urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Submission: On November 16 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 94 IPs in 10 countries across 101 domains to perform 557 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 99821.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
20 142.251.12.132 15169 (GOOGLE)
1 6 209.58.188.181 133752 (LEASEWEB-...)
4 172.67.71.254 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
23 104.26.2.91 13335 (CLOUDFLAR...)
27 74.125.24.154 15169 (GOOGLE)
2 69.16.175.10 20446 (STACKPATH...)
20 13.33.33.38 16509 (AMAZON-02)
19 172.217.194.157 15169 (GOOGLE)
2 74.125.24.97 15169 (GOOGLE)
3 216.239.36.178 15169 (GOOGLE)
1 172.217.194.94 15169 (GOOGLE)
2 34.95.67.231 396982 (GOOGLE-CL...)
11 203.75.214.136 3462 (HINET Dat...)
2 4 35.201.76.93 15169 (GOOGLE)
2 18.155.68.93 16509 (AMAZON-02)
6 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
5 142.250.4.157 15169 (GOOGLE)
5 142.251.12.156 15169 (GOOGLE)
2 18.179.87.8 16509 (AMAZON-02)
32 182.161.73.129 55569 (CRITEO-AS...)
2 34.117.219.39 396982 (GOOGLE-CL...)
2 103.132.192.30 138552 (RTBHOUSE-...)
4 210.59.219.181 3462 (HINET Dat...)
8 16 34.96.119.68 396982 (GOOGLE-CL...)
8 8 139.162.40.113 63949 (LINODE-AP...)
9 182.161.73.145 55569 (CRITEO-AS...)
2 4 103.229.10.171 16509 (AMAZON-02)
25 172.217.194.132 15169 (GOOGLE)
1 104.16.87.20 13335 (CLOUDFLAR...)
11 34.246.45.103 16509 (AMAZON-02)
1 23.195.153.54 16625 (AKAMAI-AS)
1 52.77.135.113 16509 (AMAZON-02)
4 19 51.79.234.101 16276 (OVH)
1 35.213.117.18 15169 (GOOGLE)
8 34.98.64.218 396982 (GOOGLE-CL...)
7 10 68.67.161.182 29990 (ASN-APPNEX)
1 2 145.40.89.200 54825 (PACKET)
3 52.196.5.119 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
2 172.64.154.237 13335 (CLOUDFLAR...)
1 13.33.33.78 16509 (AMAZON-02)
9 142.250.4.104 15169 (GOOGLE)
2 104.211.156.162 8075 (MICROSOFT...)
2 74.125.24.156 15169 (GOOGLE)
3 20.212.157.225 8075 (MICROSOFT...)
4 182.161.74.19 55569 (CRITEO-AS...)
4 182.161.73.148 55569 (CRITEO-AS...)
4 142.251.10.156 15169 (GOOGLE)
2 2 34.83.125.63 396982 (GOOGLE-CL...)
12 49 142.251.12.155 15169 (GOOGLE)
12 13 35.71.131.137 16509 (AMAZON-02)
2 2 35.186.193.173 15169 (GOOGLE)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 1 35.74.84.83 16509 (AMAZON-02)
2 2 68.67.178.10 29990 (ASN-APPNEX)
6 8 35.213.12.39 15169 (GOOGLE)
8 8 103.229.206.240 30419 (MEDIAMATH...)
1 202.233.84.1 131957 (MICROAD M...)
2 2 31.220.27.135 39572 (ADVANCEDH...)
2 2 202.241.208.100 4694 (IDCF IDC ...)
4 4 174.137.133.49 27257 (WEBAIR-IN...)
8 9 52.74.13.196 16509 (AMAZON-02)
2 2 202.131.200.84 17941 (BIT-ISLE ...)
2 3 67.199.150.81 62713 (AS-PUBMATIC)
1 1 150.95.47.242 7506 (INTERQ GM...)
1 1 52.45.175.185 14618 (AMAZON-AES)
1 183.79.249.252 24572 (YAHOO-JP-...)
2 2 64.74.236.63 22075 (AS-OUTBRAIN)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 1 103.3.63.48 63949 (LINODE-AP...)
1 1 18.180.4.123 16509 (AMAZON-02)
4 12 35.71.178.8 16509 (AMAZON-02)
1 1 35.76.245.45 16509 (AMAZON-02)
4 182.161.73.132 55569 (CRITEO-AS...)
7 182.161.73.142 55569 (CRITEO-AS...)
3 182.161.73.136 55569 (CRITEO-AS...)
1 52.222.158.9 16509 (AMAZON-02)
1 151.101.65.108 54113 (FASTLY)
9 23.75.85.227 16625 (AKAMAI-AS)
8 23.195.152.23 16625 (AKAMAI-AS)
2 172.64.151.162 13335 (CLOUDFLAR...)
2 3 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.99.194 13335 (CLOUDFLAR...)
2 3 185.84.60.20 198622 (ADFORM)
2 5 54.254.232.172 16509 (AMAZON-02)
4 9 209.54.182.161 16509 (AMAZON-02)
1 13.107.21.200 8068 (MICROSOFT...)
2 2 50.116.239.135 6336 (TURN-US-ASN)
1 3 35.244.159.8 15169 (GOOGLE)
2 2 13.33.88.32 16509 (AMAZON-02)
1 5 104.18.33.19 13335 (CLOUDFLAR...)
2 69.173.144.139 ()
6 12 69.173.158.64 26667 (RUBICONPR...)
1 3 23.106.127.39 59253 (LEASEWEB-...)
2 4 35.190.60.146 15169 (GOOGLE)
2 4 103.231.98.197 62713 (AS-PUBMATIC)
4 4 2.20.137.181 16625 (AKAMAI-AS)
2 2 198.8.71.131 54312 (ROCKETFUEL)
4 23.72.44.196 16625 (AKAMAI-AS)
2 23.36.252.26 16625 (AKAMAI-AS)
2 2 18.136.83.14 16509 (AMAZON-02)
1 182.161.73.146 55569 (CRITEO-AS...)
2 50.16.238.86 ()
1 35.73.78.161 16509 (AMAZON-02)
3 23.106.127.38 59253 (LEASEWEB-...)
1 13.33.88.40 16509 (AMAZON-02)
2 2 209.191.163.208 14744 (INTERNAP-...)
2 2 209.191.163.209 14744 (INTERNAP-...)
6 139.5.84.243 ()
1 2 54.200.135.41 ()
2 2 151.101.66.49 ()
1 1 52.220.229.2 ()
3 67.199.150.85 ()
7 67.199.150.86 ()
1 54.238.120.71 ()
557 94
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
20    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
cdn.ampproject.org
40b6da1645e64147d6f7c35bda4143df.safeframe.googlesyndication.com
92970b96c11ec10c9f747f8df2fc1dea.safeframe.googlesyndication.com
8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
6    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
ads.aralego.com
sync.aralego.com
4    172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.201 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-201.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
23    104.26.2.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
27    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
pagead2.googlesyndication.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
20    13.33.33.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-38.sin2.r.cloudfront.net
cdn.holmesmind.com
19    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
securepubads.g.doubleclick.net
adservice.google.com
2    74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net
www.googletagmanager.com
3    216.239.36.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
d-41239213303798795131.ampproject.net
2    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
11    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
8fc5bb7b-95f9-4b29-b30e-a9efc2ad2d23.t.ssp.hinet.net
4    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
2    18.155.68.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-93.sin52.r.cloudfront.net
adcdn.holmesmind.com
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
5    142.250.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net
googleads.g.doubleclick.net
5    142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net
adservice.google.co.nz
2    18.179.87.8 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-87-8.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
32    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    34.117.219.39 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 39.219.117.34.bc.googleusercontent.com
fp.holmesmind.com
2    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
4    210.59.219.181 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
16    34.96.119.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
8    139.162.40.113 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1453-113.members.linode.com
gocm.c.appier.net
9    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
4    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
25    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
tpc.googlesyndication.com
1    104.16.87.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
11    34.246.45.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com
a.teads.tv
1    52.77.135.113 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-135-113.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
19    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
10    68.67.161.182 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    52.196.5.119 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-5-119.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    13.33.33.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-78.sin2.r.cloudfront.net
rules.quantcount.com
9    142.250.4.104 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f104.1e100.net
www.google.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
2    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
partner.googleadservices.com
3    20.212.157.225 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bi.adpushup.com
4    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
4    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
4    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
www.googletagservices.com
2    34.83.125.63 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.125.83.34.bc.googleusercontent.com
um.simpli.fi
49    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
cm.g.doubleclick.net
13    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    202.232.238.37 (Itabashi-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    35.74.84.83 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-74-84-83.ap-northeast-1.compute.amazonaws.com
google.dap.fw-ad.jp
2    68.67.178.10 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
8    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
8    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
2    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
2    202.241.208.100 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
4    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
9    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
3    67.199.150.81 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    150.95.47.242 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-242.a00c.g.jpt1.static.cnode.io
sync.dsp.reemo-ad.jp
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
1    183.79.249.252 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
cksync.yahoo.co.jp
2    64.74.236.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    103.3.63.48 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li819-48.members.linode.com
a.c.appier.net
1    18.180.4.123 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-4-123.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
12    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    35.76.245.45 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-76-245-45.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
4    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
7    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    52.222.158.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-9.cdg52.r.cloudfront.net
public.servenobid.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
9    23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
8    23.195.152.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-23.deploy.static.akamaitechnologies.com
contextual.media.net
2    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.99.194 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
3    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    54.254.232.172 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-232-172.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
9    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
jp-u.openx.net
2    13.33.88.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-32.sin2.r.cloudfront.net
cr-p3.ladsp.com
5    104.18.33.19 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
2    69.173.144.139 (None, )

ASN- ()
pixel-eu.rubiconproject.com
12    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    23.106.127.39 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
4    103.231.98.197 (Japan)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    2.20.137.181 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-137-181.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    23.72.44.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    23.36.252.26 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com
cs.media.net
2    18.136.83.14 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-83-14.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    50.16.238.86 (None, )

ASN- ()
cs.emxdgt.com
1    35.73.78.161 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-73-78-161.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
3    23.106.127.38 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
1    13.33.88.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-40.sin2.r.cloudfront.net
cs-rtb.minutemedia-prebid.com
2    209.191.163.208 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ce.lijit.com
2    209.191.163.209 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
6    139.5.84.243 (None, )

ASN- ()
dsum-sec.casalemedia.com
2    54.200.135.41 (None, )

ASN- ()
dpm.demdex.net
2    151.101.66.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    52.220.229.2 (None, )

ASN- ()
cm-supply-web.gammaplatform.com
3    67.199.150.85 (None, )

ASN- ()
image4.pubmatic.com
7    67.199.150.86 (None, )

ASN- ()
simage2.pubmatic.com
image2.pubmatic.com
1    54.238.120.71 (None, )

