3Fb9DmCn7hWo2MsQNogbL6ki0cW0OVID5uHCosM84WNxdH_07QPQlc4gyErcnFItgrdiuBu01yfLwSk8N-n6tlbnm_9nExOYusu8w00e473bRE9vX6rp7rN22j_c2eC6BILUiU-gWUw
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ1MDI3MzkzNDc4OTQ5MDU3OQ&google_push=ASkJ3Fb9DmCn7hWo2MsQNogbL6ki0cW0OVID5uHCosM84WNxdH_07QPQlc4gyErcnFItgrdiuBu01yfLwSk8N-n6tlbnm_9nExOYusu8w00e473bRE9vX6rp7rN22j_c2eC6BILUiU-gWUw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 84AC
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZvxgjxxZQ5CLhvnAJqK9Ww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZvxgjxxZQ5CLhvnAJqK9Ww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYf_R-hhp4s-vcPvYD8gYp0u0Ff6cpR_IG3Y8CVZN_ZmHNy4hrLA9KT8-CfkK_C8HPI3mVXQzcAfCOzFb3ejuCbx8QEVWT_AooQ1dC8UWcm9QWw50nOy_euGl7D8eI2EeEDmIVmTDc
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZvxgjxxZQ5CLhvnAJqK9Ww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYf_R-hhp4s-vcPvYD8gYp0u0Ff6cpR_IG3Y8CVZN_ZmHNy4hrLA9KT8-CfkK_C8HPI3mVXQzcAfCOzFb3ejuCbx8QEVWT_AooQ1dC8UWcm9QWw50nOy_euGl7D8eI2EeEDmIVmTDc
date
Mon, 12 Dec 2022 14:28:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 84AC
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEH4WKdNwbzmvlXM95P3ILjw&google_cver=1&google_push=ASkJ3FYV0HJLMW-2l1fcIl-sRzlOwNZrfKCND67x2ng3AKsaWEFK8I3UotYxQD39NMYgtzNqbzlE4JVtaH47QYY-l...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FYV0HJLMW-2l1fcIl-sRzlOwNZrfKCND67x2ng3AKsaWEFK8I3UotYxQD39NMYgtzNqbzlE4JVtaH47QYY-lBnqpTymBBPaDDN4UBC4W_QYzlNgQ2wipEPvESPbMvk...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FYV0HJLMW-2l1fcIl-sRzlOwNZrfKCND67x2ng3AKsaWEFK8I3UotYxQD39NMYgtzNqbzlE4JVtaH47QYY-lBnqpTymBBPaDDN4UBC4W_QYzlNgQ2wipEPvESPbMvkTaZTn_Y79HtM&google_hm=AT8itQpT6kPwi2BKIeSHtdI
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3FYV0HJLMW-2l1fcIl-sRzlOwNZrfKCND67x2ng3AKsaWEFK8I3UotYxQD39NMYgtzNqbzlE4JVtaH47QYY-lBnqpTymBBPaDDN4UBC4W_QYzlNgQ2wipEPvESPbMvkTaZTn_Y79HtM&google_hm=AT8itQpT6kPwi2BKIeSHtdI
Date
Mon, 12 Dec 2022 14:28:24 GMT
Server
Apache
Connection
keep-alive
Content-Length
274
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 84AC
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEOjcl9knsQX5Mbv8jG9nry4&google_cver=1&google_push=ASkJ3FZb6X40q-8dJgPg5kZ2pJyOyBCJU76tEvSTnJVB-ZzduY6qECerkH2-dkruvZsr4t-Zb_MyK...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZb6X40q-8dJgPg5kZ2pJyOyBCJU76tEvSTnJVB-ZzduY6qECerkH2-dkruvZsr4t-Zb_MyK_4w4ij_gTMY2jrlb6mpS9qJPSQ2rMG-qHFe1l4hAPAnQG...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZb6X40q-8dJgPg5kZ2pJyOyBCJU76tEvSTnJVB-ZzduY6qECerkH2-dkruvZsr4t-Zb_MyK_4w4ij_gTMY2jrlb6mpS9qJPSQ2rMG-qHFe1l4hAPAnQG_7MXS4V8q9zL0QpAIoO8k&google_hm=WTVjNmlNQ281czhBQURWdFJYUUFBQUFB
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Mon, 12 Dec 2022 14:28:24 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEOjcl9knsQX5Mbv8jG9nry4&google_cver=1&google_push=ASkJ3FZb6X40q-8dJgPg5kZ2pJyOyBCJU76tEvSTnJVB-ZzduY6qECerkH2-dkruvZsr4t-Zb_MyK_4w4ij_gTMY2jrlb6mpS9qJPSQ2rMG-qHFe1l4hAPAnQG_7MXS4V8q9zL0QpAIoO8k","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.215","key":"Y5c6iMCo5s8AADVtRXQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40287"}
X-SO-Key
Y5c6iMCo5s8AADVtRXQAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40287
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FZb6X40q-8dJgPg5kZ2pJyOyBCJU76tEvSTnJVB-ZzduY6qECerkH2-dkruvZsr4t-Zb_MyK_4w4ij_gTMY2jrlb6mpS9qJPSQ2rMG-qHFe1l4hAPAnQG_7MXS4V8q9zL0QpAIoO8k&google_hm=WTVjNmlNQ281czhBQURWdFJYUUFBQUFB
Cache-Control
private
X-SO-HostName
a-ad40287.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40011.dc2p.scaleout.jp
X-SO-IP
116.90.74.215
pixel
cm.g.doubleclick.net/ Frame 84AC
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEEh-58t6ctEPwDVR-s5qrr8&google_cver=1&google_push=ASkJ3FYDqGpI78rPLnZ7It3-puCFobf7GK43GpMYE1BjGFH65WuNeUnub...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ASkJ3FYDqGpI78rPLnZ7It3-puCFobf7GK43GpMYE1BjGFH65WuNeUnubSOWpabt6lLtQ7NagHaUtft9cNdM_YQWdxJQOcBem0Zmn177fSkqG3KYNoc0vgX03TQSE0Whl...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ASkJ3FYDqGpI78rPLnZ7It3-puCFobf7GK43GpMYE1BjGFH65WuNeUnubSOWpabt6lLtQ7NagHaUtft9cNdM_YQWdxJQOcBem0Zmn177fSkqG3KYNoc0vgX03TQSE0WhlZMhPVtWrJBTP6lP&google_hm=QlMuMGJiOS02NmY1LTRmZDMtYmEwYg==
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ASkJ3FYDqGpI78rPLnZ7It3-puCFobf7GK43GpMYE1BjGFH65WuNeUnubSOWpabt6lLtQ7NagHaUtft9cNdM_YQWdxJQOcBem0Zmn177fSkqG3KYNoc0vgX03TQSE0WhlZMhPVtWrJBTP6lP&google_hm=QlMuMGJiOS02NmY1LTRmZDMtYmEwYg==
Date
Mon, 12 Dec 2022 14:28:24 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 84AC 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kx3XTGhMu3XKh0ZoxvBwNEso-MYjf9J5eYjenB71y0l-Q9ZeZoY7WFNc7sWcScSJUyGnp5Dw
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8230 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:24 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 8230 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:24 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8230 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 07 Dec 2023 14:28:24 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 8230 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 07 Dec 2023 14:28:24 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 8230 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=4lj_ioZCUyBvh5v7I2bIg29BdjqRa3LbfLcFEs2Lb9zTP19UKD4VFTnStr3yrSWD_o-TaTTTeRuwEZq4flafQVEHcCcFzBEu423-OMEOGkwCvjgxiB4oiWRRsgxjrm_D3pQ2zIQybQ1_8WCpjtAwHWpkxhNqT4Ol-KKkTHua7by5KSrou2fhTAvE1PXv0YRDow_xgw_RDCAcI-fmBQ7RI5gEEuC2zPMeE9m1c71FNsq8WQ9AKP7XPFAPetWfdT99ciMh9ig4TJidvCr-RFOkba4ZItA9-2eTosxgWgXfEIfq5ym1nqAHkZkGFJKj551cZhsSsc-QthAeQ9CB2cOO8m19rR5K4egJE6HHeX-YVcKPdN5cR1c8tQxVIwRjc71tMVJ5LecYjPqy-dYKaPDXhwuPcUqJe6AvkdeOWWtwE92ZvBq4
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1827054
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 8230 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:24 GMT
img
pix.as.criteo.net/img/ Frame 8230 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=99914&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F99914%2F221018%2F6ce37c12b49c4d5ba723ff6b2bda79f9_output-onlinepngtools_%289%29.png&v=3&w=236&s=3ha3RCqdhySPBCE_0chXeOWY
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c3d5433298df9a32c8a53ddba38c14ad17bfbfa86f28d4619fe8f092bf4f62d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28999644
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5124
expires
Mon, 13 Nov 2023 05:55:48 GMT
img
pix.as.criteo.net/img/ Frame 8230 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2F0P5A1753_b8f0532e-3f68-4e14-a5ee-a710cd0b193e.jpg%3Fv%3D1656560543&v=3&w=400&s=Pk1XOSzYVvggLu2DHpo0_nEy&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
57d4523b3246a3610a87f14af4cae347c5eb0d76b1bac944766bb9ffc3ac5b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29604696
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14034
expires
Mon, 20 Nov 2023 06:00:01 GMT
img
pix.as.criteo.net/img/ Frame 8230 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2F083A4736_1.jpg%3Fv%3D1650927495&v=3&w=400&s=dDm6ARM-KejnMu2eAyEqBql1&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
116d4ec945711ee5b7444c0bc4f78e93af4b4519adfff64b73d6cc7acf1f6ab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29446828
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9808
expires
Sat, 18 Nov 2023 10:08:52 GMT
img
pix.as.criteo.net/img/ Frame 8230 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2FJamieKay_LilouCollection_JesseCardigan_HeronMarle.jpg%3Fv%3D1666835982&v=3&w=400&s=pF9E_De8oxdL2nTV5cR4xFK6&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ff9144c3da5d52934c82d7a49997bf685724e98998365d1487de537d0291847b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28247534
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9384
expires
Sat, 04 Nov 2023 13:00:38 GMT
img
pix.as.criteo.net/img/ Frame 8230 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2F083A0317.jpg%3Fv%3D1659242774&v=3&w=400&s=aG-Dp9c7UG1DEWCMAFe4_qbh&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f654e5e0f1e92a21012fb0f8b1ab6f25cfdbc680ace76a0631a0d96e50101466
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29448272
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13320
expires
Sat, 18 Nov 2023 10:32:56 GMT
img
pix.as.criteo.net/img/ Frame 8230 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2FJamieKayTableware-ApplePlateHoney-removebg-preview.png%3Fv%3D1659251759&v=3&w=400&s=shYXIpWaufn2znYVh2jkbXdC&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
6239bb438194e1e2276e6c70c7297c23cc185667ceff238681c01c325e77604e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29587816
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7528
expires
Mon, 20 Nov 2023 01:18:41 GMT
img
pix.as.criteo.net/img/ Frame 8230 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2FScarlettShorts_Rosette_4.jpg%3Fv%3D1665620789&v=3&w=400&s=u88D3ojBIOAsVr-O_xSnO-68&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
0f551648a712ba99175ed761c9b3d4700c290e18febcb48c8351b9a5b6cc9759
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29759152
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14010
expires
Wed, 22 Nov 2023 00:54:17 GMT
img
pix.as.criteo.net/img/ Frame 8230 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2F0P5A8663.jpg%3Fv%3D1656560728&v=3&w=400&s=VtYxT06BYzfdIMJEqvx_3wsg&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
8fb5d8c26e3a69372525ec22d115985c1a7e43af590fe126680c0f4bc664258d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29459008
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13690
expires
Sat, 18 Nov 2023 13:31:52 GMT
img
pix.as.criteo.net/img/ Frame 8230 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2F0P5A9143.jpg%3Fv%3D1650789592&v=3&w=400&s=4vEcJevQdyXAByJJxh0PxD5U&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
dbb0454eb7b13da25392eb02e3a9f00a472ffc936d5a1cf13005d745bb8fdd2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29458687
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15206
expires
Sat, 18 Nov 2023 13:26:32 GMT
img
pix.as.criteo.net/img/ Frame 8230 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2FPointelleLongSleeveTop_Cupcake_3.jpg%3Fv%3D1665620684&v=3&w=400&s=6cNnAJhtc4XAOUdEn_27-5wH&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
d178c910d1c0edc8c52b6fb0cfebaf5f917cecb0d527168420382827724f5f53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29687118
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12366
expires
Tue, 21 Nov 2023 04:53:42 GMT
all
csm.as.criteo.net/ Frame 8230 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=bpllXmfqe4STNYbEIMZszXubunhbIJZQCJREiqaPMGqjOgOMzbGOBdwXkiMXkUpKit14MQTXHUGIJoItDV_dvtI3TavaYF-g3HSSfqz-reTCdkAh8CKq0C5iP5Zz2KFa5mRB71FwPHBVywj2bEP4wuo-y8VY-TAFbR9SMfFVNV1VCVNL8jHJdaJ5TZB6qe4n_V_zwOcQMXrL5_n8ru40ZjLtbuQiFje6OCtOiV_QFQAuJvg2gM3xmQVtxHjyMZzAcXDae6BwuTnORIDo&sds=2&rev=83862.2&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Dec 2022 14:28:24 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8230 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:24 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8230 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 07 Dec 2023 14:28:24 GMT
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame 393C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 16:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 16:04:23 GMT
/
b1t-sindc1.zemanta.com/t/imp/impression/EETHLYOUSMNYBEYIS6ZUTVOYMVBHCC5PUK2YG252JI6JMTQM4544YUB6YB5C4CDT4EAPYD5J2ASRBZZEIQ6VIRDY3A74LSKBSFXLK77TKKR6EOV5HUAD6EXD7EXQTHALSOIAMCCK74K52BAIX56NNXVTSZ6HO... Frame 9523 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-sindc1.zemanta.com/t/imp/impression/EETHLYOUSMNYBEYIS6ZUTVOYMVBHCC5PUK2YG252JI6JMTQM4544YUB6YB5C4CDT4EAPYD5J2ASRBZZEIQ6VIRDY3A74LSKBSFXLK77TKKR6EOV5HUAD6EXD7EXQTHALSOIAMCCK74K52BAIX56NNXVTSZ6HOVWAHYFITV5IYRYZNYWA6V4DNRLAI4Z3HWWT6SMTFZOVYEDSWAGMD2PQ23SNO3WUSKRGU25DP5FN6QVFTBBR467FIJMLLBI2OY3XAY7MIWX2NG5OEBNMW3XR5OGVWPPW47CYIYJPXWOI5HCXNRVPB7AMGL7BLQC6ZH5EFY3OPXWGSFQNJZKTKM4NH6P7BN3BI6GIXCCMCSWKO7EPUHYQD3VQ/?
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 14:28:24 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 9523 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.241.105 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-105.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:24 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Wed, 11 Jan 2023 14:28:24 GMT
2931e1e66b5a706025afc317c5f2eea8cb.jpg
zem.outbrainimg.com/p/srv/sha/cd/a4/1f/ Frame 9523 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/cd/a4/1f/2931e1e66b5a706025afc317c5f2eea8cb.jpg?w=159&h=88&fit=crop&crop=faces,center&fm=jpg
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.46.132 Singapore, Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
b6a02d06201a3c597a748a914098890a059972a28df25aece2810c7ddba779e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:24 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
3541468
x-cache
HIT, MISS, HIT
x-imgix-id
20c1960c7122fc0ed975d9b7a638ca9e907755e3
cross-origin-resource-policy
cross-origin
content-length
7984
x-served-by
cache-sjc10036-SJC, cache-qpg1259-QPG, cache-qpg1268-QPG
x-imgix-render-farm
01.592
last-modified
Tue, 01 Nov 2022 14:43:55 GMT
server
imgix
x-timer
S1670855305.637329,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CD1F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
85736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 14:39:28 GMT
etag
48472445140208031
expires
Mon, 12 Dec 2022 14:39:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2242 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d76898d3055b34b5c8e52713373c018d917da72f1a858d8d2aae482bd8ce84a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9523 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b06037439c7a4801d4cf93324ec1bcb26534f485b145d2a8ca334d61c7fff00d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1EB5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
527974
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 11:48:50 GMT
expires
Wed, 06 Dec 2023 11:48:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2B82 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
180899d51c0ca22cbeb1a9c18501a5e3c34043b9b0a07a9b19ec683e5ab0aeff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zjKTI42_LIw0upbw3KEnwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-zjKTI42_LIw0upbw3KEnwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:24 GMT
expires
Mon, 12 Dec 2022 14:28:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oebu0&_p=7644&cid=1952779668.1670855302&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670855304&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&dt=%E8%B5%B4%E6%AD%A6%E6%BC%A2%E5%B0%8B%E7%96%AB%E6%83%85%E8%B5%B7%E6%BA%90%20WHO%EF%BC%9A%E6%89%BE%E5%88%B0%E9%87%8D%E5%A4%A7%E7%B7%9A%E7%B4%A2%E4%BA%86%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B9F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221206&jk=1346008572914845&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame D356 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttZGJIvp4f5PiuWdY7LopZ_bWrBBtnNP9SJyrsVCtViXritzNl399upe3s25GYkvgeLl4IOWAYzuzEI52F_4stJz3u&sig=Cg0ArKJSzBkQu5qLJhC0EAE&id=lidar2&mcvt=1017&p=0,0,280,336&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670855297879&rpt=5406&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame CD1F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKGIAZxSu1tvOBahdwQSDDw&google_cver=1&google_push=ASkJ3FaLmnmTir76tsmQKk10Jx4mBzm0sh9OS6QRXGnubVhzwx_1kJAV8veH6KfjMXX92WtYoA9OzlONc0GLlizYw9eZeFoLqmR3k...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKGIAZxSu1tvOBahdwQSDDw&google_cver=1&google_push=ASkJ3FaLmnmTir76tsmQKk10Jx4mBzm0sh9OS6QRXGnubVhzwx_1kJAV8veH6KfjMXX92WtYoA9OzlONc0GLlizYw9eZeFoLqmR...
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKGIAZxSu1tvOBahdwQSDDw&google_cver=1&google_push=ASkJ3FaLmnmTir76tsmQKk10Jx4mBzm0sh9OS6QRXGnubVhzwx_1kJAV8veH6KfjMXX92WtYoA9OzlONc0GLlizYw9eZeFoLqmR3kzLIFngD1pXp7oHYOCJop-jh_fEXF-pgZj3cjlpvdro3KKbgJ-YzhEs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FaLmnmTir76tsmQKk10Jx4mBzm0sh9OS6QRXGnubVhzwx_1kJAV8veH6KfjMXX92WtYoA9OzlONc0GLlizYw9eZeFoLqmR3kzLIFngD1pXp7oHYOCJop-jh_fEXF-pgZj3cjlpvdro3KKbgJ-YzhEs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
77872577df50fb80-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:24 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1952
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKGIAZxSu1tvOBahdwQSDDw&google_cver=1&google_push=ASkJ3FaLmnmTir76tsmQKk10Jx4mBzm0sh9OS6QRXGnubVhzwx_1kJAV8veH6KfjMXX92WtYoA9OzlONc0GLlizYw9eZeFoLqmR3kzLIFngD1pXp7oHYOCJop-jh_fEXF-pgZj3cjlpvdro3KKbgJ-YzhEs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FaLmnmTir76tsmQKk10Jx4mBzm0sh9OS6QRXGnubVhzwx_1kJAV8veH6KfjMXX92WtYoA9OzlONc0GLlizYw9eZeFoLqmR3kzLIFngD1pXp7oHYOCJop-jh_fEXF-pgZj3cjlpvdro3KKbgJ-YzhEs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
778725760f24fb80-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CD1F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJbRLbw8T_Ki2e2PHLmH9zI&google_cver=1&google_push=ASkJ3FZn0I7v8tlJ08nOSNx1xRGUrQNAaK5ao4q9oxYnLuvk6s0T8QW4neKz-6wTvWpJBpq8fEazOOGKLkXKN7nfBbO3QvZG-bSltP...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A8AFE4979E8142898A58F6FD1535CA71&google_push=ASkJ3FZn0I7v8tlJ08nOSNx1xRGUrQNAaK5ao4q9oxYnLuvk6s0T8QW4neKz-6wTvWpJBpq8fEazOOGKLkXKN7n...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A8AFE4979E8142898A58F6FD1535CA71&google_push=ASkJ3FZn0I7v8tlJ08nOSNx1xRGUrQNAaK5ao4q9oxYnLuvk6s0T8QW4neKz-6wTvWpJBpq8fEazOOGKLkXKN7nfBbO3QvZG-bSltPuHZ280c_D3BEcLee03dVQgXtiCW5Ad3lURWsHOfDWq9AHiNNK4X50
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Dec 2022 14:28:25 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A8AFE4979E8142898A58F6FD1535CA71&google_push=ASkJ3FZn0I7v8tlJ08nOSNx1xRGUrQNAaK5ao4q9oxYnLuvk6s0T8QW4neKz-6wTvWpJBpq8fEazOOGKLkXKN7nfBbO3QvZG-bSltPuHZ280c_D3BEcLee03dVQgXtiCW5Ad3lURWsHOfDWq9AHiNNK4X50
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 11 Dec 2022 14:28:25 GMT
sync
gdn.socdm.com/rtb/ Frame CD1F
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEFJjZ9VaGboLIzXYDkNNgq0&google_cver=1&google_push=ASkJ3Fb7h3PDw_1FhZn7frWiDxIQzVfImkj6Cf2PzXnvn1Bx7DIDv4pTXdbZTP0t0J6Xg...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTVjNmlNQ281czhBQURWdFJZRUFBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEFJjZ9VaGboLIzXYDkNNgq0&google_cver=1
43 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEFJjZ9VaGboLIzXYDkNNgq0&google_cver=1
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
124.146.215.4 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 14:28:26 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEFJjZ9VaGboLIzXYDkNNgq0&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.215","key":"Y5c6iMCo5s8AADVtRYEAAAAA","privacy_sensitive":false,"uid":"Y5c6iMCo5s8AADVtRYEAAAAA","upstream_id":"a-ad40245"}
X-SO-Key
Y5c6iMCo5s8AADVtRYEAAAAA
X-SO-Upstream-ID
a-ad40245
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40245.dc2p.scaleout.jp
X-SO-UID
Y5c6iMCo5s8AADVtRYEAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
116.90.74.215
X-SO-Cluster-ID
0
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
3
X-SO-LB-Hostname
m-ng11.dc4p.scaleout.jp

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEFJjZ9VaGboLIzXYDkNNgq0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CD1F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENTZGWdNMY1dD2c0ogZ1CP8&google_cver=1&google_push=ASkJ3Fbdqa4jp4Li1WeD8CUtP83hrN4fGE9CdkVUcd_4Y-MVZ_0RYLNzMjJo3PHetuzWgTfpxwqNUC6TChmTNHVv56b5Ehl...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbdqa4jp4Li1WeD8CUtP83hrN4fGE9CdkVUcd_4Y-MVZ_0RYLNzMjJo3PHetuzWgTfpxwqNUC6TChmTNHVv56b5Ehl_zFOMzRdMpJ3ByPxc_GSkDh3DAkvb-r0cgR1Gi...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbdqa4jp4Li1WeD8CUtP83hrN4fGE9CdkVUcd_4Y-MVZ_0RYLNzMjJo3PHetuzWgTfpxwqNUC6TChmTNHVv56b5Ehl_zFOMzRdMpJ3ByPxc_GSkDh3DAkvb-r0cgR1GinC7ENcmHI4anv2bKARymjE&google_hm=eS1DZUhCZW9kRTJwRks2UlhDSlNnZzROcjRGdmw2M3psTn5B
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Dec 2022 14:28:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbdqa4jp4Li1WeD8CUtP83hrN4fGE9CdkVUcd_4Y-MVZ_0RYLNzMjJo3PHetuzWgTfpxwqNUC6TChmTNHVv56b5Ehl_zFOMzRdMpJ3ByPxc_GSkDh3DAkvb-r0cgR1GinC7ENcmHI4anv2bKARymjE&google_hm=eS1DZUhCZW9kRTJwRks2UlhDSlNnZzROcjRGdmw2M3psTn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame CD1F
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEAyy2JZnfytrxoyGnNIOc7k&google_cver=1&google_push=ASkJ3FY8_fEcywG0wNjVTu5XxQskRv9J-v4cyX-64DCPwMNFklQK6LHBMTktf22TlOqrh_8hPe_ZS3tVPK2VE4nbKuvlFAQi8IJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FY8_fEcywG0wNjVTu5XxQskRv9J-v4cyX-64DCPwMNFklQK6LHBMTktf22TlOqrh_8hPe_ZS3tVPK2VE4nbKuvlFAQi8IJ1SxncGz8myVbye48RlYhZ-u5MXHX7MdL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FY8_fEcywG0wNjVTu5XxQskRv9J-v4cyX-64DCPwMNFklQK6LHBMTktf22TlOqrh_8hPe_ZS3tVPK2VE4nbKuvlFAQi8IJ1SxncGz8myVbye48RlYhZ-u5MXHX7MdL8ICxo5SGwn5-PX4RTnAe_U08&google_hm=Z2E5NzZiYzlkN2JlYWYzMjU4MmI=
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FY8_fEcywG0wNjVTu5XxQskRv9J-v4cyX-64DCPwMNFklQK6LHBMTktf22TlOqrh_8hPe_ZS3tVPK2VE4nbKuvlFAQi8IJ1SxncGz8myVbye48RlYhZ-u5MXHX7MdL8ICxo5SGwn5-PX4RTnAe_U08&google_hm=Z2E5NzZiYzlkN2JlYWYzMjU4MmI=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame CD1F
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEHee-oaf6aA_2plzFFLURkg&google_cver=1&google_push=ASkJ3FazjfzO2-mXANM1o3yJz9J94FRcHl0lb3DgpRp5hoJQCv_aq2DltNfF3jTYLcSCxCBrWJG_xhDHdzmcOmUcDTVs2Kzi1...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEzODU2OTA1NzQ0NTU3MzAwMFYxMA%3d%3d&mn_hm=MzEzODU2OTA1NzQ0NTU3MzAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FazjfzO2-mXANM1o3yJz9J94FR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEzODU2OTA1NzQ0NTU3MzAwMFYxMA%3d%3d&mn_hm=MzEzODU2OTA1NzQ0NTU3MzAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FazjfzO2-mXANM1o3yJz9J94FRcHl0lb3DgpRp5hoJQCv_aq2DltNfF3jTYLcSCxCBrWJG_xhDHdzmcOmUcDTVs2Kzi1USAXGi_YVS86zrI-WoolVZIdSrNlh99BaUrGsz5mt-kWz7HAlUxST7k7jU&gdpr=&gdpr_consent=
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:25 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEzODU2OTA1NzQ0NTU3MzAwMFYxMA%3d%3d&mn_hm=MzEzODU2OTA1NzQ0NTU3MzAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FazjfzO2-mXANM1o3yJz9J94FRcHl0lb3DgpRp5hoJQCv_aq2DltNfF3jTYLcSCxCBrWJG_xhDHdzmcOmUcDTVs2Kzi1USAXGi_YVS86zrI-WoolVZIdSrNlh99BaUrGsz5mt-kWz7HAlUxST7k7jU&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Mon, 12 Dec 2022 14:28:25 GMT
spacer.gif
an.yandex.ru/resource/ Frame CD1F
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEGnbqvSln8O31v7tajFQfJc?ext-param=ASkJ3FZQc1VXN3rQ4YzppDBDVLCcZIsbvZG5Bscz5sGmjq8WMhti174SwfvKDkCEMx42uCLLnng2YpmKvsgywW8usK0lbgkXFjmeoYQ6X6UiHRApRymlRl07ZBRc...