ASN- ()
usersync.gumgum.com
Apex Domain
Subdomains		 Transfer
67 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
528 KB
57 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
40b6da1645e64147d6f7c35bda4143df.safeframe.googlesyndication.com
92970b96c11ec10c9f747f8df2fc1dea.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
550 KB
39 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
csm.as.criteo.net — Cisco Umbrella Rank: 15767
1 MB
32 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 147046
fcm.holmesmind.com — Cisco Umbrella Rank: 161307
c.holmesmind.com — Cisco Umbrella Rank: 106536
adcdn.holmesmind.com — Cisco Umbrella Rank: 144780
ad.holmesmind.com — Cisco Umbrella Rank: 95735
fp.holmesmind.com — Cisco Umbrella Rank: 142605
111 KB
31 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 922
fastlane.rubiconproject.com — Cisco Umbrella Rank: 439
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel-eu.rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 861
token.rubiconproject.com — Cisco Umbrella Rank: 544
pixel-us-east.rubiconproject.com Failed
55 KB
25 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 691
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 20361
ads.as.criteo.com — Cisco Umbrella Rank: 15481
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 16096
gum.criteo.com — Cisco Umbrella Rank: 390
dis.criteo.com — Cisco Umbrella Rank: 631
82 KB
25 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 44139
gocm.c.appier.net — Cisco Umbrella Rank: 1971
a.c.appier.net — Cisco Umbrella Rank: 13802
4 KB
24 bg3.co
www.bg3.co — Cisco Umbrella Rank: 99821
static.bg3.co
17 KB
21 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 662
image8.pubmatic.com — Cisco Umbrella Rank: 561
ads.pubmatic.com — Cisco Umbrella Rank: 458
image4.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
29 KB
19 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 723
11 KB
17 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15170
e3.adpushup.com — Cisco Umbrella Rank: 16671
campaign.adpushup.com — Cisco Umbrella Rank: 29370
aplogger.adpushup.com — Cisco Umbrella Rank: 16187
bi.adpushup.com — Cisco Umbrella Rank: 17664
313 KB
15 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
4 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 353
326 KB
14 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
5 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
7 KB
13 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 491
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
dsum-sec.casalemedia.com
dsum.casalemedia.com
11 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
secure.adnxs.com — Cisco Umbrella Rank: 426
acdn.adnxs.com — Cisco Umbrella Rank: 579
28 KB
13 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 554
eb2.3lift.com — Cisco Umbrella Rank: 339
15 KB
12 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1592
public.servenobid.com — Cisco Umbrella Rank: 3158
8 KB
11 media.net
prebid.media.net — Cisco Umbrella Rank: 1201
contextual.media.net — Cisco Umbrella Rank: 535
cs.media.net — Cisco Umbrella Rank: 1349
17 KB
11 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13712
u.openx.net — Cisco Umbrella Rank: 656
us-u.openx.net — Cisco Umbrella Rank: 407
jp-u.openx.net — Cisco Umbrella Rank: 10594
7 KB
11 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 84382
8fc5bb7b-95f9-4b29-b30e-a9efc2ad2d23.t.ssp.hinet.net
12 KB
9 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
aax-eu.amazon-adsystem.com Failed
5 KB
9 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 899
x.bidswitch.net — Cisco Umbrella Rank: 281
4 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
5 KB
6 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1720
ssbsync.smartadserver.com — Cisco Umbrella Rank: 807
rtb-csync.smartadserver.com
2 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27807
sync.aralego.com — Cisco Umbrella Rank: 2762
3 KB
5 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 150757
1 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 862
ap.lijit.com — Cisco Umbrella Rank: 599
2 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 540
572 B
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
189 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 917
pixel.quantserve.com — Cisco Umbrella Rank: 664
cms.quantserve.com — Cisco Umbrella Rank: 615
11 KB
4 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 73497
1 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9020
46 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 582
1 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
430 B
2 everesttech.net
sync-tm.everesttech.net
634 B
2 demdex.net
dpm.demdex.net
2 KB
2 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1324
usersync.gumgum.com Failed
2 KB
2 emxdgt.com
cs.emxdgt.com
133 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
2 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 695
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25501
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 708
866 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 471
479 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 587
cdn.indexww.com — Cisco Umbrella Rank: 1490
2 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 531
1 KB
2 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2606
1 KB
2 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 8225
1 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6521
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 883
2 KB
2 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 11526
615 B
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5115
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 752
1 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
1009 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 881
785 B
2 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18067
creativecdn.com Failed
344 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
78 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 669
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 16217
10 KB
1 gammaplatform.com
cm-supply-web.gammaplatform.com
746 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 495495
cs.minutemedia-prebid.com Failed
5 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 241
668 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3567
418 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 16779
512 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3496
459 B
1 yahoo.co.jp
cksync.yahoo.co.jp — Cisco Umbrella Rank: 2972
622 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 13880
573 B
1 reemo-ad.jp
sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 133976
402 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 4090
641 B
1 fw-ad.jp
google.dap.fw-ad.jp — Cisco Umbrella Rank: 139648
568 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 68712
716 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 847
633 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1371
520 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
2 KB
1 ampproject.net
d-41239213303798795131.ampproject.net
0 e-planning.net Failed
ads.us.e-planning.net Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 betweendigital.com Failed
ads.betweendigital.com Failed
0 1rx.io Failed
sync.1rx.io — Cisco Umbrella Rank: 519 Failed
0 krushmedia.com Failed
cs.krushmedia.com Failed
0 bfmio.com Failed
sync.bfmio.com Failed
0 33across.com Failed
ssc-cms.33across.com Failed
0 iqzone.com Failed
cs.iqzone.com Failed
0 sharethrough.com Failed
match.sharethrough.com Failed
0 id5-sync.com Failed
id5-sync.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 mookie1.com Failed
odr.mookie1.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 disqus.com Failed
ssp.disqus.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
557 101
Domain Requested by
49 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
www.bg3.co
8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
eb2.3lift.com
u.openx.net
onetag-sys.com
ads.pubmatic.com
g2.gumgum.com
32 static.criteo.net cdn.holmesmind.com
cdn.adpushup.com
static.criteo.net
ads.as.criteo.com
27 pagead2.googlesyndication.com cdn.ampproject.org
securepubads.g.doubleclick.net
www.bg3.co
tpc.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
www.googletagservices.com
25 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
pagead2.googlesyndication.com
23 static.bg3.co www.bg3.co
20 cdn.holmesmind.com ads.aralego.com
cdn.holmesmind.com
ad.holmesmind.com
19 onetag-sys.com 4 redirects cdn.adpushup.com
onetag-sys.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
16 ad2.apx.appier.net 8 redirects www.bg3.co
15 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
13 match.adsrvr.org 12 redirects cdn.adpushup.com
13 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
12 eb2.3lift.com 4 redirects cdn.adpushup.com
eb2.3lift.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
11 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
ads.pubmatic.com
g2.gumgum.com
ssbsync.smartadserver.com
cs-rtb.minutemedia-prebid.com
10 ib.adnxs.com 7 redirects cdn.adpushup.com
acdn.adnxs.com
10 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
9 s.amazon-adsystem.com 4 redirects eb2.3lift.com
onetag-sys.com
www.bg3.co
ssum-sec.casalemedia.com
9 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
9 ups.analytics.yahoo.com 8 redirects onetag-sys.com
9 www.google.com tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
9 bidder.criteo.com static.criteo.net
cdn.adpushup.com
8 pixel.rubiconproject.com 2 redirects onetag-sys.com
www.bg3.co
eus.rubiconproject.com
8 contextual.media.net cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
8 sync.mathtag.com 8 redirects
8 x.bidswitch.net 6 redirects onetag-sys.com
ads.pubmatic.com
8 gocm.c.appier.net 8 redirects
7 csm.as.criteo.net ads.as.criteo.com
6 dsum-sec.casalemedia.com ssum-sec.casalemedia.com
6 e3.adpushup.com www.bg3.co
6 adservice.google.com cdn.ampproject.org
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
g2.gumgum.com
5 adservice.google.co.nz securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 googleads.g.doubleclick.net cdn.ampproject.org
pagead2.googlesyndication.com
www.bg3.co
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 image2.pubmatic.com ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
4 secure-assets.rubiconproject.com 4 redirects
4 image8.pubmatic.com 2 redirects onetag-sys.com
ads.pubmatic.com
4 id.rlcdn.com 2 redirects onetag-sys.com
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
4 us-u.openx.net 1 redirects u.openx.net
4 cat.sg1.as.criteo.com ads.as.criteo.com
4 www.googletagservices.com googleads.g.doubleclick.net
8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
4 ads.as.criteo.com googleads.g.doubleclick.net
8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
4 rtb.jp2.as.criteo.com www.bg3.co
4 adpushup-d.openx.net cdn.adpushup.com
4 prebid.scupio.com cdn.holmesmind.com
4 c.holmesmind.com 2 redirects cdn.holmesmind.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 simage2.pubmatic.com ads.pubmatic.com
3 image4.pubmatic.com onetag-sys.com
ads.pubmatic.com
cs-rtb.minutemedia-prebid.com
3 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 bi.adpushup.com www.bg3.co
3 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 rtb-csync.smartadserver.com ssbsync.smartadserver.com
2 cms.quantserve.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 ap.lijit.com 2 redirects cs-rtb.minutemedia-prebid.com
2 ce.lijit.com 2 redirects
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 pm.w55c.net 2 redirects
2 cs.media.net contextual.media.net
2 p.rfihub.com 2 redirects
2 pixel-eu.rubiconproject.com onetag-sys.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 ad.turn.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 b1sync.zemanta.com 2 redirects g2.gumgum.com
2 sync-dsp.ad-m.asia 2 redirects
2 dsp.adkernel.com 2 redirects
2 rtb2-useast.e-volution.ai 2 redirects
2 tg.socdm.com 2 redirects
2 s.uuidksinc.net 2 redirects
2 secure.adnxs.com 2 redirects cs-rtb.minutemedia-prebid.com
2 ipac.ctnsnet.com 2 redirects
2 um.simpli.fi 2 redirects
2 partner.googleadservices.com pagead2.googlesyndication.com
2 aplogger.adpushup.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 prebid.a-mo.net 1 redirects cdn.adpushup.com
cs-rtb.minutemedia-prebid.com
2 prebid-asia.creativecdn.com cdn.holmesmind.com
2 fp.holmesmind.com cdn.holmesmind.com
2 ad.holmesmind.com cdn.holmesmind.com
2 adcdn.holmesmind.com cdn.holmesmind.com
2 fcm.holmesmind.com cdn.holmesmind.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 delivery.adrecover.com www.bg3.co
1 usersync.gumgum.com g2.gumgum.com
1 cm-supply-web.gammaplatform.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
1 g2.gumgum.com public.servenobid.com
1 dis.criteo.com contextual.media.net
1 c.bing.com eb2.3lift.com
1 js-sec.indexww.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
cs-rtb.minutemedia-prebid.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 cc.adingo.jp 1 redirects
1 ds.uncn.jp 1 redirects
1 a.c.appier.net 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 cksync.yahoo.co.jp 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
1 im.bluevoox.com 1 redirects
1 sync.dsp.reemo-ad.jp 1 redirects
1 aid.send.microad.jp googleads.g.doubleclick.net
1 google.dap.fw-ad.jp 1 redirects
1 sync.fout.jp 1 redirects
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 prebid.media.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 8fc5bb7b-95f9-4b29-b30e-a9efc2ad2d23.t.ssp.hinet.net www.bg3.co
1 92970b96c11ec10c9f747f8df2fc1dea.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 40b6da1645e64147d6f7c35bda4143df.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 campaign.adpushup.com www.bg3.co
1 d-41239213303798795131.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
0 ads.us.e-planning.net Failed cs-rtb.minutemedia-prebid.com
0 bh.contextweb.com Failed cs-rtb.minutemedia-prebid.com
0 ads.betweendigital.com Failed cs-rtb.minutemedia-prebid.com
0 sync.1rx.io Failed cs-rtb.minutemedia-prebid.com
0 cs.krushmedia.com Failed cs-rtb.minutemedia-prebid.com
0 sync.bfmio.com Failed cs-rtb.minutemedia-prebid.com
0 ssc-cms.33across.com Failed cs-rtb.minutemedia-prebid.com
0 cs.iqzone.com Failed cs-rtb.minutemedia-prebid.com
0 cs.minutemedia-prebid.com Failed cs-rtb.minutemedia-prebid.com
onetag-sys.com
0 match.sharethrough.com Failed ssbsync.smartadserver.com
cs-rtb.minutemedia-prebid.com
0 id5-sync.com Failed ssbsync.smartadserver.com
0 creativecdn.com Failed g2.gumgum.com
0 cs.admanmedia.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 ad.360yield.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 match.deepintent.com Failed g2.gumgum.com
0 sync.technoratimedia.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 sync.ipredictive.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 sync.srv.stackadapt.com Failed g2.gumgum.com
0 odr.mookie1.com Failed onetag-sys.com
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 ssp.disqus.com Failed public.servenobid.com
cs-rtb.minutemedia-prebid.com
0 sync.go.sonobi.com Failed public.servenobid.com
cs-rtb.minutemedia-prebid.com
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 rtb.mfadsrvr.com Failed contextual.media.net
cs-rtb.minutemedia-prebid.com
0 sync.targeting.unrulymedia.com Failed contextual.media.net
public.servenobid.com
g2.gumgum.com
0 hb-api.omnitagjs.com Failed cdn.adpushup.com
557 164

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
*.google.co.nz
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-26 -
2023-10-27		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2022-10-05 -
2023-11-06		 a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2022-11-04 -
2023-12-03		 a year crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-02-10		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh

This page contains 82 frames:

Primary Page: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Frame ID: BF545200B69A9C27B19A2ED3CF943D2C
Requests: 104 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 358828966B726B9585DE32DF6011A984
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 909B7901A806FDB85086948D877EF6DF
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 769E8F697D42E34EC2E10846FDB296B2
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: E506C7348E8A54209CA8740AF9364A86
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 20433F58CD02CA130BA21C4D10219A60
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: CA6FA446D6A5E44D74E020C1AFD085C5
Requests: 25 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: FFC197626204167B86C45001676F8804
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 8510FBC8F6E9B3816FF20CC2C293B341
Requests: 24 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 7F769C9C2C2EC1E59A08FC8F06CEEB6E
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 2E6A0DE78C47A224F44314D15DD65D00
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-90762489445132849&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3462&oid=2&is_amp=5&amp_v=2211042305000&d_imp=1&c=87313005158&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&ga_hid=5158&dt=1668586082938&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&bdt=4519&dtd=794&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 04398962ED9594DEA8787194E520656B
Requests: 1 HTTP requests in this frame

Frame: https://40b6da1645e64147d6f7c35bda4143df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7BB306A2BB0135CFDDEA9ACA1F54ADCB
Requests: 1 HTTP requests in this frame

Frame: https://92970b96c11ec10c9f747f8df2fc1dea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 507C922009EC2210191CF8570819A5FF
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=933-wRRS8LeNJ5cjrPnsjHeLX3cw9byQeVKz&CFFPCKUUID=6902-gHTlrNNUXmF8MQPhl5xfwGyImbmw15qO&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&maindomain=www.bg3.co
Frame ID: BBBF10445C5F8A4E3DEA4B3A4C2384CA
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=933-wRRS8LeNJ5cjrPnsjHeLX3cw9byQeVKz&CFFPCKUUID=6902-gHTlrNNUXmF8MQPhl5xfwGyImbmw15qO&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&maindomain=www.bg3.co
Frame ID: 1A41D4F09BA25534AB6B4B1C94D456B6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 934B672A97E27CDD22407A2FB7ACC164
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 20645F3B92A45706B0DBC41AC9D8D061
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7FC8F1F18C6180BC9F81D575CE049B87
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BB403ADD13927E6A64A6E35D57D52F39
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 040F831AACF61DF5E7F6BC61C2329130
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FE4FE1A4F5BBB538A086BA4DA4360530
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Frame ID: 77568FADA4B5670CE79B4EE561123C56
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086898&bpp=13&bdt=1268&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=1&ga_vid=1073885939.1668586088&ga_sid=1668586088&ga_hid=1140736577&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C44774649%2C42531705%2C44774653&oid=2&pvsid=3790493250117055&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17ayy7jn3lqg&fsb=1&dtd=786
Frame ID: 2ACC63D51603C2F2B98E39C33BAAD27A
Requests: 1 HTTP requests in this frame

Frame: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E6C9EC197E24C370577AD55F0D9D2AE9
Requests: 1 HTTP requests in this frame

Frame: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2ED3D2A691A35C60DF8A670F28A1B8C1
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: C6DD968D37A2099458961FC578942428
Requests: 12 HTTP requests in this frame