  • https://an.yandex.ru/mapuid/google/CAESEGnbqvSln8O31v7tajFQfJc?redir-setuniq=1&ext-param=ASkJ3FZQc1VXN3rQ4YzppDBDVLCcZIsbvZG5Bscz5sGmjq8WMhti174SwfvKDkCEMx42uCLLnng2YpmKvsgywW8usK0lbgkXFjmeoYQ6X6Ui...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEGnbqvSln8O31v7tajFQfJc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 27 Nov 2023 14:28:26 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame CD1F 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KZLEuCl03hP4UxQ0vd8wc_peXDeTM-lIM4mzw2MTjcmLeGmzlY9NJa-7tpI0BaRldH6tJpdA
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame 393C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wyTEfA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame 1EB5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 16:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 16:04:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2B82 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221206&jk=3172550417314986&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bootstrap.js
s2.adform.net/stoat/626/s2.adform.net/ Frame 8227 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Requested by
Host: asia.adform.net
URL: https://asia.adform.net/adfscript/?bn=56367621;click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCchWihjqXY9ucGsrorQHHq53QAY6h_-9tnZy51YoKwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQngAgCoAwGqBKgCT9BrADEMUuE3Zrt4Ko_SlLwR-1gN5SlAznXVD68wTs_N4XlVuDO9Cnfni27lJ9x8gth37-3VX-sxR5xGYznkdXfq7Fv4GCDj6AXBcombwi56TFf_ua0ncpR1XbMtcoh_Fkedbk0QdDWwVgX6_Cgw2YseEP4BllZJlA7r3GHUxR0IkMuaYBVqOFS3XIYYy_2mfMFlyMH1HMr1PF2h20z6HOticbDZ0CmEVo5eBzuiX2FDcZBQL6YpyCaPrsYKvJltRu0gGG-zVvH_qUCo6pqlYg60swhEiTKRbY43mTCe74FdzYIyzWz18mdJDvfiXY8nPFnwUP9l8lMB1Ibu45lndjPAolsxClu4qKDDDXtn-V0DFhLJH1Fl0tnK4lYW9Jfso_Yj-BiBUsjgBAGABofS48zJpOj8VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0cfSO5boi05YZGqIgujH1rbvMUEw%26client%3Dca-pub-8933329999391104%26adurl%3Dhttps%253A%252F%252Fr1-usc1.zemanta.com%252Frp2%252Fb1_googleadx_display%252F27660748%252F92404980%252FAGKG7OXTSH5KT4AWFG7IIEA6LWEB5BAJXESCUJ5ER23NP5DE77AWUECK6E5Z2UC6XJBJBOVECXVVRBVRIKF6MIJ7XW2KOATYW45AZMUEKMQX2ZR5R7VPD3RLS22AFVHZJA5XHQMJQKRRRDTDT3NUPHMHBYQVMLB7WSNCYWTAO6GB34MEUQAEVHVAC3HQANYS4TGEAJ7S36PQFLB4M4LQLIZ2D4XZ2MOHN2HNATVMSIGKXUWOBZ4LQFDOKBSZTDHFX2ROBZMR67F3EE7OYQYSXXTWUZB7ACJJLTLKW7HN3YCLI4F6MGJLJQ5SRGWUJSCL3R7IOFXL6DHCOSHUZDHJ4GYH5LO4662L37WQES7327DD7L5ATL4RRWPPRFQRC2LMDNYP36TNMKHISJFQAD64EGAI3BFMQLARBDNRBZFZQUG3RXRTR4IJIRUZXNQKOP7KN5QRQAPYNC26J3SVG3OA37OJDFFQOKCV24AOTJORBBXSDI5LTRCUXBJZ5PZRY3BYDNCV5Z2A3DH6QHUHATVVQ4R2JKXFUOZB6YD3MS3AQ5A6ZP5GHTGMDIN7J3W7M3OR%252F%253Frurl%253D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.56 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8b1719d28e80205c8ce4ec2285a705276ff3bd6c2e6ba01ecb73d0a4f77b94a9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:25 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT, HIT, STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 07 Dec 2022 22:21:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6B19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120601&jk=1779579407742615&bg=!4OOl46fNAAYgquz3AKo7ACkAdvg8Wk3B1H-lnEuQPcjNhsZaDTGfIFDiQAf1mA7RUM2H-tJb-YEWOwIAAABWUgAAAANoAQeZAszlb9gBDvqSkzdG64fZZsmvteSBY9lviB8GJmzOIhO5WjOxdyC-95CTzG-ESweGi5YkRJILdDZraYThDFroqG9hivH6uhj1aDxMAmRqN3rtK_zT_adUx8eqb5kGCfUUq2zoe9SXlNmotL01jnspM2VGp1YIXetBoILlcPTbaS8A3OU7Uh80X8sMuaNBqrxDykuu_E2v7AQuLNupr8qzKeHXJcT0usOm7sUVRiNQWI7ntSqfJyebHC2lJi4T7dFFpyhXH3qkF6paVs_Trwn-3KDz4AqCcYuN4WJZ47SIuFnkpKSUn-sHCEexc38Itp5qTjEcr4TyZSNT9CkJzt3Wu5a86Xi_1xlL6BIhKUOSoDqrMIvU3aowaDu-uJONcW9oZWjssYDO-cGE2OplcIctbM5tKosZ9crp6GEwa8dNkJCniatORXVEuTrdrkYlRLAUSNpejkka5X-xNzc_p_cOdDDh4H8f3reY4rfVXnIJ1_PuGAgGwdSuIlmAtBxWzh7Jc7kQYMFBQgboXQsK3K2Ke5bYseIJIh-HBXsprn7mkamZrgMcMGqo91tDqyo-wD8WHuLM2kvcQYRXL8DACNeyFnvM6V28QD3uZrPByxYW0Wt3xh87J5ZSEKB71Th-bnwaVlTyBCtBLyPkgTqiprfCVyJ4IOfFeH4uxsIbUoFqs_fVuBju4riD8YaWPTvI8yt8HHVJoKVVrnHbNhDnK4lTRnu76ngXqpfbDOkbRWV2LhzTKO9mxdLXuGR2Oxd-0WJTxEChvKrtwV9O-rlggDFpcDBu_DvuNFadv1bPQ_NWox1E2JJiUkDVd2NhqE6e2VdsaJj-oKgtw8cyGyaWfVbUpveXeccIaeuYcaj6wfyNv55wggibxNxITEC9iaeoY-Vw1gFZn5rRM60ZYH4p4AjcL3l-FvJMFsyrDC0JFXEe_ikosClh4_SJHqF0EGFOiQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 1EB5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_zrIMw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
all
csm.as.criteo.net/ Frame 8230 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=bpllXmfqe4STNYbEIMZszXubunhbIJZQCJREiqaPMGqjOgOMzbGOBdwXkiMXkUpKit14MQTXHUGIJoItDV_dvtI3TavaYF-g3HSSfqz-reTCdkAh8CKq0C5iP5Zz2KFa5mRB71FwPHBVywj2bEP4wuo-y8VY-TAFbR9SMfFVNV1VCVNL8jHJdaJ5TZB6qe4n_V_zwOcQMXrL5_n8ru40ZjLtbuQiFje6OCtOiV_QFQAuJvg2gM3xmQVtxHjyMZzAcXDae6BwuTnORIDo&sds=2&rev=83862.2&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y5c6hgAGjl0KK3RKAAdVx7PYTTYQaGxvweOUWg&u=%7C0VmmL%2BI07ICA3WlBzEAlz87SOn%2F7HugS0kHUArLdWY0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zJICWnb7rY2Z6jfz2Z-EFKzho1QTDcrzV6lbUsWD_sQ6n98vdMFmnPzGiCNhd7ky-qnmd_v8LHYlphBYZORzgtyiNEtjIB6lijlWpBpWpDb63UpDh5-bIA2pOdkl-ekPMhRMB689qywFyppVPp_lwyZtr42mz7g07wcz5DlOT0twPDhgEGSnVv20o45Mc-sY0ExoHtYLR4WBQ7qLn1TlKJiUwVSkWVGhFciqVyMAiM6gL_ItgQxykTK6kDpwOuPxTnEzVu33O6FyGdgJXbXZ_xocAgr4_oN3cUwZ72N13mWnAjFEpcMirxvkP0QrrBIZdGuwjy-pwOP8idhsOXCXZ57jk0lmRH-Bzk_vAwbefmmbI87dVB94dmsR3Lv48FFWRAN-5n2Z-vhBlEnVScN9_C5jUdNJ7gAf98Mn--qWPPuGMBtKtq-YmQRt3dmad51KCC0EP5CQaGdVCLeHdmMuew4ZiCNQwMITqWeA4XJ0xy-b-MDyqhI9mmMwj0YiRdDO6pJtd4h7W0KmT3_riuqT_KKHJnRO96PGyJ6LKcD_Wm2qYU_RsKGMrSYGKI_LZinF1g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1gCwhjqXY92cGsrorQHHq53QAZj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAoYGVW6LzKY-4AIAqAMBqgSoAk_QyxZ8dJHD55JnUGEYm6AobWNOxuZPsCAHOsBuPjO5UigpxcpQ472QG2BRleW_ASGD_2Cfvf84N-8_0awDlJwKnM0NMdo2BevjkKKf8pVxn12MSyPehtyo_s-0CpZLdkaC6fiw4uzWmmf0B7nRytXURpuxClJoYqBqBtkLLiKgMAjbwKkOMEiL9vdNitjdFksDG_i90B-4jvv_SxtJYzEW7tiX6-gaDgf4BiQKAE6UC4CxJmHdQZiRgh297H54SinJ5G8088hOXF_xfnclnDGWFs7PWhovjTFBzys_kMEA1txdMKfhxQRqGvD8nu6ernxIol4xTyntCTIaI5jQQ8tRk_tWoAJfO-QQDVHYqtMX9oO2ellPvlSLcsEfY2kmmXc2_OieauUc4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32sGNUt1eBlYNEoudirnz9fwRwaQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 12 Dec 2022 14:28:24 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 21B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120701&jk=365639046826897&bg=!2dql2p7NAAYgquz3AKo7ACkAdvg8WpWATUOtog_e8IJW0TwkfeBXa2ZZaeQCSQXoiXt9oCA2opRU6AIAAACBUgAAAAJoAQcKAAG2mQK1ohnZbuhN6Gx-CxSRGfZG7HXI5xuFkgcMnkC9QIUGsHaDAyjD-V7WsHD6emVKLJ91u0cYLYEohTloAAU4Rl27b5Az9FkVqprIPGcY9yKF974GMQrMnAwimErio8AO-HtCoFBzWA2eyLiicPWBe-Apu6SVgWAfVrghfuoa_-f8lAvGBcvU7iwG16UKvCbtfuLQj6NhPk5oevbScL4jpgJaxO2TEP48cdpLEQLFgD_Vn66bzls09W64h-ky-WiLZ-a0beK3agXdvV5zww7SzY19vofY42CEdwHABAbFn6yCqLoLK-VQipo7ce7rkDIzNe7pzyh83pWys1eN36Akqk_vXGyZ6Z3EhyqPctjWGlpiyBDGQcdpRpHOMtaHCUVc3t0sK32eHpETvAv9sOaQUMg9Hmf_c2Kcwj8JqdyDpm51Rfx0bpGjTp0VdcyDeCmTuAyWscHvKIZFY1AH8YnazajVPGoghKzEyZc-_usObc9KZIxHVLHJptDuyYePZmcm8YjjqB2P9Rew_XGFaLNUBxvtvJhnGZCG1CmsqYqFa4JJk8o8IDOkQUjiBPTh5vaYaaxecKdzonOAs02Yx2YJfzO8B0E3l4ro8q_CNDYttgICH1h58icC8L2gFaRQHoYalMJHecmspYTbMdS4aAQIgKNOswxAhhnTH0rYvCF_fjTRLo9lPMmnv1ClBsSn9Pyi_JZoJ2Ptl5Vvdx8gxnOcYoFeN590qmikw8MzQpt6OGrJB9jkonAPTXsqbmgKwLh_LL5RTNgKb_F2nTVKtZ42PbMB7rSy8JLUn55poFlYipGXo0m7RIhMEXx7uqZNZdBv_yDmLPv6QtjgbiEtYmZBMLL1tivX2ZhYu-CAuvj3UEOmP-s8alnvSCVOwIav_3WKAioGH3vXTJoR-ldg68UxJ0tPegFFRR5F
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 12 Dec 2022 14:28:24 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
457624
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		332 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
032763c1c9bf9af9c38f12252fe38e2dd21c7e8cc4ca4b7b040c25f4f0de8ad9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
719183
expires
0
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
96239166fb50b39dc6f5562bde04faf124072afd37ac4a195baac2bb0bca607c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 14:28:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 11 Jan 2023 14:28:25 GMT
usync.html
eus.rubiconproject.com/ Frame F7B6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Dec 2022 14:28:25 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 5A8B 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-81.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
67819
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sun, 11 Dec 2022 19:38:08 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 af1ebb4ababebd1a1df1142680fed58a.cloudfront.net (CloudFront)
x-amz-cf-id
gW103Xun9AF-mqCSaenD5RLsYorjVYy_uioIN1JsEs3NREv_LohLXQ==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
pd
u.openx.net/w/1.0/ Frame 5B4B 		533 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
17a21bf823d514346166fbfc1673889f0614f6021ce8318ddc776b633c023507

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
321
content-type
text/html
date
Mon, 12 Dec 2022 14:28:25 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
checksync.php
contextual.media.net/ Frame 53FF 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.140.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b58432b2486b3cfae1052cdf3e26f9c9efac4be3a0d0961a775468acc1e30d28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=81742
content-encoding
gzip
content-length
11800
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 14:28:25 GMT
expires
Tue, 13 Dec 2022 13:10:47 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync
eb2.3lift.com/ Frame C859
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
b14304e8831ec1adc7a05e2fe7125c8669f41448479e7d910142863522c119a6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Mon, 12 Dec 2022 14:28:25 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 12 Dec 2022 14:28:25 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame 9178 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
147
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7787257bdbc41c58-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 14:28:25 GMT
expires
Mon, 12 Dec 2022 18:28:25 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 91A0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53036
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 12 Dec 2022 14:28:25 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 02 Dec 2022 04:31:25 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
50, 60619
X-Served-By
cache-lga13626-LGA, cache-mel11245-MEL
X-Timer
S1670855306.654387,VS0,VE0
/
onetag-sys.com/usync/ Frame 5C1A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1670855302152
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b035eab1b53feab6435f7380e20c8a03863ea6f8691ee1ad122926963472e1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1373
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sd
us-u.openx.net/w/1.0/ Frame 5B4B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4428618427978381074&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4428618427978381074&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4428618427978381074&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 5B4B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=018c8901-b18c-752e-d11e-85aacdd98516&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=018c8901-b18c-752e-d11e-85aacdd98516&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a8f77359-9db5-4714-9b79-a4238e9812fb&ttd_puid=018c8901-b18c-752e-d11e-85aacdd98516&gdpr=0&gdpr_consent=
43 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a8f77359-9db5-4714-9b79-a4238e9812fb&ttd_puid=018c8901-b18c-752e-d11e-85aacdd98516&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a8f77359-9db5-4714-9b79-a4238e9812fb&ttd_puid=018c8901-b18c-752e-d11e-85aacdd98516&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 5B4B
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y5c6iMCo5s8AADVtRYEAAAAA
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y5c6iMCo5s8AADVtRYEAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 12 Dec 2022 14:28:25 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.215","key":"Y5c6iMCo5s8AADVtRYEAAAAA","privacy_sensitive":false,"uid":"Y5c6iMCo5s8AADVtRYEAAAAA","upstream_id":"a-ad40245"}
X-SO-Key
Y5c6iMCo5s8AADVtRYEAAAAA
X-SO-Upstream-ID
a-ad40245
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40245.dc2p.scaleout.jp
X-SO-UID
Y5c6iMCo5s8AADVtRYEAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
116.90.74.215
X-SO-Cluster-ID
0
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y5c6iMCo5s8AADVtRYEAAAAA
Cache-Control
private
X-SO-Ads-Time
5
X-SO-LB-Hostname
a-tgng40011.dc2p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame 5B4B
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUgsXFXpKiQTks8ADxwUyKk9vs8AAAGFBrys3w
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUgsXFXpKiQTks8ADxwUyKk9vs8AAAGFBrys3w
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUgsXFXpKiQTks8ADxwUyKk9vs8AAAGFBrys3w
cache-control
no-cache
content-length
0
x-amz-cf-id
u4OYlAfaQStJqq20mTNiRvRhHy-9qL8V-elmwv6BgDLsKxEUp6GPuQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 5B4B 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmRlMzVhY2ItNzhmYi0yYjhhLWM0ZmUtZGYxMzA3M2I0Yjc2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5B4B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK13ENJBhLnywW8HHIQiZbg&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK13ENJBhLnywW8HHIQiZbg&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK13ENJBhLnywW8HHIQiZbg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2141
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e54506417eab0d5934dbf0943c57131ecb2456eb6e9e8f25ac6496c922d687e6

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77872580ccfb1c58-AKL
content-encoding
br
content-type
text/html
date
Mon, 12 Dec 2022 14:28:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4V4%2BscEuFYbZ6UXUqfacq3QWPJvJu%2FzGgToQXBEyFCc3ubHAb%2FyYpvwIDiGW1BIExEEBG15ZW%2F9zUo7%2FLilFFsI7BplBgQSK1Wz0f1Q%2B8rEdzSD%2FtRSlr9X9%2FbAA1jP40NKq3zp7CjF0Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7787257e4ff3fb7c-AKL
content-length
0
date
Mon, 12 Dec 2022 14:28:26 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJAzipoVTp66RlKlQ7WyYlx1b5UKuliz%2BJdx%2BiH3bC7r7W6Jd7Ji3683gDSDnUFOMIsJoCSG3c8cvTXcUZbB0jyG0d%2F7rVGaSbbyLWM%2BxujecizmaOTuLF1NQ96pvnsvHs1kN9p4an3t1A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/match/ Frame 5C1A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=a76b6397-3a8a-4800-a1c9-daac6428916b&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=a76b6397-3a8a-4800-a1c9-daac6428916b&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670855302152
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 12 Dec 2022 14:28:26 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x21 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=a76b6397-3a8a-4800-a1c9-daac6428916b&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Dec 2022 14:28:25 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 5C1A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670855302152
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 5C1A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1331351485264205355
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1331351485264205355
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670855302152
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:26 GMT
AN-X-Request-Uuid
4c9dd986-21d6-447d-b02a-f8a7e16635f8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1331351485264205355
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5C1A 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=nssAYfqFc15051AeJbbtPZ87iH0s5TZBBDN_1-BUJ7s
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670855302152
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5C1A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhQa8qpTq3GXgrEopBCOuWaoYr4ENZNWKkQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhQa8qpTq3GXgrEopBCOuWaoYr4ENZNWKkQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670855302152
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhQa8qpTq3GXgrEopBCOuWaoYr4ENZNWKkQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 5C1A 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670855302152
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:26 GMT
content-length
0
/
onetag-sys.com/match/ Frame 5C1A
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCIr13JwGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670855302152
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Mon, 12 Dec 2022 14:28:26 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 5C1A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RxzB1r6yjPTXO_nh_IyGTGmpy0UsH3byxxOnHBfI7wY
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RxzB1r6yjPTXO_nh_IyGTGmpy0UsH3byxxOnHBfI7wY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670855302152
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2D1DX0974RAEWTAVT99J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RxzB1r6yjPTXO_nh_IyGTGmpy0UsH3byxxOnHBfI7wY
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 5C1A 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670855302152
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:27:46 GMT
content-length
0
/
onetag-sys.com/match/ Frame 5C1A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGv6K5p1rhzOSrK_AMPESNU&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGv6K5p1rhzOSrK_AMPESNU&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670855302152
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGv6K5p1rhzOSrK_AMPESNU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 5C1A 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670855302152
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 5C1A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670855302152
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame 5C1A 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1670855302152
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 14:28:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
bounce
ib.adnxs.com/ Frame 91A0
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:26 GMT
AN-X-Request-Uuid
fbe48d90-22bb-4af3-b94a-30a594de2846
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:25 GMT
AN-X-Request-Uuid
ea9ae165-5db1-416d-bde9-6c9c26f61187
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
7395b51838104e93b35090bac8fa5639_cpn_336x280_1.jpg
static.criteo.net/design/dt/85833/221202/ Frame EB97 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/85833/221202/7395b51838104e93b35090bac8fa5639_cpn_336x280_1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
160a0ae1429f0dc06b33c95765a37fa96bc032e333fb6ad6327da181e730af8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 02 Dec 2022 13:28:23 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6389fd77-607f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
24703
expires
Thu, 07 Dec 2023 14:28:25 GMT
sync
gum.criteo.com/ Frame 53FF 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
368912
expires
60
usync.html
eus.rubiconproject.com/ Frame 5279
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Dec 2022 14:28:27 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 12 Dec 2022 14:28:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 9046
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Drkt%26refUrl%3D%26vid%3D085530603331385690574455730...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3138569057445573000V10&type=rkt&refUrl=&vid=08553060333138569057445573000V10&ovsid=1972084068249698936
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3138569057445573000V10&type=rkt&refUrl=&vid=08553060333138569057445573000V10&ovsid=1972084068249698936
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.140.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Mon, 12 Dec 2022 14:28:27 GMT
expires
Mon, 12 Dec 2022 14:28:27 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 12 Dec 2022 14:28:27 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3138569057445573000V10&type=rkt&refUrl=&vid=08553060333138569057445573000V10&ovsid=1972084068249698936
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6FB8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Dpba%26refUrl%3D%26vid%3D08553060333138569057445573000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161030
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 14:28:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 14 Dec 2022 11:12:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 53FF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Dapx%26refUrl%3D%26vid%3D08553060333138569057445573000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3138569057445573000V10&type=apx&refUrl=&vid=08553060333138569057445573000V10&ovsid=117597611884616147
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3138569057445573000V10&type=apx&refUrl=&vid=08553060333138569057445573000V10&ovsid=117597611884616147
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.58.140.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 12 Dec 2022 14:28:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 12 Dec 2022 14:28:26 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:26 GMT
AN-X-Request-Uuid
dff231f4-2d05-416d-939b-1763e4ab9640
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3138569057445573000V10&type=apx&refUrl=&vid=08553060333138569057445573000V10&ovsid=117597611884616147
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 53FF
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3138569057445573...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3138569057445573000V10&type=opx&refUrl=&vid=08553060333138569057445573000V10&ovsid=c9a0e09e-1a8c-4fce-b251-fbc47f3617ca
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3138569057445573000V10&type=opx&refUrl=&vid=08553060333138569057445573000V10&ovsid=c9a0e09e-1a8c-4fce-b251-fbc47f3617ca
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.58.140.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 12 Dec 2022 14:28:26 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Mon, 12 Dec 2022 14:28:26 GMT

Redirect headers

date
Mon, 12 Dec 2022 14:28:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3138569057445573000V10&type=opx&refUrl=&vid=08553060333138569057445573000V10&ovsid=c9a0e09e-1a8c-4fce-b251-fbc47f3617ca
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 53FF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Dmma%26refUrl%3D%26vid%3D085530603331385690574455...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3138569057445573000V10&type=mma&refUrl=&vid=08553060333138569057445573000V10&ovsid=eafc6397-3a8a-4d00-9076-f9217c251418
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3138569057445573000V10&type=mma&refUrl=&vid=08553060333138569057445573000V10&ovsid=eafc6397-3a8a-4d00-9076-f9217c251418
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.58.140.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 12 Dec 2022 14:28:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 12 Dec 2022 14:28:26 GMT

Redirect headers

Date
Mon, 12 Dec 2022 14:28:26 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3138569057445573000V10&type=mma&refUrl=&vid=08553060333138569057445573000V10&ovsid=eafc6397-3a8a-4d00-9076-f9217c251418
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Dec 2022 14:28:25 GMT
RX-6adccad7-27ff-4625-886f-a470ba92471c-004
sync.targeting.unrulymedia.com/csync/ Frame 53FF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Dr1%26refUrl%3D%26vid%3D08553060333138569057...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Dr1%26refUrl%3D%26vid%3D08553060333138...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3052993830
  • https://sync.1rx.io/usersync/tradedesk/a8f77359-9db5-4714-9b79-a4238e9812fb
  • https://sync.targeting.unrulymedia.com/csync/RX-6adccad7-27ff-4625-886f-a470ba92471c-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-6adccad7-27ff-4625-886f-a470ba92471c-004
0
0
cksync.php
contextual.media.net/ Frame 53FF
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Ddxu%26refUrl%3D%26vid%3D08553060333138569057445...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Ddxu%26refUrl%3D%26vid%3D08553060333138569...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3138569057445573000V10&type=dxu&refUrl=&vid=08553060333138569057445573000V10&ovsid=hwq3O7rq1P4JN85
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3138569057445573000V10&type=dxu&refUrl=&vid=08553060333138569057445573000V10&ovsid=hwq3O7rq1P4JN85
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.58.140.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 12 Dec 2022 14:28:27 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 12 Dec 2022 14:28:27 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:26 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0d347ca036a683313@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3138569057445573000V10&type=dxu&refUrl=&vid=08553060333138569057445573000V10&ovsid=hwq3O7rq1P4JN85
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 53FF
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=d8b1dc40-f93e-47f9-8110-eee8d04156f2
45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=d8b1dc40-f93e-47f9-8110-eee8d04156f2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.58.140.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 12 Dec 2022 14:28:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 12 Dec 2022 14:28:26 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=d8b1dc40-f93e-47f9-8110-eee8d04156f2
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1240784
content-length
0
expires
Mon, 12 Dec 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 53FF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=ae11f77e-2cb5-4aa2-8ef9-45f050485375&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-.JyEwNRE2pl0AuJNEdkbhZBZvJ9wusJIugIhkA--~A&expires=5
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=4a4de29a-7eba-432a-bbe8-e0c014e3d592&gdpr=&gdpr_consent=&gdpr_pd=
45 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=4a4de29a-7eba-432a-bbe8-e0c014e3d592&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.58.140.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 12 Dec 2022 14:28:27 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 12 Dec 2022 14:28:27 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=4a4de29a-7eba-432a-bbe8-e0c014e3d592&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 12 Dec 2022 14:28:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
23178
stags.bluekai.com/site/ Frame 53FF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3138569057445573000V10%26type%3Dzem%26refUrl%3D%26vid%3D08553060333138569057445573...
  • https://stags.bluekai.com/site/23178?id=SqCuI-akEWQDToiD8uvb&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
0
0
sync
rtb.mfadsrvr.com/ul_cb/ Frame 53FF
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3138569057445573000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3138569057445573000V10
0
0
cksync
cs.media.net/ Frame 53FF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=a8f77359-9db5-4714-9b79-a4238e9812fb
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=a8f77359-9db5-4714-9b79-a4238e9812fb
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:27 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Mon, 12 Dec 2022 14:28:27 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=a8f77359-9db5-4714-9b79-a4238e9812fb
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
usync.js
eus.rubiconproject.com/ Frame F7B6 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
902480d47ecfbc854a0ca98d9a6a1838c87a25a298f62e211891b09ec785c2b0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 14:28:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Dec 2022 05:52:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55444
Connection
keep-alive
Content-Length
10065
Expires
Tue, 13 Dec 2022 05:52:30 GMT
xuid
eb2.3lift.com/ Frame C859
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a8f77359-9db5-4714-9b79-a4238e9812fb&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=a8f77359-9db5-4714-9b79-a4238e9812fb&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 12 Dec 2022 14:28:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=a8f77359-9db5-4714-9b79-a4238e9812fb&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame C859
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc1NDUwMjU2ODYyMTk1Nzc4NjkzMw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame C859
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEFK4UrnyyiZJT3v5f4p5HM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEFK4UrnyyiZJT3v5f4p5HM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 12 Dec 2022 14:28:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEFK4UrnyyiZJT3v5f4p5HM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C859
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc1NDUwMjU2ODYyMTk1Nzc4NjkzMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc1NDUwMjU2ODYyMTk1Nzc4NjkzMw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjc1NDUwMjU2ODYyMTk1Nzc4NjkzMw%3D%3D
date
Mon, 12 Dec 2022 14:28:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame C859
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2754502568621957786933&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2754502568621957786933&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=72571d73-4406-4a18-8e11-fec7f36aa1d8&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=72571d73-4406-4a18-8e11-fec7f36aa1d8&_noobservation=1&_expected_cookie=7dd17bf...
43 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=72571d73-4406-4a18-8e11-fec7f36aa1d8&_noobservation=1&_expected_cookie=7dd17bf851157838d959afc00e264d76
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.99.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Mon, 12 Dec 2022 14:28:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7787258a6dc3a941-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=72571d73-4406-4a18-8e11-fec7f36aa1d8&_noobservation=1&_expected_cookie=7dd17bf851157838d959afc00e264d76
date
Mon, 12 Dec 2022 14:28:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
77872588ece0a941-SYD
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame C859
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2754502568621957786933&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=2754502568621957786933&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4a4de29a-7eba-432a-bbe8-e0c014e3d592&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522801271569356404&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522801271569356404&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
0
0
xuid
eb2.3lift.com/ Frame C859
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2754502568621957786933?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-yC5vqHpE2oT7iuAoDXB6u6eFR9oNUTgh5JhlD28Ywg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-yC5vqHpE2oT7iuAoDXB6u6eFR9oNUTgh5JhlD28Ywg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 12 Dec 2022 14:28:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 12 Dec 2022 14:28:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-yC5vqHpE2oT7iuAoDXB6u6eFR9oNUTgh5JhlD28Ywg--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame C859
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2754502568621957786933
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2754502568621957786933&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2754502568621957786933&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J94N1DY0XS221KTRZZ0D
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2754502568621957786933&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame C859 		42 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2754502568621957786933&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 216A389F570D42F5AC4624995012F0CF Ref B: SYD03EDGE1420 Ref C: 2022-12-12T14:28:26Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame C859
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=117597611884616147&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=117597611884616147&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 12 Dec 2022 14:28:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:26 GMT
AN-X-Request-Uuid
4ec83230-c6dc-4870-9641-435214851583
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=117597611884616147&dongle=4d58&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
asia.adform.net/adfserve/ Frame 8227 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asia.adform.net/adfserve/?CC=1&bn=56367621;click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCchWihjqXY9ucGsrorQHHq53QAY6h_-9tnZy51YoKwI23ARABIABgq-yxheAYggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQngAgCoAwGqBKgCT9BrADEMUuE3Zrt4Ko_SlLwR-1gN5SlAznXVD68wTs_N4XlVuDO9Cnfni27lJ9x8gth37-3VX-sxR5xGYznkdXfq7Fv4GCDj6AXBcombwi56TFf_ua0ncpR1XbMtcoh_Fkedbk0QdDWwVgX6_Cgw2YseEP4BllZJlA7r3GHUxR0IkMuaYBVqOFS3XIYYy_2mfMFlyMH1HMr1PF2h20z6HOticbDZ0CmEVo5eBzuiX2FDcZBQL6YpyCaPrsYKvJltRu0gGG-zVvH_qUCo6pqlYg60swhEiTKRbY43mTCe74FdzYIyzWz18mdJDvfiXY8nPFnwUP9l8lMB1Ibu45lndjPAolsxClu4qKDDDXtn-V0DFhLJH1Fl0tnK4lYW9Jfso_Yj-BiBUsjgBAGABofS48zJpOj8VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0cfSO5boi05YZGqIgujH1rbvMUEw%26client%3Dca-pub-8933329999391104%26adurl%3Dhttps%253A%252F%252Fr1-usc1.zemanta.com%252Frp2%252Fb1_googleadx_display%252F27660748%252F92404980%252FAGKG7OXTSH5KT4AWFG7IIEA6LWEB5BAJXESCUJ5ER23NP5DE77AWUECK6E5Z2UC6XJBJBOVECXVVRBVRIKF6MIJ7XW2KOATYW45AZMUEKMQX2ZR5R7VPD3RLS22AFVHZJA5XHQMJQKRRRDTDT3NUPHMHBYQVMLB7WSNCYWTAO6GB34MEUQAEVHVAC3HQANYS4TGEAJ7S36PQFLB4M4LQLIZ2D4XZ2MOHN2HNATVMSIGKXUWOBZ4LQFDOKBSZTDHFX2ROBZMR67F3EE7OYQYSXXTWUZB7ACJJLTLKW7HN3YCLI4F6MGJLJQ5SRGWUJSCL3R7IOFXL6DHCOSHUZDHJ4GYH5LO4662L37WQES7327DD7L5ATL4RRWPPRFQRC2LMDNYP36TNMKHISJFQAD64EGAI3BFMQLARBDNRBZFZQUG3RXRTR4IJIRUZXNQKOP7KN5QRQAPYNC26J3SVG3OA37OJDFFQOKCV24AOTJORBBXSDI5LTRCUXBJZ5PZRY3BYDNCV5Z2A3DH6QHUHATVVQ4R2JKXFUOZB6YD3MS3AQ5A6ZP5GHTGMDIN7J3W7M3OR%252F%253Frurl%253D;js=1;adfxid=1x;2089;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.bg3.co
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ce177dd779f8f6e3ddd7ae34e64d9dfa57987378fbbc949ffaa9a2f2a11e0c0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3803
expires
-1
sodar
pagead2.googlesyndication.com/pagead/ Frame 48F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221206&jk=1346008572914845&bg=!Pj2lPXnNAAYgquz3AKo7ACkAdvg8WitIRZaW-FCXutNMFP1bT7g_LP7aNIvYTVT88LvfN_nkCF3DaQIAAABhUgAAAANoAQeZAr-qF00GGP2Tz_N0B6o7AJRCWGOhmh7Iu7_D4ik95deNC2jAQqiyEPxgKsvton8DvlqLRo5C0ESOw2aO_ryCuhFmDybMjL8P6ST_bAN68oaigG_hLPT6VYiTIrqIXcG_C0bK1j0xx12FV3OATO38oE6KUUVGABP8IvZsoyWGsauRNqO5h8b9yc5z4LlldqlhEIceWlC2WbEI1z82URqiKpuhb1nsf5OFfHvwFXgAOsy6T7SBKGMhcR7xccSMD8G5TxKlMJE_Fub_Y7e0V4LH0A1K1CDX4m9f82FXsnepoY97J14oR11I_72AtLpEJS_Y3lKoxwUve5P2eEKE1_YwOGItbwyQ0C0XkEVMphjwf02WI6fpWJhzXDzBbRv228NtU0J_mPELK1ZyslUMSepVLPW8ACmSrSB5Nsd0az6vbVFQ3BfkTbN_U8yjf2qB740dsz5rRkCZKcgtaWC-WRNFmei67mRSkTTSV_tqAUjPvPdfc0mUi67jdrOanvUgKJ5TIppILVX3v_xabn34PfwlAGwjoM9n8Xx7VoQjiBW-r7QYcCFidulH7Dlg3-tT0pW0stzOzaQbFsYSZNmJXlDoFHEraEziAIzpdx8HREttKo7KqYknCDJfzjbw59gtVFBpnXOnPUqCjLf_JsqoNAyr1LToytpsvIUQrPpRntm4QH3IXehbFXIT7XvcUIPGxIsvkZM2DIT0OLNebKDHVDdSvqrotWCQkjvLdk5Vbsyo7hnMbgaM1W1yYUEDhjHTTkL7d1BZPDKPPIzeUNcVSt1n7XF1CLt8nzxv4989YG7pipccbJmzPCw9y8mJLur_yVR2gaLeU_klG4aszvtuBCEUHK_Hm0pfnCkhPMacj0XJqwyhNYuTA_5Uwwux3NUoZfCwtn5BK50qgMXntSQxYP7WHg19A87zMCOQjQJcVCHS7SYO
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3B66 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
85738
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 14:39:28 GMT
etag
48472445140208031
expires
Mon, 12 Dec 2022 14:39:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8227 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff727cf64ebaccfe474755d03bbc568af4549583843966db649f462c09664b15

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
tap.php
pixel.rubiconproject.com/ Frame F7B6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yOi54I3sMyCZ9UJqoqCf2Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C.V3cQhE2oIkPPXOoPJMfvOCTd3gzbWyuI_Fwg--~A