Frame: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F34503DCC111B0894FAEDEAC84E81DC7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Ch-vxaJp0Y7uDAp2p4t4P0uiY4AyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLbGiioZ7emPqgDAaoErwJP0ETw6bJtFrLIPvDBtK3MgT93TzDH6Vg8L4aNrkxu8O5Jb3-5AZSpDqFJ4cRFxAmIVMCP-NQIu8MutEQwnf2REjdPsc0UY4OHvw8_h2F6jDistv2zKSwy3tMPyvLZ1lNoYIhv7qILo7gbaoZXiQut8oo1CGrZlcd2MyM3JWrDMm_jXudzi4IjnF7SpTrPQWDQZU8nvDbvVOfNnEFaU3CAQecrQSf2YtNTH4JZUivgE5yTiyGXebFEEf-fiOWAgGqMTuHpusTn_Q9-e-_87tOF3DEZRGn7pidDajQAvHPDFv6QFOTLwyEkDPPhc8DVErQ7ifak_d6PR22-YZb5-xWpalZMUyIu-rSrzl_aPVac6OXYr2dzDObu_2fwGfNWsNfRhIYI7oeXcq42GwPIIWuABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=8ngRXy5MIJU&uach_m=[UACH]&cid=CAQSKQDq26N9wMw18YdKluwFdZab7EQzi4OOzEOTZ5Xv0P-PAIpjo9_n0fe6GAEgEw
Frame ID: CDE8322A651FE2C08B2C577321ED840E
Requests: 7 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAAAgbsF2JSdAAY0UsD2bYVIX52lEbwRpw&u=%7CblmW%2B78xYvO24PU1HIGV1U7CxfbgFPl3LU%2F4HOoIbxE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ6rMIWIpO3VPTJB-7wGvYWpdkgDChUYiXiEFK6UyuzkIpIwcpt8LJlclC9iAi5V4hYqRLeTnPUkgCaxtd-mTlzNhcQsnelFo2u3pgtc7DDEfDra2eFd6PENR_ysBcl1MWyADBZ_o7NnGdP2ZKElygrUEd7ekPoo11uslaXVOyXMRG5_KOSUitm5NY_6TfmPTc78QrhTnpYqxSAJArIVtj4zJooCScIvRgbODqFO5kX_wmrpA7WJEKnrmPPxw_A26uIM1kktSX_2sB0vshhqNpBo2Qwoc8tIFno53jlaDu5l380VCwgiQknJT9T99-MWS9c34qo1jfNloq-A5KNyXybd5w1I2KD84KXPyJMS7YgxlNksn2PHlxFqYszmNnD7iHFg97czokVJATBBiAdxS5klDT83mbM92OcXBZvqZ_o4i-wd7Kj6HW1A0l5rkAFyMz_zYHZUz1nklT7jNGtw5R_bBen_93xDO6NyENDBTP3wMEzdMTmB7YG-1bO77BLLPcuKdACLSptBzPC-wj2UGBGIw2tiBf0_1Sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbjbRaJp0Y7uDAp2p4t4P0uiY4AyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLbGiioZ7emPqgDAaoEsgJP0ETw6bJtFrLIPvDBtK3MgT93TzDH6Vg8L4aNrkxu8O5Jb3-5AZSpDqFJ4cRFxAmIVMCP-NQIu8MutEQwnf2REjdPsc0UY4OHvw8_h2F6jDistv2zKSwy3tMPyvLZ1lNoYIhv7qILo7gbaoZXiQut8oo1CGrZlcd2MyM3JWrDMm_jXudzi4IjnF7SpTrPQWDQZU8nvDbvVOfNnEFaU3CAQecrQSf2YtNTH4JZUivgE5yTiyGXebFEEf-fiOWAgGqMTuHpusTn_Q9-e-_87tOF3DEZRGn7pidDajQAvHPDFv6QFOTLwyEkDPPhc8DVErQ7ifak_d6PR22-YZb5-xWpalZMUyIu-rSrjF37r7NSYZsnJhbt57B0PE7kE2Rcns85DHVedE4pbIIu_OhZX5TfQAmABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_11iSGEiHkuV2W4zLPslF2jPHNf-w%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 77E2AE9664EFC998350CDB05E6D9F533
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E42B8F831FE9F6947BA592FED687CE8A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CbaJEaJp0Y_SYB-aL3LUPqoOiwAGY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoEqQJP0LEKsYusBraWHVbla6Ndk_UN9ds7QNOqKPxCW8-w7igLPXXW1ERoR09mN3I3I-1qPPo5AmMHAZIiqAZwOqZG6CGsMuPVd6uwYEnUZMxkkqaq7D6bmwPzX3wS7iYLrLnRSwkOsEglrD5oHRVgOBLjtk_UI4gnFcjTJmVRMQWAs3cBk8kQSSJY8LiWMB8NlixubnZL-HYnOrHMHBqOeCZ5yCRwnDvGTNQXgRAl6vH7hnAGzMkLYIPSkyEon7sQpYx4Y3ZHXMDVG-WacFeGZLPvPlRMP9dAE-L96jKdzjVHydfPy31u7J22qzQImLheTar9hjtSmuE04ZqalCTQUGdGf0BL9Zgu3WUBdjvyMxb9K_U-cqdJpbDfHt1Lw-6RMA9ZSrjbA7bXQQGABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=EfqHiOREgbU&uach_m=[UACH]&cid=CAQSKQDq26N98vDewrh3DiCiwUyZTfvSp6_3xlnGEOH59hAtyQP0hNohnrCvGAEgEw
Frame ID: 204BD926F07793CBB94FAD2166D216E9
Requests: 8 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAABzHQAtwXmAAiBqqtNWPCza_pntPmsng&u=%7CblmW%2B78xYvPawCxrpeal7UTb09aAfF9iI%2Fs1zCHTEag%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ_tIQWD71p_2W1r8IqVsJs-X3wyLFBDZ6KMSsjCGnrGc31W2HJq0Sdca2sN42hnwg8xDTJ_SxgyVB5G6ScC75IvqzQCH_Glt1yX0I5wRll4BHkvNu_9FcDbH1gclZOc8w5mqWkmXHEsOqpGG5S4nzkO4FPTXkAvzrKASyrP-ub5nPqDUPsVvFsYG1T8BY7swzp0ainFahwY2llACrbCchusi1Jr186aq36da4XH7vo1dFRR1UNgi-67vyJ1HPtEnNUUWkSa-UQe7XuwNzcBuapuSNy9pWa9jpCBMgUuwwnoyi8QRoDRtf7gqHm9oBVF21TVPcGZCwTMC7AOaBX7ZSTzijXkdfXz_BxY2xyTdTOu40cTfA45r8t4h0_-pBs6hF8d9YhYGjrzbkWB39Fg6dgu_5-UjpqyK9hjTGqTDH5hTFGgeIEnmbwotSax1mugqwxSC6_-_PIPm3VvS1TvRMc5BVZThem4WtnWljXprgAtplUMsbC4JHjnUsULBBZjbwjqBQ_V9DfGy9Z9hq2EE5ngsMsRm7Wptrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOJwgaJp0Y_SYB-aL3LUPqoOiwAGY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoErAJP0LEKsYusBraWHVbla6Ndk_UN9ds7QNOqKPxCW8-w7igLPXXW1ERoR09mN3I3I-1qPPo5AmMHAZIiqAZwOqZG6CGsMuPVd6uwYEnUZMxkkqaq7D6bmwPzX3wS7iYLrLnRSwkOsEglrD5oHRVgOBLjtk_UI4gnFcjTJmVRMQWAs3cBk8kQSSJY8LiWMB8NlixubnZL-HYnOrHMHBqOeCZ5yCRwnDvGTNQXgRAl6vH7hnAGzMkLYIPSkyEon7sQpYx4Y3ZHXMDVG-WacFeGZLPvPlRMP9dAE-L96jKdzjVHydfPy31u7J22qzQImLheTar9hjtSmuE04ZqalCTQUGdGf0BLt5oPT4DP_0UNumdjwKOksY5dryfVMMWjSx3HqsbnVJTD5F1GP_7kAF6ABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jUKfOYsExZtq831yQ7aQzggYRUg%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 9592DEE18D4C654970E059411B93E2D1
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2DC43BD7A35A402E384EAFFE554FDB85
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gEAtwC6AAsSxfubE1LfGQ7f6y4rpg&u=%7CblmW%2B78xYvNkhjutpKRiURwKzKJC7DItMzuXhjAm6pQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ2hC4uILZowBu82gW3RQjlaCA8zLvbqJSJI_JvLXwEi_Pv9EjEa0_9fV8l4HQQ4doblKx8F-gi16YXtAnpL6EARASuKUoPu3W5BmUbg-UthZyfjpVKB99pYNG72EcQ2q1EKpYWBoyPdk3j2k5DxwwMf9NdyyfwgvqoB_R7vCsuXQFZb_ckER_v7ASc4JpBMvYwg_LJBpyHOigNi2SrBheXsN_2_mgBlbB6wBBxocBqPXpLXJj4pRiEiLkYUEUlZd5wJLZg66nt5gfw5nHDDAo9VvZEHILtr2eF6iBx3Yn-T_LSfes6pMNiFFk0ekpXcDyp9hBtz_eVHLiLloOqfgGQ91XpiTd9qx_g--YiTgDAJI-JVRHTvGYNT61OdO3DOD7SlbG_BzPtqB8oU67HFVmPI6Um7HUpoQ82iLIkey7uM73z9lBU7a0EhvK3-om1WT0hYcj7v5qEaGCmViVj57vzEtHJ0nYcuRctZx3fndIxmocKY4j30AK4IyfYRaPKzDbahSEJxzOu6f9cNky_lAieTCb6s8DvAgGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8DswZ5p0Y4H0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0HeA1i-9H03YZF83negqWVk5cOZMiYkudDb9xv1TV1X470RvDuRbFZb0vJKsIau0GqTX1CMo9gQO7l2p29YSGmEqOwVxcgbVB6ByeHzOvPgFU2Sz__7NQSTergn8II7OtnYT4aM3lRGD4E7KIQCOo0QT1IPbVSb27FDPFcUKdqZWKxldNcbz-pn4NEjqfV00oUZY8aA-sJfYadIR7L4zKC9-rjTagddcK4x014oONE62b3TeAYx_adMxty0LepJxJOlmUrVaI5hJEVPplDaTZM-NMD2wi6RxrfNpeZc35hZyHCtd6Jwk3yIHtzA4jVsSCg07syBNZMq7Own_iXNkVxtk8Ulc4iQ5jcLu1wJNJgTmeSZG6E8xdEqR8VpZIPTOBVmA__SCe3y4_otZ-r1JEeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2WYjISZ1C26wiStbOesW--5-IUNA%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 8E7E005D5CA045AF803ABB8693C3A900
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 33F53CB67665860B8437CE4B698B46C8
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gMAtwC6AAsSxaYFdrm8_yLTpTZ4sA&u=%7CblmW%2B78xYvNAZpfMoUi1BFqHroYVOEuwtsurV78kMoI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zHjxxn8QOSnCLs94eSnhCcxkqZtjNT8J_YrFxmMU_QqiIRqflQukMcO9O313gJ0njLAq173viBnuE4Mj4T0dE_k4mjCCWYvwxZjcklq86-BRkIuwrN11ZfSdKQn7RaXCMITkPk4UNZNRWTjq1R78I7Da2j2rQLgYSfpjez6aZWZvPuzqlgm6xZsxVI4qEBQPS3FJcGtNu4P8iwSvD2A_7Or644swb-us3Yg6MpA7DnYbD-5zqyx_S74zLnk3l13pF3QKgIEZnxDq19QTP4jLlE5dzvn-lmgivTQH0PtwfrAAdB4CHp1sJIvqlm0Z2-X6NAkFqbiIzy170ptkG-61husG7e7dS7H70eo4ilg1JigJ3jf_QmZ6NiYKvj6Et6tC5Towyn3R9HPV2eG46Q2ZPa4LYC9Rilovrs8dwuML5lu34SndOYn8Gckian0JBrsc5QG9iJzodDofOEVcwxZmmvSHfFHsDx8NwKP52LZnwHZcM7lNP9E7sA8weBCn-ifRQjPsaWs725xzxnf6qV4w4NbRiyEGIdtWufVUFlMbVwQKkhpaknQwCE0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt6dZ5p0Y4P0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0EESNkteSCRvuU18a-qFkAvEoeMAJ2LjBZE2uenJ-YckC4rX91kjLDrP1cYqoQljhZAeMlGaXoKV1BJVOmLv4xZyabv9ERZGrV3sVJkvWxYidtuT8c2Iwk1W9EX0iIj0wn8svMoW8TomkVaTv_3oIv9K40zyYo0loJ3A3AHPjNz0yNs1f91ixvpPYVWplARzog8slXtIj8Ih0lhNx3G8PkrEdPboCVJnF80y9SQNzQZ1U-yKm9SL-WhACp_wocGhRmfxSTGjbCSFbhrPvbLCWa095jSQVXXx2QBQnN6L95G7Ls77-uMdO_tY5GWjKTg0ikqeZituz4HNgsOXPyiuMSuFGWHsP6sNl42IJueilpTnBk1N76H6wVRWT8zpDkHxU4vBjgKmmxkgAjN1MCXnFeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3RUFt0DMfVnw_MjWinYwqxf_CptQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: DA9D2C00BC8CF2DB95A551DB7C5D2605
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A5560619D55191BF583A0A77FB4BC634
Requests: 9 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: F73CBF3D2EBB4278A5DF0558A622F0A5
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9869D870CC96C25BFED1AB79DCCEDA43
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: AD8C646D514825219D00D94AA8FB2D64
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 9944C47D6DC49C9DC8B91169AE29B9F4
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1668586086626
Frame ID: E8501F44AD76B9C3113C1F5DCCE2F3B8
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2132140B357435A9A336C6CB76503655
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: DF6213678156ECC4770858421C971D44
Requests: 14 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A073DE6D1E30101D052D637CC500A018
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 2F986397D8F61AE5F27207176576D6E6
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 89269BB7CA7D6941AD5AE569BDE7900C
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3115876917443742000V10&type=rkt&refUrl=&vid=85860917083115876917443742000V10&ovsid=1977432090496657568
Frame ID: 46AB0223D365CB23DAE1DF05A97DD801
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D85860917083115876917443742000V10%26ovsid%3DPM_UID
Frame ID: 54D9F5308C23857A4C1ACA0E5BF05DD7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7AA00B4D443F6ED3ED10FB7BEBA3F304
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C165DD83506CA5B1A9FB3489D5849BB2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C0A4524E637A8670E0880CDD4D61C382
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45E1A562549A98D346A7A4B01FC569FB
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: B189F7DDE3A751D264EB94257FC857C7
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 34E0C4B5DC7F61C9D2FCBEAC907D5292
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: B9C354D3040CA1FC27591939A3709797
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 33B89B33B059243253856E0243CAC805
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: EFBB415D498E41F0C7DB5EE65339762C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 8C0A159B1B38D428B1B1B49931BF4F9D
Requests: 10 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 00206C53300F31373CD0E1332FD97330
Requests: 27 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=6283F2D0-C982-4E1F-8433-BF8A6CE93024&gdpr=0&gdpr_consent=
Frame ID: 75317242AD3B30A5F44A3B58FDFD2334
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
Frame ID: AB3D151C80C75D8A545C708E36798243
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Frame ID: 4E9C799566AECC72DA4C10B8E0B888F3
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 62456653580CE03A588CB98077DED08E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rQxK66JeS-m2BkTmqlpQ7KMGSuy2W0S5-ln__IdE
Frame ID: E7B0F29B127711DDA8C03401038E1A5B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6748777306024888295&gdpr=0&gdpr_consent=
Frame ID: 83CDA0D7CC3955699BA526011D9D2DD3
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=6283F2D0-C982-4E1F-8433-BF8A6CE93024
Frame ID: 95AF43F3BF605C891BE295D84D9960A3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: F6AF688F1E2BACFD94FD083F333E8807
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=a305cbb0-ee0e-46fb-b1a3-d86687548c2e
Frame ID: F61998D04EA3189C003F7C7632607466
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
Frame ID: 69B22D646500C204909DB0704C0FEDEA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y3SabQAAAYTuAgAr&gdpr=0&gdpr_consent=&_test=Y3SabQAAAYTuAgAr
Frame ID: 43E224A83B818F8155D88D64553BC4F8
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9jZTBkMDRlOC0wOTQ4LTQ5YzgtODQyMC00MDZlMjk1NzAwYzM=&gdpr=0&gdpr_consent=
Frame ID: 31A77B209A85EA77B2B865368BD88EDC
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: F62BCABD3DC0CBDC370161A7F3E4E506
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y3SaacCo5sIAAEp3HzsAAAAA
Frame ID: 43B4BE7AFA3205FEEB652A4159D049D9
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Frame ID: CCB8FB4BF07721B475FE9B1BEE182A89
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y3Saa33QhgtoJZ4KQlomnwAA%264729
Frame ID: A8D7126CBB7F19E6CE63CAEE53D4B742
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: AD37854828C7FBD09ACAE0B10051F617
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 082FB27261F0087D35C6DCC9FA85874E
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: ACC252BDA380D5771C3FEA7ED30803B6
Requests: 12 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Frame ID: B5833BDEEA5D666F4661924E5AA193A4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: AC1D0D83DB1B1CBD1BA75F7E99BE9FB4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