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C.V3cQhE2oIkPPXOoPJMfvOCTd3gzbWyuI_Fwg--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 12 Dec 2022 14:28:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-C.V3cQhE2oIkPPXOoPJMfvOCTd3gzbWyuI_Fwg--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame F7B6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBKW3TQF-1B-HY8J
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBKW3TQF-1B-HY8J
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 5FF90C11160D4AADABE362FA4599A02B Ref B: SYD03EDGE2120 Ref C: 2022-12-12T14:28:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvolEWLJheu79721h+0w==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBKW3TQF-1B-HY8J
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame F7B6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xPd8MEGnRt2kF48XwR-X5g&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xPd8MEGnRt2kF48XwR-X5g
0
0
pixel
cm.g.doubleclick.net/ Frame F7B6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJLVzNUUUYtMUItSFk4Sg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJLVzNUUUYtMUItSFk4Sg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJLVzNUUUYtMUItSFk4Sg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F7B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFbfuuiT9-VjzEXRc28g5i8&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFbfuuiT9-VjzEXRc28g5i8&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFbfuuiT9-VjzEXRc28g5i8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame F7B6
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
0
0
pixel
cm.g.doubleclick.net/ Frame F7B6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI5NTJhNGQ4N2NjYTc2N2ViMmVjODNjYWQ5YmIxODViYzhlNzE3OQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI5NTJhNGQ4N2NjYTc2N2ViMmVjODNjYWQ5YmIxODViYzhlNzE3OQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzI5NTJhNGQ4N2NjYTc2N2ViMmVjODNjYWQ5YmIxODViYzhlNzE3OQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F7B6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=&expires=30
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
13926
g2.gumgum.com/usync/ Frame 745C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.211.51 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e63f5110a386ba1fb6a1c43392d8bd6eb1f4d551af4dcfb878eb2c01879c3bb0

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 12 Dec 2022 14:28:27 GMT
etag
W/"01e222cae6dde314dd5f1ad03872d0768"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 2764 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
fe8a2106cf458273ad91eff023281df88e9b25dac717745ff4ca53bb20d90952
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1395
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 640F 		896 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8952b61c840104e3708168b5f136dc96715ca5b4330d7a788d42d8a5d4b00793

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
896
content-type
text/html
date
Mon, 12 Dec 2022 14:28:27 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 1BD8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e83aec45bce795d32a9aacf90821dbb34a685f301748b783b6809fb5b419b60f

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778725820d451c58-AKL
content-encoding
br
content-type
text/html
date
Mon, 12 Dec 2022 14:28:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZakGYijjqcD1Qj1VHrXNm07Vea6ETGIMHnp3txfUjXtWKSkOQkFsWe6H%2FmR0xiys3ni%2BzR3%2FTWR0NTnnR2RWPkJOROiOaTzefnimBCsc161rchk2UvlZp%2BdXqVyTiUXHL2NdCcUuWq3Jlw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 235D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Dec 2022 14:28:27 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 12 Dec 2022 14:28:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 674E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161030
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 14:28:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 14 Dec 2022 11:12:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame F348 		145 B
719 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.73 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b317883273c6b5b5ac13ee341696d72eb5b2996d22d027f999d6cfb963e5b390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
145
content-type
text/html
date
Mon, 12 Dec 2022 14:28:27 GMT
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
x-amz-cf-id
EmuiEVqvA7DUHHKn3S6Xi4e9rD56ZC-AV45rFTMrNEilgObHwu0Hkw==
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
sync
ads.servenobid.com/ Frame 5A8B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=117597611884616147
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=117597611884616147
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:26 GMT
AN-X-Request-Uuid
ca4a1d3b-5104-4515-8f6c-40d8248a4016
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=117597611884616147
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 5A8B
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FzdkDRZH6wcc7iM_Sd6UxzWf
0
0
sync
ads.servenobid.com/ Frame 5A8B
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FzdkCLZHSslaePjASBWsGmAi
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FzdkCLZHSslaePjASBWsGmAi
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Mon, 12 Dec 2022 14:28:27 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FzdkCLZHSslaePjASBWsGmAi
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
RX-6adccad7-27ff-4625-886f-a470ba92471c-004
sync.targeting.unrulymedia.com/csync/ Frame 5A8B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1670855306944
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6938377290
  • https://sync.1rx.io/usersync/tradedesk/a8f77359-9db5-4714-9b79-a4238e9812fb
  • https://sync.targeting.unrulymedia.com/csync/RX-6adccad7-27ff-4625-886f-a470ba92471c-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-6adccad7-27ff-4625-886f-a470ba92471c-004
0
0
sync
ads.servenobid.com/ Frame 5A8B
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=2019090387499638504
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=2019090387499638504
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=2019090387499638504
Date
Mon, 12 Dec 2022 14:28:27 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 5A8B 		0
0
pixel
ap.lijit.com/ Frame 5A8B
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F7094%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D7ca25c03-5145-422c-90f...
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F7094%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D7ca25c03-5145-422c-90fc-d6e334e34f01%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
209.191.163.208 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Dec 2022 14:28:27 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F7094%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D7ca25c03-5145-422c-90fc-d6e334e34f01%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
date
Mon, 12 Dec 2022 14:28:25 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 5A8B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-3wWwU_dE2uGKd8BuF4ww6SHlAZq1Ol3S5BWthhE-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-3wWwU_dE2uGKd8BuF4ww6SHlAZq1Ol3S5BWthhE-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-3wWwU_dE2uGKd8BuF4ww6SHlAZq1Ol3S5BWthhE-~A
date
Mon, 12 Dec 2022 14:28:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ Frame 5A8B
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zNDM1OTk2OC1mYzRiLTNmZGYtYTBjZi1iY2RlNWE2ODA...
0
0
sync
ads.servenobid.com/ Frame 5A8B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-3wWwU_dE2uGKd8BuF4ww6SHlAZq1Ol3S5BWthhE-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-3wWwU_dE2uGKd8BuF4ww6SHlAZq1Ol3S5BWthhE-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-3wWwU_dE2uGKd8BuF4ww6SHlAZq1Ol3S5BWthhE-~A
date
Mon, 12 Dec 2022 14:28:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Standard
s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 8227 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.56 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:26 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
EXPIRED, STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 09 Dec 2022 16:24:09 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 2141
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPH0MXB8oyrhSMF4g-k0Zro&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPH0MXB8oyrhSMF4g-k0Zro&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjK1ib2ieZ8m8nDAqzAUZvppyTckfaR%2BqOXoSYM6c009RPLDgsHgVcUOvH6OVXTh5UdiFZqeBGlf35YVBs9A0v4taduICBANYMocONOBOJIbI8qtU9DuurKuqaYEEfB%2Fv2Yl157MhsAYMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
778725850e091c58-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPH0MXB8oyrhSMF4g-k0Zro&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2141
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a8f77359-9db5-4714-9b79-a4238e9812fb&expiration=1673447306&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a8f77359-9db5-4714-9b79-a4238e9812fb&expiration=1673447306&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a8f77359-9db5-4714-9b79-a4238e9812fb&expiration=1673447306&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
dcm
s.amazon-adsystem.com/ Frame 2141
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5746W2VP2R4ZAMN7V99V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3S36MGQ20CN4XHS1GK61
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2141
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5c6ivAg.JGYThEBey1VrwAA
0
0
rum
dsum-sec.casalemedia.com/ Frame 2141
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4356560833940453138
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4356560833940453138
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4356560833940453138
pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
23178
stags.bluekai.com/site/ Frame 2141
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=vgCwqD3o_-OIq-mvSePz&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
0
0
crum
dsum.casalemedia.com/ Frame 2141
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=117597611884616147
43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=117597611884616147
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=152jBBiyQCBKp3z4X9aA4zC2vEEUn2Jh8HVq4R0Q%2F2vkVGLWME19gfELEU6e3FaDSXgLsryO%2BLhOYpdQhC%2FWAXWD8iSx4VMPZM%2FpJymIyDcaQ%2BZvUShphnsswGcJAzOFO8pzaXWz"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77872586983b1c5c-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:26 GMT
AN-X-Request-Uuid
05e3723c-14a7-4262-b5f9-70f5e270cd62
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=117597611884616147
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2141
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=087b220419d19e55720d8df9&expiration=[EXPIRATION]
0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 2141 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5c6ivAg.JGYThEBey1VrwAA%265337
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
7868
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
778725883c071c4d-AKL
content-length
43
expires
Tue, 13 Dec 2022 14:28:27 GMT
dpixel
cms.quantserve.com/ Frame 3B66 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEACCDrvZ0zgiv2t8Wl2z-ws&google_cver=1&google_push=ASkJ3FY_LKRwEaa4HoqipQRPuSkmUxfpyYIv2wqbZdCuDfB0wO13tVwTCAHCh_uQGE11Alvdkh1nTdz1I4gFwVhvoceiEBNzizs
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3B66
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGHKdPz0bW2-8nw-CdUTX6s&google_cver=1&google_push=ASkJ3FbBXQDhGImoeNyJyhecUPWdbvv7hS7ZllKx4MFIEGxr3_gNGX2zWDieb_McsWm3yX7TiLUzg6fYb55cyStA...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=6vxjlzqKTQCQdvkhfCUUGA&google_push=ASkJ3FbBXQDhGImoeNyJyhecUPWdbvv7hS7ZllKx4MFIEGxr3_gNGX2zWDieb_McsWm3yX7TiLUzg6fYb55cyStAbNtwWc4j...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=6vxjlzqKTQCQdvkhfCUUGA&google_push=ASkJ3FbBXQDhGImoeNyJyhecUPWdbvv7hS7ZllKx4MFIEGxr3_gNGX2zWDieb_McsWm3yX7TiLUzg6fYb55cyStAbNtwWc4jddVr
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Dec 2022 14:28:26 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x9 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=6vxjlzqKTQCQdvkhfCUUGA&google_push=ASkJ3FbBXQDhGImoeNyJyhecUPWdbvv7hS7ZllKx4MFIEGxr3_gNGX2zWDieb_McsWm3yX7TiLUzg6fYb55cyStAbNtwWc4jddVr
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Dec 2022 14:28:25 GMT
pixel
cm.g.doubleclick.net/ Frame 3B66
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJESHXxmevCZj9Ce6ie1n5E&google_cver=1&google_push=ASkJ3FZXgtjogEFcuDRRRY95VGbbvdXmnJS2bu7p02WmIwXVtjlEGGseH99oG0smsmDG-UGQTR-UUXZVKW3BEwP688o-...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJESHXxmevCZj9Ce6ie1n5E&google_cver=1&google_push=ASkJ3FZXgtjogEFcuDRRRY95VGbbvdXmnJS2bu7p02WmIwXVtjlEGGseH99oG0smsmDG-UGQTR-UUXZVKW3BEw...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZXgtjogEFcuDRRRY95VGbbvdXmnJS2bu7p02WmIwXVtjlEGGseH99oG0smsmDG-UGQTR-UUXZVKW3BEwP688o-Nreh9-xE&google_hm=cmcSPsdbSD6Tle3kE0XWLA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZXgtjogEFcuDRRRY95VGbbvdXmnJS2bu7p02WmIwXVtjlEGGseH99oG0smsmDG-UGQTR-UUXZVKW3BEwP688o-Nreh9-xE&google_hm=cmcSPsdbSD6Tle3kE0XWLA==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FZXgtjogEFcuDRRRY95VGbbvdXmnJS2bu7p02WmIwXVtjlEGGseH99oG0smsmDG-UGQTR-UUXZVKW3BEwP688o-Nreh9-xE&google_hm=cmcSPsdbSD6Tle3kE0XWLA==
Date
Mon, 12 Dec 2022 14:28:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3B66
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC_LjlQ9fU37Q0RwVM3swM0&google_cver=1&google_push=ASkJ3FYO5GkD_E_6FxoZ5PJxOiMOFujl8PWPm_Q7g7_KiPHVvoAVHvy14o4PCyKS_cqCsTjRIA57B7mg...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ1MDI3MzkzNDc4OTQ5MDU3OQ&google_push=ASkJ3FYO5GkD_E_6FxoZ5PJxOiMOFujl8PWPm_Q7g7_KiPHVvoAVHvy14o4PCyKS_cqCsTjRIA57B7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ1MDI3MzkzNDc4OTQ5MDU3OQ&google_push=ASkJ3FYO5GkD_E_6FxoZ5PJxOiMOFujl8PWPm_Q7g7_KiPHVvoAVHvy14o4PCyKS_cqCsTjRIA57B7mguEJHfJOrPZUAAy0bxLX1
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ1MDI3MzkzNDc4OTQ5MDU3OQ&google_push=ASkJ3FYO5GkD_E_6FxoZ5PJxOiMOFujl8PWPm_Q7g7_KiPHVvoAVHvy14o4PCyKS_cqCsTjRIA57B7mguEJHfJOrPZUAAy0bxLX1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 3B66
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJ1nJQ2lKtzoiMaZEir33Ww&google_cver=1&google_push=ASkJ3Faggx_C9cVkrrpoRuu7TZyNjvbTD3XQ1S_9DSvedb3szGTj8MyX5nMgn3ZayOuwNH11md0rtyuoYdp-OCmb...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=0ee390ef&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3Faggx_C9cVkrrpoRuu7TZyNjvbTD3XQ1S_9DSvedb3s...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=0ee390ef&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3Faggx_C9cVkrrpoRuu7TZyNjvbTD3XQ1S_9DSvedb3szGTj8MyX5nMgn3ZayOuwNH11md0rtyuoYdp-OCmbFGXNxlr1AsU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Dec 2022 14:28:27 GMT
via
1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=0ee390ef&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3Faggx_C9cVkrrpoRuu7TZyNjvbTD3XQ1S_9DSvedb3szGTj8MyX5nMgn3ZayOuwNH11md0rtyuoYdp-OCmbFGXNxlr1AsU
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
LCoCgkY61hfim_t4vnDR1y_UdQhnhTN1wkYGMtpXUeKDdpJpSOpNsA==
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 3B66 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEOMpMj3KRgathIGVq1niKSg&google_cver=1&google_push=ASkJ3FY_3nn_luhYajoJgBTXVNKXMZQ8CbZhpgoRhufbQb9rZFQh5-A-V1dyeOIobI_UhSIFp-Jjvgutvyb0yzdJMiU7x2GfjrIm
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 14:28:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 3B66
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEC6tMVAx2SQhrK0iOMjFw7w&google_cver=1&google_push=ASkJ3FY8wXA-nvv2eIwDYV_zTYUEMRngZUSdLa65rusnkB012V1aPLR2MOAgRyOUO7Z8z8_a8d0u8lj_ANA_D30TX...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MDhkMGQxYTItMjJmYi00ODUzLWFjZjQtNzg0YjJmNjgxMWZk&google_push=ASkJ3FY8wXA-nvv2eIwDYV_zTYUEMRngZUSdLa65rusnkB012V1aPLR2MOAgRyOU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MDhkMGQxYTItMjJmYi00ODUzLWFjZjQtNzg0YjJmNjgxMWZk&google_push=ASkJ3FY8wXA-nvv2eIwDYV_zTYUEMRngZUSdLa65rusnkB012V1aPLR2MOAgRyOUO7Z8z8_a8d0u8lj_ANA_D30TXJ4emngB6J1oog
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MDhkMGQxYTItMjJmYi00ODUzLWFjZjQtNzg0YjJmNjgxMWZk&google_push=ASkJ3FY8wXA-nvv2eIwDYV_zTYUEMRngZUSdLa65rusnkB012V1aPLR2MOAgRyOUO7Z8z8_a8d0u8lj_ANA_D30TXJ4emngB6J1oog
date
Mon, 12 Dec 2022 14:28:27 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3B66 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IWwSurHBdk1qNSvXU0pynZjlT4K6inWUHuMdAC6q7vGOFKP77OEXPeN9y8i9R_D0skk0I1SA
Requested by
Host: a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
URL: https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
async_usersync
ib.adnxs.com/ Frame 91A0 		0
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:26 GMT
AN-X-Request-Uuid
1602ec4d-7a53-4db1-940a-7404d600b2c2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1BD8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=117597611884616147
0
0
Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1BD8 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.213.162.168 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-213-162-168.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1BD8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
13.213.162.168 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-213-162-168.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB
date
Mon, 12 Dec 2022 14:28:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 1BD8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5c6iwADbqhd7AAo
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5c6iwADbqhd7AAo&_test=Y5c6iwADbqhd7AAo
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5c6iwADbqhd7AAo&_test=Y5c6iwADbqhd7AAo
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-mel11260-MEL
pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1670855308.565504,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5c6iwADbqhd7AAo&_test=Y5c6iwADbqhd7AAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 1BD8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=SWqtnkw4rJ9SP6afHmy5nE869ZBSPPfKGzpxexTa
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=SWqtnkw4rJ9SP6afHmy5nE869ZBSPPfKGzpxexTa
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=SWqtnkw4rJ9SP6afHmy5nE869ZBSPPfKGzpxexTa
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 1BD8 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.184.194 -, , ASN (),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 1BD8
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=087b220419f9cd3ff514e707&expiration=[EXPIRATION]
0
0
dcm
s.amazon-adsystem.com/ Frame 1BD8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SV3YGT6A23G1HNN86HAE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RCSJPHT7PNARPM2YHCCN
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.servenobid.com/ Frame 1BD8 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y5c6ivAg-JGYThEBey1VrwAAFNkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 2BB0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221206&jk=3172550417314986&bg=!BgWlBUHNAAYgquz3AKo7ACkAdvg8Wuzphom5IiXMrcPZzSJIsXakzuKt-vduWavyQPtiIhzYaMLHCwIAAABgUgAAAANoAQcKAEuOrocCTcWUoMOousUb7GDJp1v-dH0czER3-7Iq030uvx0G8Y3U8oqfUllT0-t0AXsUsmswxCq_L4LGg3pVlSvcjtCtF-XG5Qnf7t-ZAsnokWzFnQqoJY_9LMAXZ-sn3Mqm3_s6YDozUmLwUT-o1xocjVcV6K-hcVla4BbRBWukCJyOD-VrUdMaPedM2Ze8uvIZrtryOt8kK8ron7WKtOg2juLiRKEnaBB6Y7d8NTRBVoavMrfS91doC_ieFgDKMpJEV3i-cQw4ThuFFr4NiXCQgy4-hnjoyZhXlaqA_fmcGpmSHNY_ZazNmXfyuPixaB0v2LbhtxrGvzfnxONJ5OhbNNmOHmHB3tM3-jUeeKkVGLG6W3byayi8mmHKUAyk_TZ1W1xrqh3QhMJmmwZNyS8F-c5-3xyn2f__iMYwrvhyQLcCmVsn9_4j4owbQrm7RbJw6zTaeUBII3ZWFAkpmcL-qUqeDomcjV9dMkCRvqIN5A3d_PtqehXzCTtjg-Z0EpgUXBYcWH659ty8LOErc4i_mYaUJaZ301AB2E2UcwRLdULwQvvRd7mb1qnRz8wsflNrHd6fhsZIFP52r1ZzjUiES89X-_E1I6IHs1kKRTcyLDYjw4mB9W1zcabucR33EpO7TL1orPuN9zCdshz6YxNT38WAqkdPXwz3vIF8NHPT8EyURwA496R3fcwW_bFCNsUF6Q4tVCnekfCvwGUY_fS-dIgXeqoMLP-qs_ogGMTOcMiRHkmbAe7xptHGUj9_pWKnAefRaJwH7Y4v-RvZqTUSN70Vj-fjTVLbHbscc4wp8DT2pkackp6hPaXtjHNxXAH1zgD_xfbx-fAU1npPKTRS8rmt35ZvJprf1TlHPgaG90_s6jaQe0QhHx7AwQm6aWWuW-ON1bBAILioZ8-81ucfGsJNzJHs-bc9WiLJoOIP8otYKi8x1xCREiznn9pUEVPvlN4IdqPkKmv6e6x1fCLJgI-sxm7b2ujfX4ybiXNXbNExthCt2hX12PqGGIzjBSrCR7_qJLGHDXiSGSGVruZjULc7dNGBvQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame 674E 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14530078&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7ef57adb4f771d9cdaade4899b1aed3411c3868ba990d019f2454924ff74c24c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 14:28:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 2764
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhQa8sABTYaB4zCx1e4Ts4J2i8C4eaEFtBw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhQa8sABTYaB4zCx1e4Ts4J2i8C4eaEFtBw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhQa8sABTYaB4zCx1e4Ts4J2i8C4eaEFtBw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 2764 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame 2764
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGv6K5p1rhzOSrK_AMPESNU&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGv6K5p1rhzOSrK_AMPESNU&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGv6K5p1rhzOSrK_AMPESNU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 2764
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=eafc6397-3a8a-4d00-9076-f9217c251418&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=eafc6397-3a8a-4d00-9076-f9217c251418&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 12 Dec 2022 14:28:27 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x16 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=eafc6397-3a8a-4d00-9076-f9217c251418&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Dec 2022 14:28:26 GMT
/
onetag-sys.com/match/ Frame 2764
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LBKW3TQF-1B-HY8J&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LBKW3TQF-1B-HY8J&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LBKW3TQF-1B-HY8J&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
/
onetag-sys.com/match/ Frame 2764
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=117597611884616147
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=117597611884616147
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:27 GMT
AN-X-Request-Uuid
a9d0e07e-3cc6-4734-8083-5685e2013dd5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=117597611884616147
Connection
keep-alive
X-Proxy-Origin
116.90.74.215; 116.90.74.215; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 2764 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=RxzB1r6yjPTXO_nh_IyGTGmpy0UsH3byxxOnHBfI7wY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 2764
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=1635681172013442184
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=1635681172013442184
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=1635681172013442184
date
Mon, 12 Dec 2022 14:28:27 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 2764
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UiACcel3Dqblh3JScc3UJ1z6ezy-OHj3HE9Iv8glx4c
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UiACcel3Dqblh3JScc3UJ1z6ezy-OHj3HE9Iv8glx4c
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F3W3YTY5NR65EM99QX52
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UiACcel3Dqblh3JScc3UJ1z6ezy-OHj3HE9Iv8glx4c
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
x.bidswitch.net/ Frame 2764
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8450273934789490579
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
/
onetag-sys.com/match/ Frame 2764
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-3wWwU_dE2uGKd8BuF4ww6SHlAZq1Ol3S5BWthhE-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-3wWwU_dE2uGKd8BuF4ww6SHlAZq1Ol3S5BWthhE-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-3wWwU_dE2uGKd8BuF4ww6SHlAZq1Ol3S5BWthhE-~A
date
Mon, 12 Dec 2022 14:28:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 2764
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame 2764
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=0&user_id=tPPOobGhz6CvpsWg4_Xao7Kjlq-vpZT15qP-JTyY
0
0
sync
ads.servenobid.com/ Frame 2764 		0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=RxzB1r6yjPTXO_nh_IyGTGmpy0UsH3byxxOnHBfI7wY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
asia.adform.net/csimpr/ Frame 8227 		35 B
493 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://asia.adform.net/csimpr/?bn=56367621&csi=_0sN9E4y1vINRz8onS7_GocS8Y5JI_5Io-Yc4GmGQEUJDwKV3Zer3EWiW7GtZnrZ8xgKAv_I9cS4if0BvgCpp96vWmW1dlSa0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
11240094.js
s2.adform.net/Banners/Elements/Files/2111416/11240094/ Frame AEFD 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/Banners/Elements/Files/2111416/11240094/11240094.js?ADFassetID=11240094&bv=513
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/fu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.56 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
92c9da93057b0d8a083ebfdc631c02d302f9e465ab7245cdb83618da6292255c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 23:24:14 GMT
server
nginx
x-amz-request-id
tx00000d03b37ab7e9e4027-0063912614-329373d4-default
etag
W/"07edcad23017d33d4435cc70b817c88f"
x-cache-status
MISS, STALE, STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
activeview
pagead2.googlesyndication.com/pcs/ Frame 9523 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5LDitXRpA0oqHVeZyb0d_flCHkZOkhS97yYLjIPjPoGvyvHXOPlytIhlIj1YAQUjXSnIBegM9YLgWODwJT31eKplk&sig=Cg0ArKJSzIBqjItMcSMbEAE&cid=CAASFeRo0QLglkXjKpLxMfEUaIrY0hxdTQ&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670855302959&rpt=3159&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2242 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCJVACdtcRRMlQEwKKDohq8Xuz1TFenISf2VnlQnofH8I9Kszdodg9GGt4yYT_3l41WeOhyE7V523TgGx32n1BrgUH&sig=Cg0ArKJSzM7G6k7B2aIPEAE&cid=CAASFeRolb9LmxpJIMAK-DSswqDrG9qQAg&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670855302963&rpt=3213&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 745C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=117597611884616147
0
0
sync
pool.admedo.com/ Frame 745C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_d96a13a3-1a1e-4752-aa40-1d7cbe5d4132&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=ae11f77e-2cb5-4aa2-8ef9-45f050485375
0
0
sync
sync.srv.stackadapt.com/ Frame 745C 		0
0
23178
stags.bluekai.com/site/ Frame 745C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_d96a13a3-1a1e-4752-aa40-1d7cbe5d4132&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=bTi25SH6UZmOQAI506d0&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
0
0
RX-6adccad7-27ff-4625-886f-a470ba92471c-004
sync.targeting.unrulymedia.com/csync/ Frame 745C
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2717262021
  • https://sync.1rx.io/usersync/tradedesk/a8f77359-9db5-4714-9b79-a4238e9812fb
  • https://sync.targeting.unrulymedia.com/csync/RX-6adccad7-27ff-4625-886f-a470ba92471c-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-6adccad7-27ff-4625-886f-a470ba92471c-004
0
0
usersync
usersync.gumgum.com/ Frame 745C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=5tzNNy1jEaYy&ev=1&pid=558355
0
0
redirectObuid
sync.outbrain.com/ Frame 745C 		0
0
usersync
usersync.gumgum.com/ Frame 745C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=f6b12d71-9999-4d78-b665-954705898450
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=f6b12d71-9999-4d78-b665-954705898450
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 12 Dec 2022 14:28:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 12 Dec 2022 14:28:27 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=f6b12d71-9999-4d78-b665-954705898450
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 745C 		0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 745C 		0
0
services
sync.technoratimedia.com/ Frame 745C 		0
0
142
match.deepintent.com/usersync/ Frame 745C 		0
0
server_match
ad.360yield.com/ Frame 745C 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 745C 		0
0
sync
ads.servenobid.com/ Frame 745C 		0
0
usync.js
eus.rubiconproject.com/ Frame 235D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
902480d47ecfbc854a0ca98d9a6a1838c87a25a298f62e211891b09ec785c2b0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 14:28:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Dec 2022 05:52:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55443
Connection
keep-alive
Content-Length
10065
Expires
Tue, 13 Dec 2022 05:52:30 GMT
usync.js
eus.rubiconproject.com/ Frame 5279 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
902480d47ecfbc854a0ca98d9a6a1838c87a25a298f62e211891b09ec785c2b0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 14:28:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Dec 2022 05:52:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55443
Connection
keep-alive
Content-Length
10065
Expires
Tue, 13 Dec 2022 05:52:30 GMT
0.gif
id5-sync.com/i/495/ Frame 87DA
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2D13 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=161029
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 14:28:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 14 Dec 2022 11:12:16 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 0429
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=a8f77359-9db5-4714-9b79-a4238e9812fb
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=a8f77359-9db5-4714-9b79-a4238e9812fb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 12 Dec 2022 14:28:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Mon, 12 Dec 2022 14:28:27 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=a8f77359-9db5-4714-9b79-a4238e9812fb
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 68EE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=eafc6397-3a8a-4d00-9076-f9217c251418&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=eafc6397-3a8a-4d00-9076-f9217c251418&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 12 Dec 2022 14:28:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 12 Dec 2022 14:28:27 GMT
Expires
Mon, 12 Dec 2022 14:28:26 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master nrt-pixel-x18 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=eafc6397-3a8a-4d00-9076-f9217c251418&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame DD1C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5c6iwAADtGUAQAe
  • https://usersync.gumgum.com/usersync?b=atm&i=Y5c6iwAADtGUAQAe&gdpr=0&gdpr_consent=&_test=Y5c6iwAADtGUAQAe
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y5c6iwAADtGUAQAe&gdpr=0&gdpr_consent=&_test=Y5c6iwAADtGUAQAe
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 12 Dec 2022 14:28:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 12 Dec 2022 14:28:27 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y5c6iwAADtGUAQAe&gdpr=0&gdpr_consent=&_test=Y5c6iwAADtGUAQAe
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11260-MEL
x-timer
S1670855308.804494,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame CDB0 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9kOTZhMTNhMy0xYTFlLTQ3NTItYWE0MC0xZDdjYmU1ZDQxMzI=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 14:28:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame 22AF 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.66.85 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 12 Dec 2022 14:28:28 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame DE4C
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5c6iMCo5s8AADVtRYEAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y5c6iMCo5s8AADVtRYEAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 12 Dec 2022 14:28:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 12 Dec 2022 14:28:27 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y5c6iMCo5s8AADVtRYEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40245.dc2p.scaleout.jp
X-SO-IP
116.90.74.215
X-SO-Key
Y5c6iMCo5s8AADVtRYEAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.215","key":"Y5c6iMCo5s8AADVtRYEAAAAA","privacy_sensitive":false,"uid":"Y5c6iMCo5s8AADVtRYEAAAAA","upstream_id":"a-ad40245"}
X-SO-LB-Hostname
a-tgng40011.dc2p.scaleout.jp
X-SO-UID
Y5c6iMCo5s8AADVtRYEAAAAA
X-SO-Upstream-ID
a-ad40245
usersync
usersync.gumgum.com/ Frame 7A30
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5c6ivAg.JGYThEBey1VrwAA%265337
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y5c6ivAg.JGYThEBey1VrwAA%265337
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 12 Dec 2022 14:28:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778725873e9e1c58-AKL
content-length
0
date
Mon, 12 Dec 2022 14:28:27 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y5c6ivAg.JGYThEBey1VrwAA%265337
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSLe434VpchnbiCObEpJ8602dj9CEqpWjj11stug164QyvcEn42uBWvdc5f2TqhTVsdTYai1LlcJbsW8LQ9dTLgJ436NHj%2FcmGHFN%2FuxpLqvPSozmGhmG6qnlmtHQoQMUnc%2FPxRDgObA2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cm-notify
creativecdn.com/ Frame 89E8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
0
0
usync.html
eus.rubiconproject.com/ Frame 33DB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Dec 2022 14:28:27 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 12 Dec 2022 14:28:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
match
c1.adform.net/serving/cookie/ Frame 5CE9 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=66FC608F-1C59-4390-8B86-F9C026A2BD5B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 12 Dec 2022 14:28:27 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame FF5F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:eafc6397-3a8a-4d00-9076-f9217c251418&gdpr=0&gdpr_consent=
42 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:eafc6397-3a8a-4d00-9076-f9217c251418&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Dec 2022 14:28:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 12 Dec 2022 14:28:27 GMT
Expires
Mon, 12 Dec 2022 14:28:26 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master nrt-pixel-x14 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:eafc6397-3a8a-4d00-9076-f9217c251418&gdpr=0&gdpr_consent=
sync
x.bidswitch.net/ Frame 533A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5c6iwADeV6QWQAp&gdpr=0&gdpr_consent=&_test=Y5c6iwADeV6QWQAp
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
sync
x.bidswitch.net/ Frame B2EB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=117597611884616147&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 38EC
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KoDSnS_S05wx1dmcfYbGnyzQipMx1ojJeNCjcDSk
42 B
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KoDSnS_S05wx1dmcfYbGnyzQipMx1ojJeNCjcDSk
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 12 Dec 2022 14:28:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 12 Dec 2022 14:28:27 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KoDSnS_S05wx1dmcfYbGnyzQipMx1ojJeNCjcDSk
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
sync
ads.servenobid.com/ Frame A3C9 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=66FC608F-1C59-4390-8B86-F9C026A2BD5B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 12 Dec 2022 14:28:27 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 674E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZvxgjxxZQ5CLhvnAJqK9Ww%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
184.51.240.213 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
date
Mon, 12 Dec 2022 14:28:27 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=UTF-8
cache-control
max-age=161029
accept-ranges
bytes
content-length
5549
expires
Wed, 14 Dec 2022 11:12:16 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 674E
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=66FC608F-1C59-4390-8B86-F9C026A2BD5B
  • https://pippio.com/api/sync?pid=5324&it=1&iv=1d6b8db7bbd82361fa59b0141d4c6347ec03bd3eaafa156d92ca534052750685791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAxZDZiOGRiN2JiZDgyMzYxZmE1OWIwMTQxZDRjNjM0N2VjMDNiZDNlYWFmYTE1NmQ5MmNhNTM0MDUyNzUwNjg1NzkxNDI2YjU...