私密處分泌物, 原來這樣是異常的!10種實用保健法 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

557
Requests

67 %
HTTPS

0 %
IPv6

101
Domains

164
Subdomains

94
IPs

10
Countries

3682 kB
Transfer

8764 kB
Size

128
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Request Chain 65
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 67
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 117
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=F4j7polEDeawTFcYZZp0Yw
Request Chain 118
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=tHBSeXvHCJ2pZwBIZZp0Yw
Request Chain 119
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Y4mntHZmClyi1tVQZZp0Yw
Request Chain 123
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=AS869s0EAOi_M8qbZZp0Yw
Request Chain 124
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=5o-8IJB8AgK7fiMVZZp0Yw
Request Chain 125
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=prfpfioaCUCQW4suZZp0Yw
Request Chain 126
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=1ym1LQtuBXCBmIbSZZp0Yw
Request Chain 127
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=efYXQIJgDpCxp_5DZZp0Yw
Request Chain 235
  • https://um.simpli.fi/gp_match?google_gid=CAESEGwKLhT2Z5EsSC0h__ixaP8&google_cver=1&google_push=ASkJ3FatWPW5nHPatjWNK8QPwYNPvvfL7xeuGZEip2cVkNTwJ2HonE7I8GhyuColnVHOeWt7YREBs8k81xu74FViHkmJaJkLWPE3JyHgVa2Eu2ywmSbwqLAgtK1PJeJ1F6v4JvpgQpZ0l-DI3_3BHWRAsXI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8F8DDC3F656A478BB8086C577919FB8F&google_push=ASkJ3FatWPW5nHPatjWNK8QPwYNPvvfL7xeuGZEip2cVkNTwJ2HonE7I8GhyuColnVHOeWt7YREBs8k81xu74FViHkmJaJkLWPE3JyHgVa2Eu2ywmSbwqLAgtK1PJeJ1F6v4JvpgQpZ0l-DI3_3BHWRAsXI
Request Chain 236
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPxWPToyWWxYyVrDStpbBHw&google_cver=1&google_push=ASkJ3FY4PGRi2H4-kgIp64Y4hL_KV35oVif_VuhbVuqa_0vSRj2Grx760BfaRxafl5ahrp7wAu_w--06i_h4X_4K4XyfxvFr7EcStVGMTCVeHczE1jEP29FnOMU5sGf0Ly2C4ZqHDZL6_0uERWBlXFhqctg HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEPxWPToyWWxYyVrDStpbBHw&google_cver=1&google_push=ASkJ3FY4PGRi2H4-kgIp64Y4hL_KV35oVif_VuhbVuqa_0vSRj2Grx760BfaRxafl5ahrp7wAu_w--06i_h4X_4K4XyfxvFr7EcStVGMTCVeHczE1jEP29FnOMU5sGf0Ly2C4ZqHDZL6_0uERWBlXFhqctg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTMwNWNiYjAtZWUwZS00NmZiLWIxYTMtZDg2Njg3NTQ4YzJl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e
Request Chain 237
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEMiKBRVNTCU3NGLQQO-LdvE&google_cver=1&google_push=ASkJ3FY_V26DBoSDaAsAh2KcrtE8EYYj8xgW3pBcuIsLN1A-S9YFl67pPaZjbpnEExuKdsFjEKm_-v_YQsDhGyy3nOij9QZYoBpezTelooR4occqffnqCsyFvp1QuqgNmMI5Dsdiz-R9yyuKoiT7CmYX2cM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FY_V26DBoSDaAsAh2KcrtE8EYYj8xgW3pBcuIsLN1A-S9YFl67pPaZjbpnEExuKdsFjEKm_-v_YQsDhGyy3nOij9QZYoBpezTelooR4occqffnqCsyFvp1QuqgNmMI5Dsdiz-R9yyuKoiT7CmYX2cM&google_hm=bwpH1LtKRB-S5Z4nxqStD8U
Request Chain 238
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEBNgTp8WiAto2-92WpnSj-c&google_cver=1&google_push=ASkJ3FZ6L7hmaMw9wJavbFRHVQCOUN64wC3khLtX8v7T96z__ygCuqKJLlMvOE8FQYymgT4MVZKaJM90xyN-rUJ-85hIteI_CmESV_C4tSaZJRqaxCTU205BayS86DU15ODXGdZjNmrGZZEz_gHW3xjoPK0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FZ6L7hmaMw9wJavbFRHVQCOUN64wC3khLtX8v7T96z__ygCuqKJLlMvOE8FQYymgT4MVZKaJM90xyN-rUJ-85hIteI_CmESV_C4tSaZJRqaxCTU205BayS86DU15ODXGdZjNmrGZZEz_gHW3xjoPK0&google_hm=M2VXQUZSRWNvTktCT2tiUWh0U25kYWw3d0k0&from_google=pc1
Request Chain 239
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEKIVvYAj6F-UzJZDmfdTa4g&google_cver=1&google_push=ASkJ3Fb6_crkuz4luByG7WtVQ9NJx13u5TF7fXJViD7qif5-uUEUR_TcP2fleT5T4Dxt8gZvyKMlCq_MuJGUYgIdGKJnERdJKRWtTQgTJWMJb5200uqpZluAK4WjJvot2a-MX_CvTa_dVEBeIYcd4_cVi68 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3Fb6_crkuz4luByG7WtVQ9NJx13u5TF7fXJViD7qif5-uUEUR_TcP2fleT5T4Dxt8gZvyKMlCq_MuJGUYgIdGKJnERdJKRWtTQgTJWMJb5200uqpZluAK4WjJvot2a-MX_CvTa_dVEBeIYcd4_cVi68&google_hm=MDZmODZlZDktNmRlNS0zOTI1LWJlNzYtYmM1OTZmOThjZjE1
Request Chain 240
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENqLHSZDyZFf3H3Nx1_7Y9A&google_cver=1&google_push=ASkJ3FbrYLWTIa-w3YDyuhEP77_6_1azv25496QG7UyM3b9pdnllH74zpNQ1kN3HUe5KUxPo206KuXSWxrKVi7Xkgbs-vXoCb5LTp1m-ewUsXaa7lh3fd1PipFU4D9VS9frxvtA9JXi1LlPqjB2EnS5AGRR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njc0ODc3NzMwNjAyNDg4ODI5NQ%3D%3D&google_gid=CAESENqLHSZDyZFf3H3Nx1_7Y9A&google_cver=1&google_push=ASkJ3FbrYLWTIa-w3YDyuhEP77_6_1azv25496QG7UyM3b9pdnllH74zpNQ1kN3HUe5KUxPo206KuXSWxrKVi7Xkgbs-vXoCb5LTp1m-ewUsXaa7lh3fd1PipFU4D9VS9frxvtA9JXi1LlPqjB2EnS5AGRR4
Request Chain 241
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEP8SyI5g9V1RnlZnlvR7S7Q&google_cver=1&google_push=ASkJ3FbeItcYqGYbI5bhSEMVT4W1Yppumvmk1viKrKprc4XUTYg4mfGXMIQIoVfndKTj3oLyxxg_B2KQfpxoRd0W6I3xQe3RAtkquDt7U2CJ1TaMVR9YyK7bNLKRnHDW3NQWTC5KRcuAda1oBoT2HuEeRVdx HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEP8SyI5g9V1RnlZnlvR7S7Q&google_cver=1&google_push=ASkJ3FbeItcYqGYbI5bhSEMVT4W1Yppumvmk1viKrKprc4XUTYg4mfGXMIQIoVfndKTj3oLyxxg_B2KQfpxoRd0W6I3xQe3RAtkquDt7U2CJ1TaMVR9YyK7bNLKRnHDW3NQWTC5KRcuAda1oBoT2HuEeRVdx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=652bab48-9cce-4cc9-a1c8-5d71394c1333&%%GOOGLE_PUSH_PAIR%%
Request Chain 243
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJxMdEQH7gXr_hpcix-zhMY&google_cver=1&google_push=ASkJ3FbKJN1sWAAjKJrzzy0rrCP2QwBHURHTxYlxco-KpFE30JjjqA-F07cCF9u186ul5LeFtY06_yEtqo_7-nX5-GyiETF1PzlGMHMpOdPfTSEjsyF5w6Y9AOcTwTPd5qVxldG7sm83x8c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbKJN1sWAAjKJrzzy0rrCP2QwBHURHTxYlxco-KpFE30JjjqA-F07cCF9u186ul5LeFtY06_yEtqo_7-nX5-GyiETF1PzlGMHMpOdPfTSEjsyF5w6Y9AOcTwTPd5qVxldG7sm83x8c
Request Chain 245
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEOD_zEz-n0c2CJElJtUxec8&c_param1=ASkJ3FY60IyCowEqF4uBWt0Jd-KrACTGPawBzim3iihf0pGekdGBPsrkdl4x6wYzT9zEtmJtZP9ZUsOj8WItzPfTF3zQIxZtzBFJ2UKzupdRX1pCkNtf7xQs2SKzxY19uINJi_9avXYsoEY&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FY60IyCowEqF4uBWt0Jd-KrACTGPawBzim3iihf0pGekdGBPsrkdl4x6wYzT9zEtmJtZP9ZUsOj8WItzPfTF3zQIxZtzBFJ2UKzupdRX1pCkNtf7xQs2SKzxY19uINJi_9avXYsoEY
Request Chain 246
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEP_m4EEY1k_TosGGhl_09ak&google_cver=1&google_push=ASkJ3FYHgSRmSUfo8AzavyA976sLs7xEI21t-7HgEdWVKnInN8adCyCLyRwzc-bLjl36PBfwxcGh8Xel6o6PuSDIwBme5_C4dLp51Vpk2LMhVIvIDDY0j0RWQW8NnmXLJ7OchmijLlFs39o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYHgSRmSUfo8AzavyA976sLs7xEI21t-7HgEdWVKnInN8adCyCLyRwzc-bLjl36PBfwxcGh8Xel6o6PuSDIwBme5_C4dLp51Vpk2LMhVIvIDDY0j0RWQW8NnmXLJ7OchmijLlFs39o&google_hm=WTNTYWFjQ281c0lBQUVwM0h6c0FBQUFB
Request Chain 247
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESED4sbjB6UK8Ys6cBMDADXh4&google_cver=1&google_push=ASkJ3FYTZGD3ntyYGvqbcsuRRSiXj4YJvTQMIiaqSVORakH3QrC-W-6IlCl7Z4Vw_uvGHlEAjTsxiPg-ojrxWxh9qrR2qtEO3B2iJTV2Jw28H7L5QDzZdZ1DTwkJId0SOT_J2244YU-8O4Pm HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESED4sbjB6UK8Ys6cBMDADXh4%26google_cver%3D1%26google_push%3DASkJ3FYTZGD3ntyYGvqbcsuRRSiXj4YJvTQMIiaqSVORakH3QrC-W-6IlCl7Z4Vw_uvGHlEAjTsxiPg-ojrxWxh9qrR2qtEO3B2iJTV2Jw28H7L5QDzZdZ1DTwkJId0SOT_J2244YU-8O4Pm HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A5900175048819371639&exchange=193&google_gid=CAESED4sbjB6UK8Ys6cBMDADXh4&google_cver=1&google_push=ASkJ3FYTZGD3ntyYGvqbcsuRRSiXj4YJvTQMIiaqSVORakH3QrC-W-6IlCl7Z4Vw_uvGHlEAjTsxiPg-ojrxWxh9qrR2qtEO3B2iJTV2Jw28H7L5QDzZdZ1DTwkJId0SOT_J2244YU-8O4Pm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU5MDAxNzUwNDg4MTkzNzE2Mzk&google_push=ASkJ3FYTZGD3ntyYGvqbcsuRRSiXj4YJvTQMIiaqSVORakH3QrC-W-6IlCl7Z4Vw_uvGHlEAjTsxiPg-ojrxWxh9qrR2qtEO3B2iJTV2Jw28H7L5QDzZdZ1DTwkJId0SOT_J2244YU-8O4Pm
Request Chain 248
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKMC5CjvXKjHEA9YLKvJMjo&google_cver=1&google_push=ASkJ3FbC44IvR0yg0adDdoWH5MeDkXjnUmV6mbngFCV-G9b_epFq7MCWLnzBwKNMVVxOJFYDNxBZ2WwQQLMV8KWbKPdkLoZ_GRM2yjoLxpCqxeSmR1skgf4bjXPO8eWSliTFWXPHataLxHOi HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKMC5CjvXKjHEA9YLKvJMjo&google_cver=1&google_push=ASkJ3FbC44IvR0yg0adDdoWH5MeDkXjnUmV6mbngFCV-G9b_epFq7MCWLnzBwKNMVVxOJFYDNxBZ2WwQQLMV8KWbKPdkLoZ_GRM2yjoLxpCqxeSmR1skgf4bjXPO8eWSliTFWXPHataLxHOi&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IYmpHOUlWRTJ1RkVLbFpfWl9lMVRqbzBzQkVyQzRtT35B&google_push=ASkJ3FbC44IvR0yg0adDdoWH5MeDkXjnUmV6mbngFCV-G9b_epFq7MCWLnzBwKNMVVxOJFYDNxBZ2WwQQLMV8KWbKPdkLoZ_GRM2yjoLxpCqxeSmR1skgf4bjXPO8eWSliTFWXPHataLxHOi
Request Chain 249
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENS8MOzG9GTEJtHv4npEbaA&google_cver=1&google_push=ASkJ3Fb_e6cLlAgB9XtWh08ntuggeFOJZsKevMNF8ohZ4bFE5M9ViMgGQluU5hqpCtseH8eYnT_fyHT3EL2f5LJ7G_K_kknzKll0brKMQzcqNdcKKDhm2_kT6ghbHftwytRV-4FZ80kw7LpJ HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENS8MOzG9GTEJtHv4npEbaA&google_cver=1&google_push=ASkJ3Fb_e6cLlAgB9XtWh08ntuggeFOJZsKevMNF8ohZ4bFE5M9ViMgGQluU5hqpCtseH8eYnT_fyHT3EL2f5LJ7G_K_kknzKll0brKMQzcqNdcKKDhm2_kT6ghbHftwytRV-4FZ80kw7LpJ&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=ASkJ3Fb_e6cLlAgB9XtWh08ntuggeFOJZsKevMNF8ohZ4bFE5M9ViMgGQluU5hqpCtseH8eYnT_fyHT3EL2f5LJ7G_K_kknzKll0brKMQzcqNdcKKDhm2_kT6ghbHftwytRV-4FZ80kw7LpJ&google_hm=M3NNakxYeXNzNmk=&suid-set=1
Request Chain 274
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEOO-_qyifxbXd6clGJhhbHw&google_cver=1&google_push=ASkJ3FZtSH4o9GTjYTvVe0E9kFTr1NAoIbe8xXFu8RF7u8q7YTgvyqJM9DN59IfMHOv-WcxwSEmkRtNJobmyx8eMJ18wodN8BH-sWyMqPPsgVyZxbK8ggyfSUBCwG_XWBpWOvzqU0psPbYxQrEZ1Rzqn6QQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FZtSH4o9GTjYTvVe0E9kFTr1NAoIbe8xXFu8RF7u8q7YTgvyqJM9DN59IfMHOv-WcxwSEmkRtNJobmyx8eMJ18wodN8BH-sWyMqPPsgVyZxbK8ggyfSUBCwG_XWBpWOvzqU0psPbYxQrEZ1Rzqn6QQ&google_hm=Nz90972ZQgWJ_SPTGpFWM8U
Request Chain 275
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMXBNMZ1oDAa-51KxT7dM-U&google_cver=1&google_push=ASkJ3FaSOOItnFP-gS59WPGtXltJ-WmUh_LmB8H94GqRsJfXkFmaX_FO2zmemp0i7tsdnX1tkFew86zbhr1RqhRXA9pkdYyxI-3t_9olesiOAt1aM3GRL8hXW9B3FuY3fndAvAb9uK1g9NUMU-3rJBD8Zw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMXBNMZ1oDAa-51KxT7dM-U&google_cver=1&google_push=ASkJ3FaSOOItnFP-gS59WPGtXltJ-WmUh_LmB8H94GqRsJfXkFmaX_FO2zmemp0i7tsdnX1tkFew86zbhr1RqhRXA9pkdYyxI-3t_9olesiOAt1aM3GRL8hXW9B3FuY3fndAvAb9uK1g9NUMU-3rJBD8Zw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YoPy0MmCTh-EM7-KbOkwJA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaSOOItnFP-gS59WPGtXltJ-WmUh_LmB8H94GqRsJfXkFmaX_FO2zmemp0i7tsdnX1tkFew86zbhr1RqhRXA9pkdYyxI-3t_9olesiOAt1aM3GRL8hXW9B3FuY3fndAvAb9uK1g9NUMU-3rJBD8Zw
Request Chain 276
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEFJU4zzo2Eir7bWEVcIU3Jk&google_cver=1&google_push=ASkJ3FYGGJNs-DA0dtc4smqgfBwdXjCFVS8ppra-J3AX_vC5S7u7QLxhtZ0ysIf2Q-dsKxqAKDPSx0JzDywVRVqzaD1xqFfwUQ65bXeFJSnjVwm1YK1xOfXRpAo-64JG7_e4DfQdGdV6XJA97AG6gBn_4hc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE3MDc0NDI3NTc2NjAyNDU5NzA&google_push=ASkJ3FYGGJNs-DA0dtc4smqgfBwdXjCFVS8ppra-J3AX_vC5S7u7QLxhtZ0ysIf2Q-dsKxqAKDPSx0JzDywVRVqzaD1xqFfwUQ65bXeFJSnjVwm1YK1xOfXRpAo-64JG7_e4DfQdGdV6XJA97AG6gBn_4hc
Request Chain 277
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESENh2dbQ8Qhg0dpK-t1Wgy4Y&google_cver=1&google_push=ASkJ3FZ4PGlYmQb9GEMNcyMStnrlekv76ZJfuke_AO0lnRX-SDzAD0iZWFE67uGT2gLHa8Z2S5bwDU2IK0PoD8tu49c5uKMJq5ZHYIujBUMKAeXty1kV96sSTrAvUV373MbcM0LUP8c0j1ZfF9W3aoMzv0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ASkJ3FZ4PGlYmQb9GEMNcyMStnrlekv76ZJfuke_AO0lnRX-SDzAD0iZWFE67uGT2gLHa8Z2S5bwDU2IK0PoD8tu49c5uKMJq5ZHYIujBUMKAeXty1kV96sSTrAvUV373MbcM0LUP8c0j1ZfF9W3aoMzv0g
Request Chain 278
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESENa5MHn_lyreSgcXOsRSxbg&google_cver=1&google_push=ASkJ3FZ6wHYOjY5mxxejtRLLpbG-6rOCW7XFJA3PXsEwPZo-tFipQaLiUO9TU_gS5WtH57VBzVKI_x5CleuK-ipnIJbQRHZQUlDwp0SO2yN4W-bBkBSHd6mqEQ2gpEFRbAxt3Hy7VMUdh3OfW_l7ulHKeNyx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ASkJ3FZ6wHYOjY5mxxejtRLLpbG-6rOCW7XFJA3PXsEwPZo-tFipQaLiUO9TU_gS5WtH57VBzVKI_x5CleuK-ipnIJbQRHZQUlDwp0SO2yN4W-bBkBSHd6mqEQ2gpEFRbAxt3Hy7VMUdh3OfW_l7ulHKeNyx&google_hm=QlMuMWYzMy00N2JhLTRmODQtYWQwZg==
Request Chain 280
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEMXkQ-V5b5v44cl2bNhiJ8s&google_cver=1&google_push=ASkJ3FYhSHM6nhfgrerR486tMljK3CVgWwmeNaUTZP5pWBD_jGQT9nfkd8E89JivlYmQ_s1tGSQORGCNV0We8netbSgOlk8i_pxy8S3UbrFaFVM4CTH_65FncnUHL2Wyl7irRD1ltQCzFSWS5bDbk7OsdeYA HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEMXkQ-V5b5v44cl2bNhiJ8s&google_push=ASkJ3FYhSHM6nhfgrerR486tMljK3CVgWwmeNaUTZP5pWBD_jGQT9nfkd8E89JivlYmQ_s1tGSQORGCNV0We8netbSgOlk8i_pxy8S3UbrFaFVM4CTH_65FncnUHL2Wyl7irRD1ltQCzFSWS5bDbk7OsdeYA&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FYhSHM6nhfgrerR486tMljK3CVgWwmeNaUTZP5pWBD_jGQT9nfkd8E89JivlYmQ_s1tGSQORGCNV0We8netbSgOlk8i_pxy8S3UbrFaFVM4CTH_65FncnUHL2Wyl7irRD1ltQCzFSWS5bDbk7OsdeYA&google_hm=Mzd1ZldqeklJVGRNWWRHOTEtZ00=
Request Chain 283
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO6pV14UwX--V0Gx9jue6tU&google_cver=1&google_push=ASkJ3FYZKgWF42ewJnndQAFS0zk0JQnRTnn4G_PWp483AdTQ1IwxsLsnH9LxaIHP2z2yglzZot4RqF7M6OLc6eHXol8K0u4sfm1u HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYZKgWF42ewJnndQAFS0zk0JQnRTnn4G_PWp483AdTQ1IwxsLsnH9LxaIHP2z2yglzZot4RqF7M6OLc6eHXol8K0u4sfm1u
Request Chain 284
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEDqKeHVpU-ssVsmmm7oHdpQ&google_cver=1&google_push=ASkJ3FZ4C2x-bxlbrGinaAqPWkYdTxC1OzMtOzBKSqrU_wKH_97ijnYVWNC6Phn2sJDJWRd9XLTOVFLyjhbvP28pI__O1pGDiQbo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YzAwNmNlY2EtMjc2MS00ZGNkLTljY2UtY2NiOTMwY2UyYjI1&google_gid=CAESEDqKeHVpU-ssVsmmm7oHdpQ&google_cver=1&google_push=ASkJ3FZ4C2x-bxlbrGinaAqPWkYdTxC1OzMtOzBKSqrU_wKH_97ijnYVWNC6Phn2sJDJWRd9XLTOVFLyjhbvP28pI__O1pGDiQbo
Request Chain 285
  • https://a.c.appier.net/gcm?google_gid=CAESEBjBHu7F8mWNyXCRS6IJyn8&google_cver=1&google_push=ASkJ3FZ3b5PDWOcsI6DSVRCeMcx7xQEySKyi1OMk6sR9ay6zDseApR2NrawkQOdUzwTUjez4rqdJlEns9USdxqvQES5AgoF2zD5x HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WTRtbnRIWm1DbHlpMXRWUVpacDBZdw%3D%3D&google_push=ASkJ3FZ3b5PDWOcsI6DSVRCeMcx7xQEySKyi1OMk6sR9ay6zDseApR2NrawkQOdUzwTUjez4rqdJlEns9USdxqvQES5AgoF2zD5x
Request Chain 286
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEMXYY-wXEkHtCofMIIMseVE&c_param1=ASkJ3FbWQv4QHSZRVngQwqjEEDLyEXLiR8Sj5c3rcNquhIfFtGC1K0V7Cnx8eqTMqQLKms4MKjXDeo4xWBKpDHoj5ebWuyBx4uaS&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FbWQv4QHSZRVngQwqjEEDLyEXLiR8Sj5c3rcNquhIfFtGC1K0V7Cnx8eqTMqQLKms4MKjXDeo4xWBKpDHoj5ebWuyBx4uaS
Request Chain 287
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEAvAHbMqfpRUnDtEZYEDDAA&google_cver=1&google_push=ASkJ3Fata5qOoMD1CSr-SQnPzTJzvMuem0nRWYQ9c0CoKIkL7WLNgB5S7TwLkShKkABXwEwo7yQ6vBKMh_-lUtumAU_cbKplwAjj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3Fata5qOoMD1CSr-SQnPzTJzvMuem0nRWYQ9c0CoKIkL7WLNgB5S7TwLkShKkABXwEwo7yQ6vBKMh_-lUtumAU_cbKplwAjj&google_hm=Ad9b43vjyUYaiQkG9Xe_NwM
Request Chain 288
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAZjbvvBRFcq_VWS6j3O5To&google_cver=1&google_push=ASkJ3FYfRKG40YAhmhULN5VeLoJ0vvuANMIoOQt2KFvLgz0irdhMB7AZk09FQ6FAISjThRjQBAwk0iDdBjZJSMrkoXLLP9qCAF7c HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FYfRKG40YAhmhULN5VeLoJ0vvuANMIoOQt2KFvLgz0irdhMB7AZk09FQ6FAISjThRjQBAwk0iDdBjZJSMrkoXLLP9qCAF7c&google_gid=CAESEAZjbvvBRFcq_VWS6j3O5To HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODUwODYyNDQ0MzA4MDAxNjk2OTM4&google_push=ASkJ3FYfRKG40YAhmhULN5VeLoJ0vvuANMIoOQt2KFvLgz0irdhMB7AZk09FQ6FAISjThRjQBAwk0iDdBjZJSMrkoXLLP9qCAF7c
Request Chain 289
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEAeWBf8ZQdIcIZjLpxuf8mY&google_cver=1&google_push=ASkJ3FY2tS7pH7HgJmk7rbusfEI8UMNuvf9VhirgvbHo4B9uyFTkNALJ3pECjxSC9kbEi8vVPrNyeB_VBuDDOHzXuEgGgZyMJzM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FY2tS7pH7HgJmk7rbusfEI8UMNuvf9VhirgvbHo4B9uyFTkNALJ3pECjxSC9kbEi8vVPrNyeB_VBuDDOHzXuEgGgZyMJzM&google_hm=55d43ac19e59705a2c42d7f0ba432ac8
Request Chain 345
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&dongle=0cfd
Request Chain 346
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODUwODYyNDQ0MzA4MDAxNjk2OTM4 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 347
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL-Bt44mOa1FGTptp8Nn0oc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 348
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODUwODYyNDQ0MzA4MDAxNjk2OTM4
Request Chain 349