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 674E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=eafc6397-3a8a-4d00-9076-f9217c251418
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=eafc6397-3a8a-4d00-9076-f9217c251418
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 12 Dec 2022 14:28:27 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x9 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=eafc6397-3a8a-4d00-9076-f9217c251418
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Dec 2022 14:28:26 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 674E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjZGQzYwOEYtMUM1OS00MzkwLThCODYtRjlDMDI2QTJCRDVC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 674E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECQx6nophEJskcXD5YAXbKs&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
pubmatic
um.simpli.fi/ Frame 674E 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.142.175.23 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
23.175.142.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 11 Dec 2022 14:28:27 GMT
66FC608F-1C59-4390-8B86-F9C026A2BD5B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 674E 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/66FC608F-1C59-4390-8B86-F9C026A2BD5B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.213.162.168 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-213-162-168.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 674E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=
42 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 12 Dec 2022 14:28:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a8f77359-9db5-4714-9b79-a4238e9812fb&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 674E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=66FC608F-1C59-4390-8B86-F9C026A2BD5B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-75GlkqdE2uWNNQ5.HhbsSjadEMkwI7I-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-75GlkqdE2uWNNQ5.HhbsSjadEMkwI7I-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-75GlkqdE2uWNNQ5.HhbsSjadEMkwI7I-~A&gdpr=0&gdpr_consent=
date
Mon, 12 Dec 2022 14:28:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Adform.DHTML.js
s2.adform.net/banners/scripts/rmb/ Frame AEFD 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.56 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000365b9e4a987c9c16-006376616c-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT, HIT, HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
createjs.min.js
code.createjs.com/1.0.0/ Frame AEFD 		125 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
42.99.140.26 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:28 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Mon, 12 Dec 2022 14:43:28 GMT
css
fonts.googleapis.com/ Frame AEFD 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:600&subset=latin
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.95 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
a12f64cad3e3b6dbad5d094c5ec316e18b64cbab9b4a1481e46d0afe4d707110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Dec 2022 14:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 14:28:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Dec 2022 14:28:28 GMT
index.js
s2.adform.net/Banners/Elements/Files/2111416/11240094/bvpath_513/ Frame AEFD 		70 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/Banners/Elements/Files/2111416/11240094/bvpath_513/index.js
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.225/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.56 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c6b3460ad383d9551b877f82f2a510ed6189686e4a03bb45d1edd8bd7f377efd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
content-encoding
gzip
last-modified
Sat, 28 May 2022 23:24:14 GMT
server
nginx
x-amz-request-id
tx00000ab3d4a8bdcdfed4e-0063912615-329373d4-default
etag
W/"d35f7e4bdf8ea534fb9a477c4fd139b5"
x-cache-status
MISS, STALE, STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
sync
ads.servenobid.com/ Frame F348 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=YovpDaxtk_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 640F 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=9067147300553876481&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 14:28:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 640F
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=31356468e78cb08a7c7660e1ecd0fc93&gdpr=0&gdpr_consent=0
0
0
get
a.audrte.com/ Frame 640F 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 640F
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=08d0d1a2-22fb-4853-acf4-784b2f6811fd&gdpr=0
0
0
/
rtb-csync.smartadserver.com/redir/ Frame 640F
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=0ee390ef
0
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 235D 		0
0
cksync.php
contextual.media.net/ Frame 5279
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LBKW3TQF-1B-HY8J
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LBKW3TQF-1B-HY8J
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LBKW3TQF-1B-HY8J
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.58.140.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-140-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 12 Dec 2022 14:28:28 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 12 Dec 2022 14:28:28 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LBKW3TQF-1B-HY8J
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
usync.js
eus.rubiconproject.com/ Frame 33DB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
902480d47ecfbc854a0ca98d9a6a1838c87a25a298f62e211891b09ec785c2b0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 14:28:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Dec 2022 05:52:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55442
Connection
keep-alive
Content-Length
10065
Expires
Tue, 13 Dec 2022 05:52:30 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8227 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxFgbyQi-DHDJjIyGzIYrIgDB36jIPhtXicEd7KtNyfsTmnxhDnHyYWwnCFCM-GtDVbkjRSxTkv0u6dYIq-o48XNQb&sig=Cg0ArKJSzBaD7xSbpZd0EAE&cid=CAASFeRoeUzJ-Q8rlE_9Ig37yC40udwOQg&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670855302955&rpt=4142&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 14:28:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 33DB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LBKW3TQF-1B-HY8J
  • https://usersync.gumgum.com/usersync?b=mag&i=LBKW3TQF-1B-HY8J
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-6adccad7-27ff-4625-886f-a470ba92471c-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-6adccad7-27ff-4625-886f-a470ba92471c-004
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=SqCuI-akEWQDToiD8uvb&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKTOFBXKSJNMFVUKV2RIRKG62KEHB2XMYRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDQNJVGMYDMMBTGMZTCMZYGU3DSMBVG42DINJVG4ZTAMBQKYYTAJTWONUWIPJTGEZTQNJWHEYDKNZUGQ2TKNZTGAYDAVRRGA
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3138569057445573000V10
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522801271569356404&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xPd8MEGnRt2kF48XwR-X5g
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=310&uid=FzdkDRZH6wcc7iM_Sd6UxzWf
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-6adccad7-27ff-4625-886f-a470ba92471c-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-6adccad7-27ff-4625-886f-a470ba92471c-004
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zNDM1OTk2OC1mYzRiLTNmZGYtYTBjZi1iY2RlNWE2ODAwOTYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0zNDM1OTk2OC1mYzRiLTNmZGYtYTBjZi1iY2RlNWE2ODAwOTYyAhIaOAE=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5c6ivAg.JGYThEBey1VrwAA
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=vgCwqD3o_-OIq-mvSePz&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD25THIN3XCRBTN5PS2T2JOEWW25STMVIHU
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=087b220419d19e55720d8df9&expiration=[EXPIRATION]
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=117597611884616147
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=087b220419f9cd3ff514e707&expiration=[EXPIRATION]
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=0&user_id=tPPOobGhz6CvpsWg4_Xao7Kjlq-vpZT15qP-JTyY
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=apn&i=117597611884616147
Domain
pool.admedo.com
URL
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=ae11f77e-2cb5-4aa2-8ef9-45f050485375
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=bTi25SH6UZmOQAI506d0&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YSUNEZDKU2IGZKVU3KPKFAUSNJQGZSDAJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-6adccad7-27ff-4625-886f-a470ba92471c-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-6adccad7-27ff-4625-886f-a470ba92471c-004
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=pln&i=5tzNNy1jEaYy&ev=1&pid=558355
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=309&uid=a_d96a13a3-1a1e-4752-aa40-1d7cbe5d4132
Domain
id5-sync.com
URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAxZDZiOGRiN2JiZDgyMzYxZmE1OWIwMTQxZDRjNjM0N2VjMDNiZDNlYWFmYTE1NmQ5MmNhNTM0MDUyNzUwNjg1NzkxNDI2YjU0MTdkY2UyMRAAGgwIjPXcnAYSBAgCEABCAEoA
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=31356468e78cb08a7c7660e1ecd0fc93&gdpr=0&gdpr_consent=0
Domain
a.audrte.com
URL
https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=08d0d1a2-22fb-4853-acf4-784b2f6811fd&gdpr=0
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=0ee390ef
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LBKW3TQF-1B-HY8J
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=mag&i=LBKW3TQF-1B-HY8J

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| oncontentvisibilityautostatechange object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString object| adRecover function| setImmediate function| clearImmediate object| google_reactive_ads_global_state number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter undefined| $ undefined| jQuery function| jqAlias function| runAnimCheck object| google_ad_modifications number| google_global_correlator object| google_prev_clients string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| _qevents object| ggeac object| google_tag_data object| google_js_reporting_queue object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries function| quantserve function| __qc object| ezt object| _qoptions undefined| google_measure_js_timing boolean| descriptionPage object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| dataLayer function| gtag object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| google_tag_manager function| onYouTubeIframeAPIReady

63 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQj9bytdAwCgoIgQIQj9bytdAwCgoI4gEQj9bytdAwCgoI5gEQj9bytdAwCgoIhwIQj9bytdAwCgkICRCP1vK10DAKCQg6EI_W8rXQMAoKCIwCEI_W8rXQMAoJCF8Qj9bytdAwCgkIHxCP1vK10DA=
.aralego.com/ Name: sspid
Value: be43096d-9c5a-3c99-8b14-f629d4de969a
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: e1373f09-0985-46ef-ad08-6ceb266a7a95
.bg3.co/ Name: __gpi
Value: UID=000008d01d62087d:T=1670855299:RT=1670855299:S=ALNI_MacX9imv188-3eH-8RdEPUHMjeUzA
.doubleclick.net/ Name: IDE
Value: AHWqTUlUpMRb2HVsGetRtSJzTJ5nTsG_cznDenxXfb7EaKkfIK4RQKoaa95TkFIslI4
.adpushup.com/ Name: ap_uid
Value: 39582840-7a29-11ed-95db-00224856cf1a
.adpushup.com/ Name: ap_usid
Value: 39582841-7a29-11ed-95db-00224856cf1a
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: d220b658-180b-4ad9-8bc8-4d42a9feb6eb
.openx.net/ Name: i
Value: d220b658-180b-4ad9-8bc8-4d42a9feb6eb|1670855300
.omnitagjs.com/ Name: ayl_visitor
Value: 31356468e78cb08a7c7660e1ecd0fc93
.rubiconproject.com/ Name: khaos
Value: LBKW3TQF-1B-HY8J
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJ+JwFntYNXdXXrd8oPN4aCalRqwzkbWJn20dtx1cp3EC5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
.teads.tv/ Name: tt_viewer
Value: fe6a591a-f6ef-4538-b83a-3942d66bfd8b
.bg3.co/ Name: __gads
Value: ID=a0f658701c7d2ead-220a0509d5d800fa:T=1670855299:S=ALNI_MZpMOaBdMlMniXDJBO3SYxK6_7qVg
.quantserve.com/ Name: mc
Value: 63973a86-f26a5-50ca9-eccdc
.bg3.co/ Name: __qca
Value: P0-154517067-1670855300817
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1670855304.1.0.1670855304.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1952779668.1670855302
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.c.appier.net/ Name: _auid
Value: JjV1M2l-AC-thwmGiDqXYw
.c.appier.net/ Name: _gu
Value: CAESEH4noBmwaOxX-gFUEZODSHQ
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 66FC608F-1C59-4390-8B86-F9C026A2BD5B
.uncn.jp/ Name: t
Value: v_3f22b50a-53ea-43f0-8b60-4a21e487b5d2
.socdm.com/ Name: SOC
Value: Y5c6iMCo5s8AADVtRYEAAAAA
.uuidksinc.net/ Name: jcsuuid
Value: XBLqQLRwrh3D2oqnBXy8
.yahoo.com/ Name: A3
Value: d=AQABBIg6l2MCEG7U2Rl6RatjPWV7qdbJOlAFEgEBAQGMmGOhYwAAAAAA_eMAAA&S=AQAAAl838Sk-xLOoT_yXIRRzjMw
.adform.net/ Name: uid
Value: 8450273934789490579
.tribalfusion.com/ Name: ANON_ID
Value: awntmIyOZbSEoJTyBqKeEDldYMxmFTKHY9Hoqa2aVcQwYbnSVwWrWUOBrgc3lfFSB17NHDd1cYHSeZcbPLFfZa0Zbke9
.yieldmo.com/ Name: yieldmo_id
Value: ga976bc9d7beaf32582b%7C1670855305026%7C0%7C
.simpli.fi/ Name: suid
Value: A8AFE4979E8142898A58F6FD1535CA71
.media.net/ Name: visitor-id
Value: 3138569057445573000V10
.media.net/ Name: data-g
Value: CAESEHee-oaf6aA_2plzFFLURkg~~3
.openx.net/ Name: pd
Value: v2|1670855305|jElYiuvOiahI
.yandex.ru/ Name: yuidss
Value: 963914761670855305
.yandex.ru/ Name: yandexuid
Value: 963914761670855305
.onetag-sys.com/ Name: OTP
Value: RxzB1r6yjPTXO_nh_IyGTGmpy0UsH3byxxOnHBfI7wY
.adsrvr.org/ Name: TDID
Value: a8f77359-9db5-4714-9b79-a4238e9812fb
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%223cccda93-e937-4632-9b7a-d0fb9a8f3cc6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-12-12T14%3A28%3A25%22%7D
.3lift.com/ Name: tluid
Value: 2754502568621957786933
.openx.net/ Name: univ_id
Value: 537072971|a8f77359-9db5-4714-9b79-a4238e9812fb|1670855305948785
.casalemedia.com/ Name: CMID
Value: Y5c6ivAg.JGYThEBey1VrwAA
.casalemedia.com/ Name: CMPS
Value: 5337
.casalemedia.com/ Name: CMPRO
Value: 5337
.socdm.com/ Name: SOSYNC
Value: anNvbjp7ImdkbiI6MTY3MDg1NTMwNn0
.rlcdn.com/ Name: rlas3
Value: ACDIhqiz5LMeCp83n5cf4FTKpdfTY80HX8qM+BBSNEc=
.rlcdn.com/ Name: pxrc
Value: CAA=
.ladsp.com/ Name: cr
Value: 1
.adnxs.com/ Name: uuid2
Value: 117597611884616147
.adform.net/ Name: TPC
Value: 1670855306298
.media.net/ Name: data-a
Value: 117597611884616147~~8
.ladsp.com/ Name: smn_uid
Value: qGWNwuOlCKir3gan3RGdgA8cFMipPb4
.ladsp.com/ Name: lum
Value: CN_Z8rXQMBIFCAMQ0AU
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCIyr05_lla47EAUSFgoHcnViaWNvbhILCLC076Llla47EAUYASACKAIyCwiMo9bM-5WuOxAFOAFaB3N2eDl0NTBgAg..