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=850862444308001696938&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=850862444308001696938&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=cfc39a69-2e78-488f-9d27-119bd8c83ff0&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=cfc39a69-2e78-488f-9d27-119bd8c83ff0&_noobservation=1&_expected_cookie=7766d5f5557dedda9c7814cb041f3d56
Request Chain 350
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=850862444308001696938&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=1782628806885734110&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=652bab48-9cce-4cc9-a1c8-5d71394c1333&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 351
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/850862444308001696938?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-xEFAw1dE2oSyw.JELsn2N7wPkOUJBGbdfYVMGKPcWg--~A&dongle=0883
Request Chain 352
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=850862444308001696938 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=850862444308001696938&dcc=t
Request Chain 354
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6748777306024888295&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 355
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2809913597948024367&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 356
  • https://match.adsrvr.org/track/cmf/openx?oxid=a9bf5b01-24e7-7434-f509-f0c2c99ee1ce&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&ttd_puid=a9bf5b01-24e7-7434-f509-f0c2c99ee1ce&gdpr=0&gdpr_consent=
Request Chain 357
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y3SaacCo5sIAAEp3HzsAAAAA
Request Chain 358
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUjA00bx_gxcks8ADv76RCfT_88AAAGEf3s2Yg
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJnTYJEpldFPxqcir41oiEs&google_cver=1
Request Chain 362
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 369
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=914f6374-9a69-4800-af7f-7b69775be572&gdpr=1&gdpr_consent=
Request Chain 371
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6748777306024888295
Request Chain 373
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhH97NX0Bg_7I2-WK0UaoSu2RiaseuLc-zw
Request Chain 375
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCOy00psGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 376
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=5F5ALdvNJl9fsn1wttvRbLvgek8DIbMWg2MLdIWfmVg
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDKk8FDKKHa7yBNkVk-xC68&google_cver=1
Request Chain 380
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=
Request Chain 383
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 384
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Drkt%26refUrl%3D%26vid%3D85860917083115876917443742000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3115876917443742000V10&type=rkt&refUrl=&vid=85860917083115876917443742000V10&ovsid=1977432090496657568
Request Chain 386
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Dapx%26refUrl%3D%26vid%3D85860917083115876917443742000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3115876917443742000V10&type=apx&refUrl=&vid=85860917083115876917443742000V10&ovsid=6748777306024888295
Request Chain 387
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Dopx%26refUrl%3D%26vid%3D85860917083115876917443742000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3115876917443742000V10&type=opx&refUrl=&vid=85860917083115876917443742000V10&ovsid=6193329e-8fe7-4ed4-9646-8eac7b717312
Request Chain 388
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Dmma%26refUrl%3D%26vid%3D85860917083115876917443742000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3115876917443742000V10&type=mma&refUrl=&vid=85860917083115876917443742000V10&ovsid=914f6374-9a69-4800-af7f-7b69775be572
Request Chain 389
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Dr1%26refUrl%3D%26vid%3D85860917083115876917443742000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Dr1%26refUrl%3D%26vid%3D85860917083115876917443742000V10%26ovsid%3D%5BRX_UUID%5D&cb=1668586092543 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6302193893 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a305cbb0-ee0e-46fb-b1a3-d86687548c2e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004
Request Chain 390
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzExNTg3NjkxNzQ0Mzc0MjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEt_yULbAZP9i7lK0yGemUc&google_cver=1
Request Chain 391
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Ddxu%26refUrl%3D%26vid%3D85860917083115876917443742000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Ddxu%26refUrl%3D%26vid%3D85860917083115876917443742000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3115876917443742000V10&type=dxu&refUrl=&vid=85860917083115876917443742000V10&ovsid=7pBKhEm51OVdsU5
Request Chain 393
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=652bab48-9cce-4cc9-a1c8-5d71394c1333&google_hm=NjUyYmFiNDgtOWNjZS00Y2M5LWExYzgtNWQ3MTM5NGMxMzMz HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIGJeeGwUT3-qYLpLjq6tsQ&google_cver=1&ssp=medianet&bsw_param=652bab48-9cce-4cc9-a1c8-5d71394c1333 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=652bab48-9cce-4cc9-a1c8-5d71394c1333&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 394
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Dzem%26refUrl%3D%26vid%3D85860917083115876917443742000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=37ufWjzIITdMYdG91-gM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJTG52WMV3KPJEUSVDEJVMWIRZZGEWWOTJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4DKOBWGA4TCNZQHAZTCMJVHA3TMOJRG42DIMZXGQZDAMBQKYYTAJTWONUWIPJTGEYTKOBXGY4TCNZUGQZTONBSGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJTG52WMV3KPJEUSVDEJVMWIRZZGEWWOTJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4DKOBWGA4TCNZQHAZTCMJVHA3TMOJRG42DIMZXGQZDAMBQKYYTAJTWONUWIPJTGEYTKOBXGY4TCNZUGQZTONBSGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=37ufWjzIITdMYdG91-gM&refUrl=&type=zem&vid=85860917083115876917443742000V10&vsid=3115876917443742000V10
Request Chain 397
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e
Request Chain 406
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=V0ANedu8SimUwubjpPpCTQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V0ANedu8SimUwubjpPpCTQ
Request Chain 407
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKRDJPOEYtMjItTTlJVw==
Request Chain 408
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIOPLYFqPqNgfT68EDAfu7E&google_cver=1
Request Chain 409
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=&expires=30
Request Chain 410
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAJD2O8F-22-M9IW
Request Chain 411
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDYzZTk5MWJkNDdlMDhjODE1ZDAyYjZlZjFiZDlkNmNhMDg1MDA3ZQ
Request Chain 412
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/1ew6hE_bNeIEyQdw2tm6_cn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5435956436937066325
Request Chain 413
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 418
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 421
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=6748777306024888295
Request Chain 422
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FqOoCRZH3JG7ifdJRGaA2WiG
Request Chain 423
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FqOoCRZH3JG7ifdJRGaA2WiG
Request Chain 424
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1668586092543 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=593116797 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a305cbb0-ee0e-46fb-b1a3-d86687548c2e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004
Request Chain 425
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=2018808912878082124
Request Chain 427
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F34449%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dfe1107db-7394-4f0e-ab1c-cfe84ec1bbba%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
Request Chain 428
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A
Request Chain 430
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A
Request Chain 432
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&expiration=1671178093&gdpr=0&gdpr_consent=
Request Chain 433
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3Saa33QhgtoJZ4KQlomnwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHZgZKNaEKEJBtc6VhSBpik&google_cver=1
Request Chain 434
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENvYvX3LJafRrcmWAYSEZ9w&google_cver=1
Request Chain 435
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB&dcc=t
Request Chain 438
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3Saa33QhgtoJZ4KQlomnwAA%264729?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y3Saa33QhgtoJZ4KQlomnwAA%264729
Request Chain 439
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6748777306024888295
Request Chain 441
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6748777306024888295
Request Chain 442
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2809913597948024367
Request Chain 443
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y3SabAAAARgOjQA7 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3SabAAAARgOjQA7&_test=Y3SabAAAARgOjQA7
Request Chain 444
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB
Request Chain 445
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&expiration=1671178093&gdpr=0&gdpr_consent=
Request Chain 446
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3Saa33QhgtoJZ4KQlomnwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHZgZKNaEKEJBtc6VhSBpik&google_cver=1
Request Chain 447
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=37ufWjzIITdMYdG91-gM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2MZXOVTFO2T2JFEVIZCNLFSEOOJRFVTU2 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2MZXOVTFO2T2JFEVIZCNLFSEOOJRFVTU2 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=37ufWjzIITdMYdG91-gM
Request Chain 448
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=12fk59hweldx
Request Chain 452
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhH97OM5U1kQuYyWFYjCwDje21qRI-mieJQ
Request Chain 454
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDKk8FDKKHa7yBNkVk-xC68&google_cver=1
Request Chain 455
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
Request Chain 456
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LAJD2O8F-22-M9IW&gdpr=0
Request Chain 457
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6748777306024888295
Request Chain 459
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=3999078817453058114
Request Chain 460
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RkHofUhu6JrrBlqZN228b_WLYPJfzazxMOTfM2qWRS4
Request Chain 461
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6283F2D0-C982-4E1F-8433-BF8A6CE93024&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VyX3iGRE2uUIy9uW7V4x.ZDMvgUuVDU-~A&gdpr=0&gdpr_consent=
Request Chain 462
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A
Request Chain 463
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=
Request Chain 464
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=652bab48-9cce-4cc9-a1c8-5d71394c1333&ssp=onetag&gdpr=0&gdpr_consent=
Request Chain 468
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
Request Chain 469
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y3SabAAIfH-SGwAO HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3SabAAIfH-SGwAO&gdpr=0&gdpr_consent=&_test=Y3SabAAIfH-SGwAO HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 470
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xu2f6jv3qwz HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 471
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rQxK66JeS-m2BkTmqlpQ7KMGSuy2W0S5-ln__IdE
Request Chain 472
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6748777306024888295&gdpr=0&gdpr_consent=
Request Chain 474
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YoPy0MmCTh-EM7-KbOkwJA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 475
  • https://idsync.rlcdn.com/420486.gif?partner_uid=6283F2D0-C982-4E1F-8433-BF8A6CE93024 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=99e8776a3ef33667a865de8342480748de4c7ce3cb178c435c68220b23808853791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5OWU4Nzc2YTNlZjMzNjY3YTg2NWRlODM0MjQ4MDc0OGRlNGM3Y2UzY2IxNzhjNDM1YzY4MjIwYjIzODA4ODUzNzkxNDI2YjU0MTdkY2UyMRAAGgwI7bTSmwYSBAgCEABCAEoA
Request Chain 476
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=914f6374-9a69-4800-af7f-7b69775be572
Request Chain 477
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjI4M0YyRDAtQzk4Mi00RTFGLTg0MzMtQkY4QTZDRTkzMDI0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 478
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMtAY0Ia_-RBw_-MTDgO2WQ&google_cver=1
Request Chain 479
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8F8DDC3F656A478BB8086C577919FB8F
Request Chain 481
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=
Request Chain 484
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6748777306024888295
Request Chain 485
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_ce0d04e8-0948-49c8-8420-406e295700c3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=OLrMvzfozb0jsMKyP-zWuDawzLgj7cLtb-_FvIOQ HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=652bab48-9cce-4cc9-a1c8-5d71394c1333
Request Chain 487
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_ce0d04e8-0948-49c8-8420-406e295700c3&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=37ufWjzIITdMYdG91-gM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MZXOVTFO2T2JFEVIZCNLFSEOOJRFVTU2JTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MZXOVTFO2T2JFEVIZCNLFSEOOJRFVTU2JTVONPXA4TJOZQWG6J5GEWS2LI
Request Chain 488
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3713545615 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a305cbb0-ee0e-46fb-b1a3-d86687548c2e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004
Request Chain 489
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=88g70psShSQ2&ev=1&pid=558355
Request Chain 491
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=5e82ff71-0cf2-4c62-9272-e02f01cee088
Request Chain 500
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=a305cbb0-ee0e-46fb-b1a3-d86687548c2e
Request Chain 501
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
Request Chain 502
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y3SabQAAAYTuAgAr HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y3SabQAAAYTuAgAr&gdpr=0&gdpr_consent=&_test=Y3SabQAAAYTuAgAr
Request Chain 505
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y3SaacCo5sIAAEp3HzsAAAAA
Request Chain 507
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y3Saa33QhgtoJZ4KQlomnwAA%264729
Request Chain 509
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 512
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=nlhkNJEKZTaFUmo5mQ5-M5BSZDOFD2pmyQ328MSp
Request Chain 513
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=7448250904070072569&gdpr=0&gdpr_consent=
Request Chain 514
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
Request Chain 515
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y3Saa33QhgtoJZ4KQlomnwAA%264729
Request Chain 516
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g7a9875c727791309c1b&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Request Chain 519
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=e9a6b5b594998abf15a34e037e0cbe0b
Request Chain 521
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A&gdpr=0&gdpr_consent=
Request Chain 522
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6283F2D0-C982-4E1F-8433-BF8A6CE93024&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VyX3iGRE2uUIy9uW7V4x.ZDMvgUuVDU-~A&gdpr=0&gdpr_consent=
Request Chain 542
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Request Chain 543
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 545
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LAJD2O8F-22-M9IW HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAJD2O8F-22-M9IW
Request Chain 549
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=GkD5TnA7_i4jjRVwjRvo01z74FcHRctrNUCwlpCPpJs
Request Chain 551
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=914f6374-9a69-4800-af7f-7b69775be572&gdpr=1&gdpr_consent=
Request Chain 553
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6748777306024888295