.mathtag.com/ Name: uuid
Value: eafc6397-3a8a-4d00-9076-f9217c251418
.bg3.co/ Name: cto_bundle
Value: ZKPm019XT1Z4b0lqbE40dVElMkZaWktVMnpwcFVESDFqYXI5VnFlTkQ2SEZMVkxvamxOR3lucndCY09JUDRpWmlBUzBLWEtsMWtVMnlxdXgyJTJGbkJhdWJTT2R6bkl4MiUyRnM0S0hrJTJGakJxakgxZDZPQ1JNJTNE
.bg3.co/ Name: cto_bidid
Value: eP7mOl9aQWZNYVNTRUlvVWNudU5oYlkxVHYlMkZXSTRiaTEzd0ZseUhUYVJiSm1DdEt5dzBuMDgxcnlmd1plMFd5QjVrT0l1TTVZMUpxQk1DSW5BNjdSVkpvRERRJTNEJTNE
.casalemedia.com/ Name: CMTS
Value: 4821
.media.net/ Name: data-o
Value: c9a0e09e-1a8c-4fce-b251-fbc47f3617ca~~8
.criteo.com/ Name: uid
Value: d8b1dc40-f93e-47f9-8110-eee8d04156f2

17 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/ea742c87b706b9a4024f94e70c03cad5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/e555540b83bd59710088ce7589a20300.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/c42a59e20f7550982a33e981bc27eb55.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/883629ff47866b7825d16be4d5940824.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/de296fa30694f80b8bfd1b3d35f978d7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/416d19f5c16e0d9f5bdb880964ce8611.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/ba930db0a1bbc624680a08cf0331e2a6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/493708045b2472b42b0a71e9ab553565.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202107/42012131453261223f9707b69ef8e941.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/7b786e34d19afadb0dab40df0f99234a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/efb15eac2921868ca99e138343e27ea1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202109/737bf281f0301eb5f4efc08d28100af2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/f2a28ac34330bc40e3282585ecef241b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/4662f13ca7dc0ea266ea5a1f78c22362.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/76f7162d796c184607a078b395be3868.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670855297&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ffu-wu-yi-xun-yi-qing-qi-yuan-who-zhao-dao-zhong-da-xian-suo-liao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670855296432&bpp=18&bdt=2046&idt=1387&shv=r20221206&mjsv=m202211300101&ptt=5&saldr=sa&correlator=3928080773682&frm=23&ife=1&pv=2&ga_vid=596370892.1670855298&ga_sid=1670855298&ga_hid=744263272&ga_fc=0&ga_cid=amp-heprdNQx8f6KCm-zEtg9yg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1828&biw=1600&bih=1200&isw=336&ish=280&ifk=2011414921&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071113%2C31071267&oid=2&pvsid=1346008572914845&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vc5dpnc3umc0&btvi=1&fsb=1&dtd=1406
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvZnUtd3UteWkteHVuLXlpLXFpbmctcWkteXVhbi13aG8temhhby1kYW8temhvbmctZGEteGlhbi1zdW8tbGlhby5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20789ff2abd6e4806ce45b4b74e8b227.safeframe.googlesyndication.com
a.audrte.com
a.c.appier.net
a.teads.tv
a.tribalfusion.com
a1523b9141f52da5d1aef5796faae0a9.safeframe.googlesyndication.com
a3e8e10513136cfdbe68cfa214ef96ad.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.co.nz
adservice.google.com
an.yandex.ru
ap.lijit.com
asia.adform.net
b1-sindc1.zemanta.com
b1t-sindc1.zemanta.com
bidder.criteo.com
c.bing.com
c1.adform.net
campaign.adpushup.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
d-1273038416797963012.ampproject.net
d.adroll.com
delivery.adrecover.com
dis.criteo.com
ds.uncn.jp
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
g2.gumgum.com
gdn.socdm.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s2.adform.net
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-tm.everesttech.net
sync.aralego.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
widgets.outbrain.com
widgets.zemanta.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
y.one.impact-ad.jp
zem.outbrainimg.com
a.audrte.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.servenobid.com
cm.g.doubleclick.net
creativecdn.com
dsum-sec.casalemedia.com
id5-sync.com
image8.pubmatic.com
match.deepintent.com
pixel-us-east.rubiconproject.com
pixel.tapad.com
pool.admedo.com
pr-bh.ybp.yahoo.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
ssbsync.smartadserver.com
stags.bluekai.com
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
usersync.gumgum.com
x.bidswitch.net
103.229.10.211
103.229.205.243
103.231.98.194
103.254.153.160
104.16.88.20
104.17.24.14
104.18.24.173
104.18.36.94
104.18.99.194
104.254.151.68
124.146.215.4
13.107.21.200
13.107.42.14
13.213.162.168
13.229.2.58
13.33.33.43
13.33.88.101
13.33.88.20
13.33.88.73
13.76.45.37
139.5.84.243
139.99.49.250
142.250.4.102
142.250.4.106
142.250.4.132
142.250.4.156
142.251.12.154
142.251.12.157
145.40.88.5
151.101.129.108
151.101.194.49
151.101.2.132
152.199.39.108
172.104.45.159
172.217.194.154
172.64.151.162
172.64.154.237
172.67.71.254
172.67.72.16
18.138.91.242
18.176.78.48
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
184.51.240.213
184.51.241.105
185.84.60.30
185.84.60.56
198.8.71.131
199.232.46.132
202.241.208.57
209.191.163.208
213.180.204.90
23.106.127.38
23.106.127.39
23.108.101.160
23.58.140.24
23.58.141.50
23.75.85.227
23.76.212.194
3.1.184.194
31.220.27.155
34.107.148.139
34.142.175.23
34.98.64.218
35.190.60.146
35.213.109.249
35.213.117.18
35.213.12.39
35.244.159.8
35.71.131.137
35.82.246.6
42.99.140.144
42.99.140.161
42.99.140.26
50.116.239.135
52.221.131.47
52.221.146.18
52.223.2.229
52.30.129.185
52.45.175.185
52.46.151.131
52.74.162.2
52.84.45.81
54.164.66.85
54.178.188.214
54.199.211.51
54.238.120.71
64.120.88.131
67.199.150.81
67.199.150.82
67.199.150.85
67.199.150.86
69.16.175.42
69.173.144.138
69.173.158.64
69.173.158.65
74.125.200.156
74.125.200.94
74.125.200.95
74.125.24.132
74.125.24.155
74.125.24.156
74.125.24.97
74.125.68.157
84.17.37.44
96.17.188.24
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
032763c1c9bf9af9c38f12252fe38e2dd21c7e8cc4ca4b7b040c25f4f0de8ad9
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
0386e6cb985cea5204d7c7a6ac9257953c5db5b0572bd2263e33ebb472927716
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05934d7b0fef3ada823d64f6825db606b9f186585e766053ebb43060cbc0d09c
07df915eecf7938b5554497a4a5095bcb62603976bbee787ba56b4426365f045
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ca0f62724afd700aad5dd81d4065f4afafcfa3fdee9fb3784ce3b78adae7779
0efe5a2440bc8207ce66ffdef2f4f59e6cdbcf0b02da8ebd623df6e8344167d3
0f551648a712ba99175ed761c9b3d4700c290e18febcb48c8351b9a5b6cc9759
0fe25e11cf66e27cbd81c5224de3ce4679885baf5c0b9fc4e6adb7c969a28316
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53
116d4ec945711ee5b7444c0bc4f78e93af4b4519adfff64b73d6cc7acf1f6ab1
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
14e4b82e72ca592dcccfa168d05bf08639a47b493674555dd10d647428912843
15f1b58ead79c83219c0f09582b331fb46234a195d3f07716d56da237fa93638
160a0ae1429f0dc06b33c95765a37fa96bc032e333fb6ad6327da181e730af8b
179b5d27132a82d24c347051513936d5c49a2df17c6cc3444aae986096d170e6
17a21bf823d514346166fbfc1673889f0614f6021ce8318ddc776b633c023507
180899d51c0ca22cbeb1a9c18501a5e3c34043b9b0a07a9b19ec683e5ab0aeff
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18eaab1a1f41857fe66d742f192fe48bd6761747df97d53491c48a61cfe4cc0a
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1bc1467412d0d8003c61ee7a03080fdabc5d549981fc94ab48c31786d41200ae
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e5edc902cbde58b027562bab0c91259272b9ec1b2641c4a0020a5c4c1b69728
1fd04e9e9a5040fb56563e373d46099639ec19bbae27e1c7c519324c441c9eeb
20660d97bce81dee2c4c7aff50dbba6c10e57942e7c33a12b03aa75f098c3b08
21295c187205746a49fa6654b6bff00a75127e2c58d51a5432802c03ec09632b
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2a125400bb746edadd9b32ee20a91e018b87d7586879f9c386858d26cb6d3e1a
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d49496149f30d049fcc35692756f87b88523268998d633826088960811a5212
2df481fc955f524aa224caa4443d7348037f16447f63209b86ed5f43e2d61ca1
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35fe2714ccde61e15f0a7852ab9b333ac47361a8470994da3855d2cdad8ca05c
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
385eb75d03c130230da212fba0a0d230e0d09b8335067a3eb7e4d9167590a59b
38699d129a523f13737145cdae16928a789fbc5a3398c6107f133f133a39d080
3b2d5da22437f8bf5796d57c4a4dcf018773e5a48c8885671c810149777d7b42
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ea7c115e03fd3406a12df2dea6c5eda586e885d731f6ea09a9b8754a1f881cf
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
421e1e950e8d7b4229c381f25e04791f9c6d2d76a291db0627004b381a37f3c1
427917023533672070815d6d87beab06005f42bfed7cb112ed69d9355436cdbe
42d42afbed51d06beb9e4ab3e0c12d3c6c0933e5a1410b3ef94ce6ee0077cde7
43ede94b0cc7dd8b2e3a22b8171332baaa72d694d355ccaa506103338b7d3c15
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46fd03ad0e7c040579da228f8f3fb42d3f001bba54b18b191129c1e28426809d
4815b2641e793381617f60dea9a1f28aa4a1a27d12f1fc3214c057ea08fb7152
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5faf9fe073ac81c10c229dccf3deca39d02f9869eac293777ca1942bc20f55
4d627cc10e488ac8a04a23a25aeff82bbcafbc1d3867ff1a916831e860f427c3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516726fc94923667f20e390b20e086383094f4e9070f9852b2695a49b89a2922
5476599dfec66400431c1735e26f7ac6272248349156ddd6a5d3f7dbe2443e03
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
57d4523b3246a3610a87f14af4cae347c5eb0d76b1bac944766bb9ffc3ac5b21
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6239bb438194e1e2276e6c70c7297c23cc185667ceff238681c01c325e77604e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
675b80ab9bb9a8e0acd2b3433a16cba29c95d38494916f563770e7375b73b9cf
69a641f3e5761039151d8b224300b1789dd9077dd2ac347cfa25179ff6285de5
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a9414baa5c5b9c250487e0c806a08c69ff92914382db9f03bfde147c8bcc3a0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bfd228178a7920f79853de46df09c0a6ee732b6d92100be5bb99174d05a9c07
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
708e62ac096a55b6b6018b0189b9dc1bbd8130d356d540c3c00a7d2b87bb2ca9
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73761714541df3d1ab550de43c590774bb5f2b2b61a47f1d1ca26cdfd548947a
75cbae1b4b979d7cbd3221a5379672c4ddd67f1d2470ca776efed180d0375e96
7b2da9d190197859458cadc1b767940660442a3751ef215bfe6d362a06feb51d
7d76898d3055b34b5c8e52713373c018d917da72f1a858d8d2aae482bd8ce84a
7ef57adb4f771d9cdaade4899b1aed3411c3868ba990d019f2454924ff74c24c
7f2ddf88e0baf7c39f74a0c6dd396b8e611bc18c18c3d0cb179f579ec56cd2f7
802a61c6dd1783d38b7ed0cb19637dab75797cdcd8902c3b291d8f5fd374fa45
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8446cd29c8c42825dba51a9fce9cd24e34923d54b6d395853eb4a3b54c691131
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
853791586b98204d9dd999cc8e57fc18b18c7f8394b8f1865a47fd361c1e4ca5
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
877867e00430940d315048a852e94d02574bcf6be9bca197a14f30427323667a
8952b61c840104e3708168b5f136dc96715ca5b4330d7a788d42d8a5d4b00793
8b1719d28e80205c8ce4ec2285a705276ff3bd6c2e6ba01ecb73d0a4f77b94a9
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f020d78a98d87a0c9e91cc4fd4cfa00128a0b716aa3ae48da1958c55ad222fb
8fb5d8c26e3a69372525ec22d115985c1a7e43af590fe126680c0f4bc664258d
902480d47ecfbc854a0ca98d9a6a1838c87a25a298f62e211891b09ec785c2b0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91487fed3c54d93da8312a25d66b1628f518c3bf77d69bccf633345170be06ed
92428f21714c24954dd3f316cca4362f16a7b7910f63ed5bd79ce597d0611c70
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92c9da93057b0d8a083ebfdc631c02d302f9e465ab7245cdb83618da6292255c
9358740368550deef62e86024d058cf26bc49c63c27bcdb0e3ea5eb80b4e7346
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
96239166fb50b39dc6f5562bde04faf124072afd37ac4a195baac2bb0bca607c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a12f64cad3e3b6dbad5d094c5ec316e18b64cbab9b4a1481e46d0afe4d707110
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3b8559f9264e5006e9d8e0d80287a4c439dcc84a5e1c61de43cb3d004bd4bb9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63352e1cd1d58eb182679f2a2ec9bc94bfe34c5ddb594cec95384bb145d9cad
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
ab351037f6fb3fc2bce4775994735479f0982083cf57e77c8ee0557ace7cb06b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b06037439c7a4801d4cf93324ec1bcb26534f485b145d2a8ca334d61c7fff00d
b14304e8831ec1adc7a05e2fe7125c8669f41448479e7d910142863522c119a6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17c983a08120b50fc7a1b16c9c909983790ba35642223aa24c9188c5c26db4e
b317883273c6b5b5ac13ee341696d72eb5b2996d22d027f999d6cfb963e5b390
b396002a752cafc6957dca3dc447ccc045d5447ea8c21c9dec482ce39a7bf532
b58432b2486b3cfae1052cdf3e26f9c9efac4be3a0d0961a775468acc1e30d28
b6a02d06201a3c597a748a914098890a059972a28df25aece2810c7ddba779e1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf6f60a055b019602629d95982d61eced679e3cbde3e55c32dce65f1342f1578
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d5433298df9a32c8a53ddba38c14ad17bfbfa86f28d4619fe8f092bf4f62d0
c4b9bdabb1ffa597eae9b9d56c6f0d963b6ba9644c10341cb47df1a083a3b77c
c6b3460ad383d9551b877f82f2a510ed6189686e4a03bb45d1edd8bd7f377efd
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce177dd779f8f6e3ddd7ae34e64d9dfa57987378fbbc949ffaa9a2f2a11e0c0f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d178c910d1c0edc8c52b6fb0cfebaf5f917cecb0d527168420382827724f5f53
d42b8d678031d9d6ee15d5b554f41a4047c1d3b608584afc8c6e639e7e3f46bc
d7b90c8f0eb030c74b9d8eeba0f9b11a9420e00a7dac6047d944147bb6a9131b
dbb0454eb7b13da25392eb02e3a9f00a472ffc936d5a1cf13005d745bb8fdd2d
dcead546971cf118bd68d7d94f515c340e50e1ec108a36ac0ec8dba71236aa28
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
dfc1ae905584b3fe8354704d515e61dc46633c8c336bd03ca8cc6e5a9ee827eb
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b035eab1b53feab6435f7380e20c8a03863ea6f8691ee1ad122926963472e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45932891062de514a6738f4c3be3b2d9ac0c79efe98ceba9674c773b1573f37
e54506417eab0d5934dbf0943c57131ecb2456eb6e9e8f25ac6496c922d687e6
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5df4b3cedd222a9c3de185ca9931e11fffcfadca6834a69df05c3120f48cd8a
e63f5110a386ba1fb6a1c43392d8bd6eb1f4d551af4dcfb878eb2c01879c3bb0
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9
e6cb1293dd91b2446f363ff95710128ae90197d33cb70bbc70b35f7609d4b267
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e83aec45bce795d32a9aacf90821dbb34a685f301748b783b6809fb5b419b60f
eaaefaca19e89e915092c5ae4c6560f4657d323e594b612d133e36143921f53a
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
eb3eceb1888cdd2026aee6163619df164d69728a40fd2085033b4b8d55999291
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
eea7f2becc647238abd72cc42f3f1892bc2a2204136bc0d4b989ebd8c13a0dda
eebdbde64fba2fb474ca576d5fd08cbe0ba748975abb4e6efc2ec6b173682a55
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b1394c266679234f8815d286939c77adabf3f435cdf5abd572df9279c8625f
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
f3d4b2a80907ad24b9431ccdda34f9898f907513da1033fcbb19efca0a1ab2f5
f654e5e0f1e92a21012fb0f8b1ab6f25cfdbc680ace76a0631a0d96e50101466
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
fe8a2106cf458273ad91eff023281df88e9b25dac717745ff4ca53bb20d90952
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff727cf64ebaccfe474755d03bbc568af4549583843966db649f462c09664b15
ff9144c3da5d52934c82d7a49997bf685724e98998365d1487de537d0291847b