557 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
www.bg3.co/a/ 		58 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e72258a869ee64d7996fee5404117c0e3de182080478d854c1239cce87d38851

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Nov 2022 08:07:58 GMT
ETag
"e660-ZRfv51dIkab66Dm+2x9Bwq0IzfA"
Expires
Wed, 16 Nov 2022 09:07:58 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
1d06186935333e9e0054906d58a51794a743376d1b71dc55df78e65debcc9820
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 16 Nov 2022 08:07:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72561
x-xss-protection
0
server
sffe
etag
"8982a451fc00c1b3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Nov 2022 08:07:59 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
0535100df27c6d49a6d1c06b7f98455bf0cdef6ae63c4c168b5cf1f170c14c51
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 16 Nov 2022 08:08:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9664
x-xss-protection
0
server
sffe
etag
"6079829c87823654"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Nov 2022 08:08:02 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
2c71445ec9538a4d031b32ba0f044ae793aac625896846f838f9c8abace99c08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 16 Nov 2022 08:07:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7578
x-xss-protection
0
server
sffe
etag
"1ef491f2ce412f6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Nov 2022 08:07:59 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
878674d3e2986e2a0da06a414498ebe39c165c2e22624600ee179ec9df149105
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 16 Nov 2022 08:07:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31953
x-xss-protection
0
server
sffe
etag
"eddf6e9f984d26cc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Nov 2022 08:07:59 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-hk/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3175
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44539
last-modified
Thu, 27 Oct 2022 03:12:33 GMT
server
cloudflare
etag
"6359f721-adfb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NWbxoYS7zX%2Bwe%2BixjVWlTXyYuwXGgzyB0mt8%2FlvCxkk8kLoQMBj6kSqmbmS6ohP55BlOZGIAfz8QQ4Ko8NTkivlEXIvIblCt%2BDCY69sUTqiGk1jecX1uCEoZf6D5csXng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76aebc78aa58aad8-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 16 Nov 2022 08:08:00 GMT
content-encoding
br
last-modified
Wed, 16 Nov 2022 07:00:37 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=107, origin; dur=825
x-cf-geodata
NZ
content-length
9035
expires
Wed, 16 Nov 2022 09:08:00 GMT
adpushup.js
cdn.adpushup.com/42753/ 		867 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
0e74fbb4c49a44d222a938012bf4284b6f9484ceb05c828d39b7c84828f1629e

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 16 Nov 2022 08:07:59 GMT
content-encoding
br
last-modified
Thu, 03 Nov 2022 17:05:29 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=109
x-cf-geodata
NZ
content-length
194623
expires
Wed, 16 Nov 2022 09:07:59 GMT
5d9eb2e9bde601ec6c78552a61dfb279.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/5d9eb2e9bde601ec6c78552a61dfb279.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
9ac1baf7d01dd3adbb332582e7dab148.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/9ac1baf7d01dd3adbb332582e7dab148.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bee77bc2845391d5a3bc63943213379e.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/bee77bc2845391d5a3bc63943213379e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
089647b39a8806ee4807bfd16614266b.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/089647b39a8806ee4807bfd16614266b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
45b831a1c42cded29273418753f5ab06.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/45b831a1c42cded29273418753f5ab06.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
63c3d4f22dbc75c135eacf653472c7d1.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/63c3d4f22dbc75c135eacf653472c7d1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
9470e70b4b75c2a80dd4fa88b385f3aa.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/9470e70b4b75c2a80dd4fa88b385f3aa.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
5595ee6cece79904d433cfd510001a91.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/5595ee6cece79904d433cfd510001a91.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
96f9b96b296ca08728af83df67f81cc2.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/96f9b96b296ca08728af83df67f81cc2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
226be64d066084cadbdfc691ea70c073.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/226be64d066084cadbdfc691ea70c073.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
7a801ebd356622e389d3a8311f6ad4d8.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/7a801ebd356622e389d3a8311f6ad4d8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
0855ee8168b0de814f7b31b06063c244.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/0855ee8168b0de814f7b31b06063c244.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
896b63edf8d35c2d9751432932f011a9.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/896b63edf8d35c2d9751432932f011a9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
744412612447135dd06e54f850a68371.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/744412612447135dd06e54f850a68371.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
7bc2cfeff8eadb0122ecd0b79361ac17.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/7bc2cfeff8eadb0122ecd0b79361ac17.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
417700b79aa68bf6fded8b9cee705c05.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/417700b79aa68bf6fded8b9cee705c05.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
5de545face37de1cbcf0a2f0fdbf1067.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5de545face37de1cbcf0a2f0fdbf1067.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
794554744e87bda0ac7751f24222a83c.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/794554744e87bda0ac7751f24222a83c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1a91352d2d72896de7313e0e98cd79e5.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/1a91352d2d72896de7313e0e98cd79e5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
add2215e4a199d6e0176dcd88de1df5e.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/add2215e4a199d6e0176dcd88de1df5e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
de58794547bfc80fd6f813ef0b241736.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/de58794547bfc80fd6f813ef0b241736.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
3acdd6cf515f86d90527c3d114dd515a.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/3acdd6cf515f86d90527c3d114dd515a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
b61c883cb5f0da9ee430e57e239b0268.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b61c883cb5f0da9ee430e57e239b0268.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
9367980d1a2a729754c9a6777d7236e9d49c662a197f00e210ba276d7e0aa6ac
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:01:46 GMT
age
43576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2991
x-xss-protection
0
server
sffe
etag
"413d5b5eb26df1c9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:01:46 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
e005bd498c71a1e59de4a20aec621c9a51451e498778fb049957e17fca316f8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:01:46 GMT
age
43576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23066
x-xss-protection
0
server
sffe
etag
"1b79e24071ca714c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:01:46 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		5 KB
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
839ae361d476afc38b42db367a9d014371e2eb9bd444cb089608b0de69cf1dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
529
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
3e76fa5f8f7b53855ef3a64bb458a6ff4a09da9a814e81d844c973008139f527
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:01:46 GMT
age
43576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3936
x-xss-protection
0
server
sffe
etag
"2e876f41249f1a45"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:01:46 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
620 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6387
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKd5stZzcPCPRS8cIZ4P%2BvzFQFMK1zOl7inD%2BSfkUs9fKBdth6YRK4MdC5VAyEnDA4WrQtFLj1RByxfvZkYwaN1V9huJv%2BaiJJjyriPjZsVtad5JSQWj6s%2Fi5%2BS7kIr3zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
76aebc7a8d37aad8-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
4613bb4f7d48662c9e73eab55b9472acf5297f231427a56b2e7d5f05c9ee7d2e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 08:08:01 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
4613bb4f7d48662c9e73eab55b9472acf5297f231427a56b2e7d5f05c9ee7d2e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 08:08:01 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		412 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.27552131791460766&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
43651d9987d330a8113243857b3e376194303e4ec962c2590676657b639ae99e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 08:08:00 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
412
ad_request
ads.aralego.com/ 		412 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.4261389342176034&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
43651d9987d330a8113243857b3e376194303e4ec962c2590676657b639ae99e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 08:08:01 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
412
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:02 GMT
content-encoding
gzip
x-sp-metadata
HS256.CPLQ0psGEogBCiQ4OWNiM2Q3OS0zZTdiLTQzYTMtOTBhNC01NDlhNzYzMzk2N2UQ6JCNkN3O+gIaBgjitNKbBiINMTE2LjkwLjc0LjE5NyjOgQMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGU3OThkZDJjLThlMDgtNDIzNC04NDQ1LTBiZDgwNzhkMDAwZBib8QE=.NXeZ6kksRUpOWNKmVgf9V95hV9W3bjDBONNGRpcpCyc=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1668586082.dop212.la3.t,1668586082.cds241.la3.hn,1668586082.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:02 GMT
content-encoding
gzip
x-sp-metadata
HS256.CPLQ0psGEogBCiQxZTQwY2M4Ni03MTdjLTQ5MzItODQ1NS04NDA2NDljMmE5NjgQ6JCNkN3O+gIaBgjitNKbBiINMTE2LjkwLjc0LjE5NyjOgQMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDM4N2Q1NmZkLWRmZGMtNDNhOS05MDA1LWRmOWVhNjViODMyMhi46QE=.cQj4SF4uVSvDAcMTw6mFGvpptEWgjGkwD+SAMWBVzz0=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1668586082.dop212.la3.t,1668586082.cds241.la3.hn,1668586082.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
init.js
cdn.holmesmind.com/js/ Frame 3588 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Wed, 16 Nov 2022 08:07:17 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
46
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
P5iVWvj0g2Hu--jn01QgTKe6UmCd-ymh3mnbD963zv1L6a3oc-1-0w==
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
ef61de62bdd4d685961d0da741d164c50e531c9d98376158e47bb777363970f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:01:46 GMT
age
43576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10255
x-xss-protection
0
server
sffe
etag
"4d52d329cbd34968"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:01:46 GMT
gtag.json
cdn.ampproject.org/rtv/012211042305000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:02:05 GMT
age
43556
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"f8777e0f4a2af1a5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:02:05 GMT
init.js
cdn.holmesmind.com/js/ Frame 909B 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Wed, 16 Nov 2022 08:07:17 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
46
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
k7hSIlKPZ5PjPUYVny30r8zSvGeQctbJRUFlyMYm5kLD6JczfEyw0A==
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 769E 		714 B
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
930
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
76aebc814a7b55bd-SYD
content-encoding
br
content-type
text/html
date
Wed, 16 Nov 2022 08:08:01 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAoyA4VQPCsBCyLFdKu6Pre2N%2FHd8Q4uLNaRa1EUSuyFRO27bgRzXfSdH49ek7aXN9W68tuus7SUsHR07OcRNBghMraw8GX4QVB%2FPCEFG6TV3NKbAXtcL%2BXy%2FPtM0zCmQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 08:08:02 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame E506 		714 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
930
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
76aebc816a9655bd-SYD
content-encoding
br
content-type
text/html
date
Wed, 16 Nov 2022 08:08:01 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubSVHdjcJhDALBvPrlUfM7ksCyu7S2asol3IZMVQ4Gm5yLkxqo3vJL%2BbVWS9hRB%2FW8O92p5TLoTMtov7UNgrCyFme4Z31D0RmliIJK524a41iOxLcjPhZjAYxe4w%2BF1%2B7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 769E 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
14c993237d4dd4abe952f398aae78375e76629f22f6d51a910e194be4a373e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27216
x-xss-protection
0
server
sffe
etag
"1393 / 712 of 1000 / last-modified: 1668553677"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Nov 2022 08:08:02 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E506 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
14c993237d4dd4abe952f398aae78375e76629f22f6d51a910e194be4a373e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27216
x-xss-protection
0
server
sffe
etag
"1393 / 944 of 1000 / last-modified: 1668553677"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Nov 2022 08:08:02 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Wed, 16 Nov 2022 08:08:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a89c99a73b3c1f0c7a3977dd68ceba2286f13385d81aa1bf2c6811bce17f84fd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:10:34 GMT
age
43048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57837
x-xss-protection
0
server
sffe
etag
"23f3142da2c5be06"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:10:34 GMT
pubads_impl_2022111001.js
securepubads.g.doubleclick.net/gpt/ Frame 769E 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28522
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132474
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 09:36:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Nov 2023 00:12:41 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E7%A7%81%E5%AF%86%E8%99%95%E5%88%86%E6%B3%8C%E7%89%A9%EF%BC%8C%20%E5%8E%9F%E4%BE%86%E9%80%99%E6%A8%A3%E6%98%AF%E7%95%B0%E5%B8%B8%E7%9A%84%EF%BC%8110%E7%A8%AE%E5%AF%A6%E7%94%A8%E4%BF%9D%E5%81%A5%E6%B3%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-8Twq7C3_VFemPe13nrkhFA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.2911912072568481&gjid=0.7799155887756557&_r=1&a=5158&z=0.2727704328865561&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-41239213303798795131.ampproject.net/2211042305000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-41239213303798795131.ampproject.net/2211042305000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pubads_impl_2022111001.js
securepubads.g.doubleclick.net/gpt/ Frame E506 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28522
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132474
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 09:36:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Nov 2023 00:12:41 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 2043 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
17
content-length
4730
content-type
text/html
date
Wed, 16 Nov 2022 08:08:02 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
x-amz-cf-id
uREEvHEGIiitLksGfBw-ibmop35IFZxQiJ6HNBHcvrYeCuZAN16MMg==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 3588 		662 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 08:07:13 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
51
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
9p4gfDM0y4fMQSfeaK9c7eTqfAv0aVj4qK_l34ILImbN9vi8dRxuEw==
presetfn.js
cdn.holmesmind.com/js/ Frame CA6F 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VaSpewhnvI6bFcTAqatFk5SqvLFpxvJd
date
Wed, 16 Nov 2022 08:07:41 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 05:58:48 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
22
etag
"760acffabe0db50f11b07aec24b247c5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9628
x-amz-cf-id
KsOU_oMJqTSGCq6xU0J48jqPpD4Vi7wfS2ENZzONIVZKlSuyXf82uA==
capmapping.htm
cdn.holmesmind.com/js/ Frame FFC1 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
17
content-length
4730
content-type
text/html
date
Wed, 16 Nov 2022 08:08:02 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
x-amz-cf-id
KdTcHZnvMsNVXo2toleN-W7h3qJBfdEediaVJVJvLrL-z-apzIQrAw==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 909B 		662 B
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 08:07:13 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
51
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
eXdUi5rtUykyW1tPTPSRE1rFPy1w7smykRgPBDUHTGctGu8rKB69Zg==
presetfn.js
cdn.holmesmind.com/js/ Frame 8510 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VaSpewhnvI6bFcTAqatFk5SqvLFpxvJd
date
Wed, 16 Nov 2022 08:07:41 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 05:58:48 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
22
etag
"760acffabe0db50f11b07aec24b247c5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9628
x-amz-cf-id
eARXvgAGCOcOLgBaeUYe4c-O-0Vg1YOzXaB37t008OoNXhKHU01rXg==
cm.php
fcm.holmesmind.com/ Frame 7F76 		332 B
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 08:08:12 GMT
referrer-policy
no-referrer
utag.js
t.ssp.hinet.net/ Frame 2043 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:03 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 16 Nov 2022 08:18:03 GMT
cm
c.holmesmind.com/ Frame 2043
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Wed, 16 Nov 2022 08:08:04 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame CA6F 		1 KB
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14006
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-93.sin52.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 07:59:43 GMT
content-encoding
gzip
via
1.1 bdc887cea2b02ccd10a15dd4a890c9c2.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
500
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
x-amz-cf-id
7gu_6PnZDfL3DmGUZi86hiHk1PInX1Nnnr68cR59uIWS5z9tTWbgxw==
cm
c.holmesmind.com/ Frame FFC1
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Wed, 16 Nov 2022 08:08:04 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
cm.php
fcm.holmesmind.com/ Frame 2E6A 		332 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 08:08:09 GMT
referrer-policy
no-referrer
utag.js
t.ssp.hinet.net/ Frame FFC1 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:03 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 16 Nov 2022 08:18:03 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 8510 		1 KB
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14006
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-93.sin52.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 07:59:43 GMT
content-encoding
gzip
via
1.1 bdc887cea2b02ccd10a15dd4a890c9c2.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
500
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
x-amz-cf-id
Epq5NGEvyCVFPn8KKF2p4s6r93VLd4OUspP0skggKmdbdkQSHD0GSg==
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1668586083301
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 16 Nov 2022 08:08:03 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=10
accept-ranges
bytes
content-length
631
expires
Wed, 16 Nov 2022 09:08:03 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 16 Nov 2022 08:08:04 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=83
content-length
94168
expires
Thu, 16 Nov 2023 08:08:04 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 16 Nov 2022 08:08:04 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=9
content-length
211
expires
Thu, 16 Nov 2023 08:08:04 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 16 Nov 2022 08:08:05 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=41, origin; dur=420
content-length
17440
expires
Wed, 16 Nov 2022 09:08:05 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
14c993237d4dd4abe952f398aae78375e76629f22f6d51a910e194be4a373e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27216
x-xss-protection
0
server
sffe
etag
"1393 / 805 of 1000 / last-modified: 1668553677"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Nov 2022 08:08:03 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:04 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2Njg1ODYwODM3MTMsInBhY2tldElkIjoiMDAwMEE3MDEtMGIzZjcyMjItOWQ2OC00ODgyLTg1MjUtOGYzMTdjMTAzNTdkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NpLW1pLWNodS1mZW4tbWktd3UteXVhbi1sYWktemhlLXlhbmctc2hpLXlpLWNoYW5nLWRlLTEwY2hvbmctc2hpLXlvbmctYmFvLWppYW4tZmEuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=6847
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:04 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2Njg1ODYwODM3MTQsInBhY2tldElkIjoiMDAwMEE3MDEtMGIzZjcyMjItOWQ2OC00ODgyLTg1MjUtOGYzMTdjMTAzNTdkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NpLW1pLWNodS1mZW4tbWktd3UteXVhbi1sYWktemhlLXlhbmctc2hpLXlpLWNoYW5nLWRlLTEwY2hvbmctc2hpLXlvbmctYmFvLWppYW4tZmEuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=6847.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:04 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2Njg1ODYwODM3MTQsInBhY2tldElkIjoiMDAwMEE3MDEtMGIzZjcyMjItOWQ2OC00ODgyLTg1MjUtOGYzMTdjMTAzNTdkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NpLW1pLWNodS1mZW4tbWktd3UteXVhbi1sYWktemhlLXlhbmctc2hpLXlpLWNoYW5nLWRlLTEwY2hvbmctc2hpLXlvbmctYmFvLWppYW4tZmEuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19&c_b=6848
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:04 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
1189
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Wed, 16 Nov 2022 12:08:04 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2Njg1ODYwODM3MjAsInBhY2tldElkIjoiMDAwMEE3MDEtMGIzZjcyMjItOWQ2OC00ODgyLTg1MjUtOGYzMTdjMTAzNTdkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NpLW1pLWNodS1mZW4tbWktd3UteXVhbi1sYWktemhlLXlhbmctc2hpLXlpLWNoYW5nLWRlLTEwY2hvbmctc2hpLXlvbmctYmFvLWppYW4tZmEuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=6853.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:04 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2Njg1ODYwODM3MjMsInBhY2tldElkIjoiMDAwMEE3MDEtMGIzZjcyMjItOWQ2OC00ODgyLTg1MjUtOGYzMTdjMTAzNTdkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NpLW1pLWNodS1mZW4tbWktd3UteXVhbi1sYWktemhlLXlhbmctc2hpLXlpLWNoYW5nLWRlLTEwY2hvbmctc2hpLXlvbmctYmFvLWppYW4tZmEuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M18xMjBYNjAwXzEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=6856.89999961853
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:04 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0439 		603 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-90762489445132849&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3462&oid=2&is_amp=5&amp_v=2211042305000&d_imp=1&c=87313005158&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&ga_hid=5158&dt=1668586082938&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&bdt=4519&dtd=794&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:04 GMT
expires
Wed, 16 Nov 2022 08:08:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 769E 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 769E 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 769E 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1321784938764589&correlator=1889314455623208&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1668586083809&lmt=1644386353&dlt=1668586081606&idt=2176&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=qq0ndggpg4kf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=75492847.1668586084&ga_sid=1668586084&ga_hid=1732788317&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
95bdea58ff69ee6eb1f597ed9fc0b1de4cb3eb78b77e6d75c8b448f293daf2db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
40b6da1645e64147d6f7c35bda4143df.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7BB3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40b6da1645e64147d6f7c35bda4143df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:04 GMT
expires
Thu, 16 Nov 2023 08:08:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads.js
ad.holmesmind.com/adserver/ Frame CA6F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&n=230&o=1&d=1&b=2&ts=1&ii=2&FPCK=6902-gHTlrNNUXmF8MQPhl5xfwGyImbmw15qO&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.87.8 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-87-8.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
aa76dd015baf6525e2717fc75cac917cb6ff47e37419a721e382618e66818ac6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 16 Nov 2022 08:08:04 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame CA6F 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 08:07:59 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
6
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
pA-HW0YcCsMKEept5SXr-_ZoOhX6MpWpC68ctBikLqqnY4e9xJKWtw==
publishertag.js
static.criteo.net/js/ld/ Frame CA6F 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 17 Nov 2022 08:08:04 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame CA6F 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 08:07:54 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
10
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
Nqcvo_UhZ2qxSIGuj57RkKiSk3VlZb2AebZRlJaTcXOrdpyUfxKFZg==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame CA6F 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 08:07:33 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
32
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
D3X7KhEx_tHea_5XkLw28zl4_qaYa_ZW0pqLzJB2Jim0C_2k96kL_g==
appierV2.js
cdn.holmesmind.com/js/ Frame CA6F 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 08:07:56 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
9
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
orIMqJnplDu_JynJmQOs7a_hsjDeO6icHN7d9TVx9NBZAnJIxYrdJw==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame CA6F 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QNf_HVa__9WDJ9903hLaQWAhMnzhWu2z
date
Wed, 16 Nov 2022 08:07:56 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 09:50:43 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
9
etag
"b678af4b54f33f8ef194167ea87bc296"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5925
x-amz-cf-id
4XY_piDoiWDPjlAgcyI0wXiqaw_BYI9S741jDoll2k9L18i1dM5Vhg==
ads.js
ad.holmesmind.com/adserver/ Frame 8510 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&n=794&o=1&d=1&b=2&ts=1&ii=2&FPCK=6902-gHTlrNNUXmF8MQPhl5xfwGyImbmw15qO&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.87.8 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-87-8.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3b1e123fa7a59f887749f1d077b789c560fd1ace3fe3233258acca0960177807

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 16 Nov 2022 08:08:04 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 8510 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 08:07:59 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
6
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
Cmn9w1JJ6WN1EVydKsjoEhhGsgTofqgTo90OjEqLcaoHM4VW1FrOxw==
publishertag.js
static.criteo.net/js/ld/ Frame 8510 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 17 Nov 2022 08:08:04 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 8510 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 08:08:04 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
10
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
g_ijAgz_uwCkvb2sJGGXv2j6uP2NIIfDqCMINa9a5X6rMkCGftZpnw==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 8510 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 08:07:33 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
32
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
-vShv0o1bYpzK7Mfpr7uXN1PUcVwI1KofCeY_iYPrYdZgDHClryo7g==
appierV2.js
cdn.holmesmind.com/js/ Frame 8510 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 08:07:56 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
9
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
l77Eo3P-SUvMRoBCZktPf4zJAlnmWcMU576zOgYuuC1eyFsEMz48nA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 8510 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QNf_HVa__9WDJ9903hLaQWAhMnzhWu2z
date
Wed, 16 Nov 2022 08:07:56 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 09:50:43 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
9
etag
"b678af4b54f33f8ef194167ea87bc296"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5925
x-amz-cf-id
EVXo77FAUIlejR7_s2CStUrE7forqBSK_kstVFvOHDQYKxstP0wHqQ==
integrator.js
adservice.google.co.nz/adsid/ Frame E506 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E506 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E506 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=427432321430001&correlator=2648123908437394&eid=44761478%2C44752586&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&didk=446648180&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1668586084010&lmt=1644386353&dlt=1668586081614&idt=2388&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=gr8027vxnvzj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1786130706.1668586084&ga_sid=1668586084&ga_hid=2011824446&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
fe3c7ec526b387428a2493b4e8d799feaef879057164e9e5ab3055322f3dd7e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
92970b96c11ec10c9f747f8df2fc1dea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 507C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://92970b96c11ec10c9f747f8df2fc1dea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:04 GMT
expires
Thu, 16 Nov 2023 08:08:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022111001.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132474
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 09:36:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Nov 2023 00:12:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Wed, 16 Nov 2022 08:08:04 GMT
/
t.ssp.hinet.net/ Frame 2043 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
80da68138a2df0a4cd29367b005878c808ae3db9a778551a1f679c26a563574d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame FFC1 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
ddf6ed74e0df01a68599b97d617e93cf022a7d4d89442661dedca0b2b3c7bcd8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
landing.php
fp.holmesmind.com/ Frame BBBF 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=933-wRRS8LeNJ5cjrPnsjHeLX3cw9byQeVKz&CFFPCKUUID=6902-gHTlrNNUXmF8MQPhl5xfwGyImbmw15qO&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&maindomain=www.bg3.co
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 08:08:04 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame CA6F 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 16 Nov 2022 08:18:04 GMT
landing.php
fp.holmesmind.com/ Frame 1A41 		0
249 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=933-wRRS8LeNJ5cjrPnsjHeLX3cw9byQeVKz&CFFPCKUUID=6902-gHTlrNNUXmF8MQPhl5xfwGyImbmw15qO&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&maindomain=www.bg3.co
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 08:08:04 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 8510 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 16 Nov 2022 08:18:04 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame CA6F 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 16 Nov 2022 08:08:04 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame CA6F 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9625831287931843
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 16 Nov 2022 08:08:05 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
private
Access-Control-Allow-Credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame CA6F 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5374541767311989
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 16 Nov 2022 08:08:05 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
private
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame CA6F
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=F4j7polEDeawTFcYZZp0Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=F4j7polEDeawTFcYZZp0Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:06 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 08:08:05 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=F4j7polEDeawTFcYZZp0Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame CA6F
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=tHBSeXvHCJ2pZwBIZZp0Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=tHBSeXvHCJ2pZwBIZZp0Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:06 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 08:08:05 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=tHBSeXvHCJ2pZwBIZZp0Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame CA6F
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Y4mntHZmClyi1tVQZZp0Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Y4mntHZmClyi1tVQZZp0Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:06 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 08:08:05 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Y4mntHZmClyi1tVQZZp0Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 8510 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 16 Nov 2022 08:08:04 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 8510 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7435015765935269
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 16 Nov 2022 08:08:05 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
private
Access-Control-Allow-Credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame 8510 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5333053709309288
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 16 Nov 2022 08:08:05 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
private
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 8510
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=AS869s0EAOi_M8qbZZp0Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=AS869s0EAOi_M8qbZZp0Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:06 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 08:08:05 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=AS869s0EAOi_M8qbZZp0Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 8510
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=5o-8IJB8AgK7fiMVZZp0Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=5o-8IJB8AgK7fiMVZZp0Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:06 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 08:08:05 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=5o-8IJB8AgK7fiMVZZp0Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 8510
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=prfpfioaCUCQW4suZZp0Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=prfpfioaCUCQW4suZZp0Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:06 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 08:08:05 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=prfpfioaCUCQW4suZZp0Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 8510
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=1ym1LQtuBXCBmIbSZZp0Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=1ym1LQtuBXCBmIbSZZp0Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:06 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 08:08:05 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=1ym1LQtuBXCBmIbSZZp0Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 8510
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=efYXQIJgDpCxp_5DZZp0Yw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=efYXQIJgDpCxp_5DZZp0Yw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:06 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 16 Nov 2022 08:08:05 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=efYXQIJgDpCxp_5DZZp0Yw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
/
t.ssp.hinet.net/ Frame CA6F 		36 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
dfba51e1a3dd938ef659716376199cdac72bebf340d80e7e5793a8a55b405a3d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 8510 		36 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
dfba51e1a3dd938ef659716376199cdac72bebf340d80e7e5793a8a55b405a3d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/getconfig/ Frame 769E 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
2f5d50507085a96531fbecdaf80f523275621542620c4a77381ddefb5bc36665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12429
x-xss-protection
0
drawV2.js
cdn.holmesmind.com/js/ Frame 8510 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&n=794&o=1&d=1&b=2&ts=1&ii=2&FPCK=6902-gHTlrNNUXmF8MQPhl5xfwGyImbmw15qO&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 08:07:49 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
15
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
popuBWYyK2K3qALYZraLhHz3gP0woHFtOUyls-QSmapo6mrocgfPaQ==
emome2
t.ssp.hinet.net/ Frame CA6F 		30 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=8fc5bb7b-95f9-4b29-b30e-a9efc2ad2d23
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
drawV2.js
cdn.holmesmind.com/js/ Frame CA6F 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&n=230&o=1&d=1&b=2&ts=1&ii=2&FPCK=6902-gHTlrNNUXmF8MQPhl5xfwGyImbmw15qO&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 16 Nov 2022 08:07:49 GMT
via
1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
15
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
opFBk5yWCINDcu7gYkGmtdOJTWkyfiiaiIx_8re9buHEyfV3_-_Pgg==
sodar
pagead2.googlesyndication.com/getconfig/ Frame E506 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
5b9d480de80672f10fcf85c4f718d224e6ef92ca908fcb2ab281c0e1af46e3f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12554
x-xss-protection
0
cm
t.ssp.hinet.net/ Frame CA6F 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=933-wRRS8LeNJ5cjrPnsjHeLX3cw9byQeVKz&mp=8fc5bb7b-95f9-4b29-b30e-a9efc2ad2d23
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
8fc5bb7b-95f9-4b29-b30e-a9efc2ad2d23.t.ssp.hinet.net/ Frame CA6F 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8fc5bb7b-95f9-4b29-b30e-a9efc2ad2d23.t.ssp.hinet.net/pixel?bd=8fc5bb7b-95f9-4b29-b30e-a9efc2ad2d23&t=50ef57&referrer=https%3A%2F%2Fwww.bg3.co
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cdb
bidder.criteo.com/ Frame CA6F 		177 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=64452857066
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
eab106d6ee70b0701ec324df38541deb3fffd7f5f07ec6c1e7e78a765cea6c9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
cdb
bidder.criteo.com/ Frame CA6F 		177 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=5119826228
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
bae1aa292dc7206226ef5b9cdb55d41a9fb35154e9217657f2c95f9afb4c342e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
164
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d3eb4ba7978b0c89ef74df200f23f3fd1f4eddc5889a9976cdb9aebef14ec67e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
content-encoding
gzip
etag
"dGMVEkJqMDGUKmTNQCF+Mg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 23 Nov 2022 08:08:05 GMT
cdb
bidder.criteo.com/ Frame 8510 		177 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=49919261240
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f033b14ac8b9383d2a41767657156498db3adc2d25258efc822cefb7eedc94df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Nov 2022 08:08:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
164
cdb
bidder.criteo.com/ Frame 8510 		177 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=82619159571
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e74f669bd829be45d45165e47dbd129e3bdbfce07c573ec94211d072c7bf5a1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
162
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 769E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 08:08:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E506 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 08:08:05 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221116
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be946869936f642674f2073b89f18c15e1e1db3c37b48470fb87335e861bc920
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18307
x-jsd-version
1.0.1525
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4551-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-ZMuZpSN/SODwIlE9UGDBmWvTtLo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQO2UdII%2BhB7Vf4emnfdU80PldTzE1hADYTc8zfMPEi3WNcK1h86Nl9VVNHXWTcD8OPIinyRJ%2BWJHUClx37Sj50CyE4VYvi3yyqoDMRertIcml3E64DtppcWGuIJM%2BJS04A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76aebc9d0bcda973-SYD
adreq
ads.servenobid.com/ 		717 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3740
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Nov 2022 08:08:06 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:06 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 16 Nov 2022 08:08:06 GMT
auction
tlx.3lift.com/header/ 		25 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.135.113 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-135-113.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef4b583c4b292fd9a15a1fce0af1a41c4216af6a6a64c056e6de0e8f39ef8c27
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:06 GMT
content-encoding
gzip
accept-ch
sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
8877
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=9373975009
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid-request
onetag-sys.com/ 		15 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
89aad8f50f137d35f2b7b49e6ad90f29a573e04337f0a61547e857a56cb2e17f

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Nov 2022 08:08:06 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
arj
adpushup-d.openx.net/w/1.0/ 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7539ff30-e352-4c58-ba5b-ef90320bd5a9%2C79c809b5-a5fb-4a20-ba63-5659aa18a0ee%2Cc46cf449-3b3d-4284-ba51-d0609ad9313f&nocache=1668586085605&pubcid=7a136458-8d60-4bc3-afdf-382aadb9d233&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
dcd6224108230aec446f13cd6b484c803211bf494084773556a30a91479bcbe4

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:06 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4767
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d14309bf-639f-455e-9b8b-e84363f6c466&nocache=1668586085606&pubcid=7a136458-8d60-4bc3-afdf-382aadb9d233&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:06 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cc1b427f-39bc-4ee4-9ee4-84214ccd976b&nocache=1668586085606&pubcid=7a136458-8d60-4bc3-afdf-382aadb9d233&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:06 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a915ed44-319b-439b-a198-f5d0e6578ac2&nocache=1668586085606&pubcid=7a136458-8d60-4bc3-afdf-382aadb9d233&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:06 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		376 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e05fefda78071d16d99a6dc741beb79ddfb319a09cdf44de460961ac5d8844a0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:06 GMT
AN-X-Request-Uuid
03913935-272d-467a-b5a1-91deb2cae619
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
376
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Wed, 16 Nov 2022 08:08:06 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.5.119 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-5-119.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
522a32b55b17792e9e619821a38211d6bfe506c81dd75baa6a5a12732efced71

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:07 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.5.119 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-5-119.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
026bffe13ada672844309676b4fc96968f5c8e4f15d478ff064416b16069bf83

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:07 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.5.119 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-5-119.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6c55a2eeab76b7ba07ede1009a37794e6907b1fc0b94df2f67afc72388b1e59a

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:07 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=7a136458-8d60-4bc3-afdf-382aadb9d233%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=322aeb09-cf77-47bf-8734-944f2fe41ee9%3Ba3f1f328-57ef-488a-9f05-e8bc8ef139fb%3B6ff3b0d5-958f-4b71-8680-dfd3c09b96ed&l_pb_bid_id=49d656dbb94172c%3B50f778583e7a319%3B51557cf2e8a4c38&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.3000038919208956
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
213d9ae144d1afc40c8f967b9489cffbd280abac0512d461f0f6c945a929fc06

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:06 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fb7695ab4030c30f85825fe0c84e612c7c755db1ebb442f8316aad6efccbbf9b

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:06 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
98
alt-svc
clear
expires
Wed, 16 Nov 2022 08:08:06 GMT
cygnus
htlb.casalemedia.com/ 		37 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2256659759ad84f5f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2263bbb910bd49a9c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2266b394c9af9c46f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22672ef7bf7d1de89%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227a136458-8d60-4bc3-afdf-382aadb9d233%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8260f4549e1b95322f11e02dc3872950de2b71f3b12d716317f5f9e543a02f18

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCsVl3wihu24x9JpQvJtGFBvUtrla78HuXp7vGYoQS7wTugsXwdGqX9ADa9k18zMUu8OCJLpLQBCct5ulJXC4OJLaltgDvaNiIbsGFNsj1LBRq9ryVySGWvIjtBriAcUHJaob589"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76aebc9d1f27fb7c-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2256659759ad84f5f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2266b394c9af9c46f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22672ef7bf7d1de89%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227a136458-8d60-4bc3-afdf-382aadb9d233%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8260f4549e1b95322f11e02dc3872950de2b71f3b12d716317f5f9e543a02f18

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BpZeAxJm9JCdXH9Os3UUSC0oYfec9D9DGHAgrM3y6znkNrQQEJ4%2Fp0%2BDH1Zggcc4ykOuTvBZY1pmTXr7E0uD2%2FrtIZZddh44zo2tXvyRDk0B9Xe4fH6hlpkfos1ercMNIJl3B2e"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76aebc9d1f28fb7c-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		0
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 934B 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
8c9227d7f994de902f7c5197a16ac999fb2a37a6906caf65b18c3efee8149a25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34254
x-xss-protection
0
server
cafe
etag
2434827272287017022
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Nov 2022 08:08:06 GMT
events
bidder.criteo.com/csm/ Frame CA6F 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame 8510 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame 8510 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2064 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
c18a525d02460dcbbf00a4f1c52440779150c20584e79e03c892a04189070c83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34247
x-xss-protection
0
server
cafe
etag
15876890856963578756
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Nov 2022 08:08:06 GMT
events
bidder.criteo.com/csm/ Frame CA6F 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Nov 2022 08:08:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-78.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 07:25:19 GMT
via
1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
2568
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
DFfc7WaCTkJbrxuQRP8xSzvuB0ouT-q8J1p1aCT2n3EGyMLqAJvRsg==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7FC8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
80964
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 09:38:42 GMT
expires
Wed, 15 Nov 2023 09:38:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BB40 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f104.1e100.net
Software
GSE /
Resource Hash
eaa4c358dc4bc1f7d9e69bbe3a811dbb0173b33a1a03ed9bf4537f8d3225e61c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YtFgi93NvnU6TzBJ94xISA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-YtFgi93NvnU6TzBJ94xISA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:06 GMT
expires
Wed, 16 Nov 2022 08:08:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 040F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
80964
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 09:38:42 GMT
expires
Wed, 15 Nov 2023 09:38:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FE4F 		783 B
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f104.1e100.net
Software
GSE /
Resource Hash
c241581f081a69f1f23be04915a3271b27e7a64deda81dd6989aa048fd8a5145
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-09FVhvF8nqk7elZBh_79Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-09FVhvF8nqk7elZBh_79Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:06 GMT
expires
Wed, 16 Nov 2022 08:08:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel;r=1236456485;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html;uh=e51ed67dfb8d91dc24b15e2ace0c3...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1236456485;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1577351276-1668586085772;pbc=7a136458-8d60-4bc3-afdf-382aadb9d233;ns=0;ce=1;qjs=1;qv=4a00825e-20221110201859;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1668586086501;tzo=0;ogl=;ses=4ed35562-97f6-421f-ae9a-c44c8537eb85
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI2OTE5NjFfMTY2ODU4NjA4NjcyMCIsInVzZXJJZCI6IjE2Nzc3N18xNjY4NTg2MDg2NzIwIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNTk0NzI1XzE2Njg1ODYwODY3MjAiLCJwYWdlUGF0aCI6IiUyRmElMkZzaS1taS1jaHUtZmVuLW1pLXd1LXl1YW4tbGFpLXpoZS15YW5nLXNoaS15aS1jaGFuZy1kZS0xMGNob25nLXNoaS15b25nLWJhby1qaWFuLWZhLmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGc2ktbWktY2h1LWZlbi1taS13dS15dWFuLWxhaS16aGUteWFuZy1zaGkteWktY2hhbmctZGUtMTBjaG9uZy1zaGkteW9uZy1iYW8tamlhbi1mYS5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6ImRlc2NyaXB0aW9uUGFnZSIsImV4cGVyaW1lbnRQYWdlIjp0cnVlLCJ0aW1lc3RhbXAiOjE2Njg1ODYwODY3MjF9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:08 GMT
server
nginx/1.14.0 (Ubuntu)
L2Evc2ktbWktY2h1LWZlbi1taS13dS15dWFuLWxhaS16aGUteWFuZy1zaGkteWktY2hhbmctZGUtMTBjaG9uZy1zaGkteW9uZy1iYW8tamlhbi1mYS5odG1s.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2Evc2ktbWktY2h1LWZlbi1taS13dS15dWFuLWxhaS16aGUteWFuZy1zaGkteWktY2hhbmctZGUtMTBjaG9uZy1zaGkteW9uZy1iYW8tamlhbi1mYS5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Wed, 16 Nov 2022 08:08:07 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=44, origin; dur=204
content-length
555
expires
Wed, 16 Nov 2022 09:08:07 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 7FC8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 04:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
271304
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Nov 2023 04:46:22 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 040F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 04:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
271304
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Nov 2023 04:46:22 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 2064 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
27b6a1a1b9fce1c609e64c20eae9ad7839a2209b110663d4d42368186fc309ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119603
x-xss-protection
0
server
cafe
etag
6341151266107442423
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Nov 2022 08:08:06 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 934B 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
6348da6b652de2baefe437f72327f5bf10ed982630d4c0d092e627485169555d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119603
x-xss-protection
0
server
cafe
etag
14188585087142564408
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Nov 2022 08:08:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BB40 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111001&jk=1321784938764589&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame FE4F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111001&jk=427432321430001&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7FC8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?sE0R8A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 040F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zs_cTA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
js
www.googletagmanager.com/gtag/ 		223 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
79277123809e51ee81022355e8135a77f5f173eb9d4b861121c6aba17f196975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78328
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Nov 2022 08:08:07 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9zaS1taS1jaHUtZmVuLW1pLXd1LXl1YW4tbGFpLXpoZS15YW5nLXNoaS15aS1jaGFuZy1kZS0xMGNob25nLXNoaS15b25nLWJhby1qaWFuLWZhLmh0bWwiLCJ0aW1lIjoxNjY4NTg2MDg3MzI1fQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:08 GMT
server
nginx/1.14.0 (Ubuntu)
cookie.js
partner.googleadservices.com/gampad/ Frame 2064 		379 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
1db1bed3d7eeaa51da932edf9982644f94bc4be5d06180bd26da220689235a52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 2064 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2064 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7756 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
92087e6760d4136f17162bffdd822b9194598567897c8f40c599335786c0b0a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
12916
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:08 GMT
expires
Wed, 16 Nov 2022 08:08:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 934B 		379 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
4f04b5c83fea3f3eba3aa7ebb2e93bbb6bae3e3a357eb6390a7805e52799ee17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 934B 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 934B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2ACC 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086898&bpp=13&bdt=1268&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=1&ga_vid=1073885939.1668586088&ga_sid=1668586088&ga_hid=1140736577&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C44774649%2C42531705%2C44774653&oid=2&pvsid=3790493250117055&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17ayy7jn3lqg&fsb=1&dtd=786
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
4b23cb4468f2421440ab2fcfd445092a9e38cb56682b953bc83012a1bdf5edab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
12797
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:08 GMT
expires
Wed, 16 Nov 2022 08:08:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		97 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2169354092656924&correlator=3443009640318473&eid=31070747%2C31068366&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-40&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D77d5d4b0559c432%26hb_ap_bidder%3Dtriplelift%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D75f3b290141e929%26hb_ap_bidder%3Dopenx%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1668586087800&lmt=1668586087&dlt=1668586078419&idt=6478&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=287406375.1668586088&ga_sid=1668586088&ga_hid=5158&ga_fc=false&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
b4f3cae6beb63f925d4fb738f7d884ac1f5279a0646eda338c9b105a2fa15c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25502
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E6C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:07 GMT
expires
Thu, 16 Nov 2023 08:08:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb90&_p=5158&cid=287406375.1668586088&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668586088&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&dt=%E7%A7%81%E5%AF%86%E8%99%95%E5%88%86%E6%B3%8C%E7%89%A9%EF%BC%8C%20%E5%8E%9F%E4%BE%86%E9%80%99%E6%A8%A3%E6%98%AF%E7%95%B0%E5%B8%B8%E7%9A%84%EF%BC%8110%E7%A8%AE%E5%AF%A6%E7%94%A8%E4%BF%9D%E5%81%A5%E6%B3%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2ED3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:07 GMT
expires
Thu, 16 Nov 2023 08:08:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=11691.699999809265&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiJmYzc5OTkzMS05NTg5LTQ0MjMtYWQ1MS02ZGE3MTBkZWM2MDUiLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTBiM2Y3MjIyLTlkNjgtNDg4Mi04NTI1LThmMzE3YzEwMzU3ZCIsImNvdW50cnkiOiJOWiIsInNpdGVJZCI6NDI3NTMsInRpbWVTdGFtcCI6MTY2ODU4NjA4ODU1OH0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 16 Nov 2022 08:08:09 GMT
Server
nginx/1.18.0 (Ubuntu)
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame C6DD 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 23:08:01 GMT
age
32407
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 23:08:01 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C6DD 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 22:54:03 GMT
age
33245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 22:54:03 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C6DD 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 23:13:02 GMT
age
32106
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 23:13:02 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C6DD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 23:07:34 GMT
age
32434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 23:07:34 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C6DD 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 22:41:14 GMT
age
34014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 22:41:14 GMT
truncated
/ Frame C6DD 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7190818ec354818df8397595b2280323490e5c9473f99d9ed64399781aae8461

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
CC_Tyre_Centre_OCT_Our_Reviews_Speak_For_Themselves_EMEC_GDN_728x90.png
tpc.googlesyndication.com/sadbundle/8444619643638210031/ Frame C6DD 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8444619643638210031/CC_Tyre_Centre_OCT_Our_Reviews_Speak_For_Themselves_EMEC_GDN_728x90.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
51ea63533ada918dc8595d04b77e0249c4144a65f8c819061d8f76bc0bd07985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24109
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 04:36:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 16 Nov 2023 08:08:08 GMT
container.html
8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F345 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:07 GMT
expires
Thu, 16 Nov 2023 08:08:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C6DD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 21:19:53 GMT
x-content-type-options
nosniff
server
cafe
age
38895
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Wed, 16 Nov 2022 21:19:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C6DD 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 10:20:07 GMT
x-content-type-options
nosniff
server
cafe
age
78481
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 16 Nov 2022 10:20:07 GMT
l
www.google.com/ads/measurement/ Frame C6DD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8lPisQ2BFzH6tWUHcv7iR0JFxVIrbr-QA1UD9VoI9-quSyskQ1o-VQrGK4iZaZ6a-9BLuYbKZm3GEtJuZh2TABsR9Rw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C6DD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C83StZ5p0Y4L0O7qB3LUPxaWs8A-vld6tbaySvuXFEP2Tt8nmMRABILqEwDNgq-yxheAYoAGDo6bNA8gBCakCo3SFPFyxpD7gAgCoAwHIAwiqBL4CT9CXbBQDnCOOa05N_Iz0M0Zye6QREG7mKNkEIfU9zj1gU16UDGRNuWsZhTF97YudHtv0UwHMVWa1k90sKiUpgcOkO_X5idVNoA7jF1m20n3V9GfXQ4GMXhTIZMv2NA9rqbV3SzIB-h3KjDybVxZYYdmoFsS0RoExayKsyJJdd3DO2FYF9XO8smqC83zMjLm5QlNKqO_0NstbZHL1oWJQugLv56HBQZgUklqI_qB6_EO4IBSnWQtGqnZwjP-iXnBSIz80K9bdSFvAYIzcE5ONwVmpOassAD4aVRD6FeiFR7csZZruBl0fhgOiU796GRqBX90hfcEPxASDKfSt1bs89LXiYvIG9RTwlOEIotAk2Jkfi6KyRJfSOfJWYbJsWmEACirmyA44y9jZ9E1AHTLPCJ2VcxkwXNdiI6i9KfJKwASStvTGlgTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH5dzZMqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIK8AdIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAdgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=1x2cKt-ka4k&uach_m=[UACH]&cid=CAQSOwDq26N9e7kwnrDjKao8ReaTr7qS-UbSxWSzp_sF-8DIHUkqmbbM_BEgaNp8cYnCPXMcvpr4X24f69p_GAEgEw&template_id=419
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=11720.300000190735&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiJmYzc5OTkzMS05NTg5LTQ0MjMtYWQ1MS02ZGE3MTBkZWM2MDUiLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTBiM2Y3MjIyLTlkNjgtNDg4Mi04NTI1LThmMzE3YzEwMzU3ZCIsImNvdW50cnkiOiJOWiIsInNpdGVJZCI6NDI3NTMsInRpbWVTdGFtcCI6MTY2ODU4NjA4ODU4N30%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 16 Nov 2022 08:08:09 GMT
Server
nginx/1.18.0 (Ubuntu)
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=11721.39999961853&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiJmYzc5OTkzMS05NTg5LTQ0MjMtYWQ1MS02ZGE3MTBkZWM2MDUiLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwicGFja2V0SWQiOiIwMDAwQTcwMS0wYjNmNzIyMi05ZDY4LTQ4ODItODUyNS04ZjMxN2MxMDM1N2QiLCJjb3VudHJ5IjoiTloiLCJzaXRlSWQiOjQyNzUzLCJ0aW1lU3RhbXAiOjE2Njg1ODYwODg1ODh9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 16 Nov 2022 08:08:09 GMT
Server
nginx/1.18.0 (Ubuntu)
adview
googleads.g.doubleclick.net/pagead/ Frame CDE8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ch-vxaJp0Y7uDAp2p4t4P0uiY4AyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLbGiioZ7emPqgDAaoErwJP0ETw6bJtFrLIPvDBtK3MgT93TzDH6Vg8L4aNrkxu8O5Jb3-5AZSpDqFJ4cRFxAmIVMCP-NQIu8MutEQwnf2REjdPsc0UY4OHvw8_h2F6jDistv2zKSwy3tMPyvLZ1lNoYIhv7qILo7gbaoZXiQut8oo1CGrZlcd2MyM3JWrDMm_jXudzi4IjnF7SpTrPQWDQZU8nvDbvVOfNnEFaU3CAQecrQSf2YtNTH4JZUivgE5yTiyGXebFEEf-fiOWAgGqMTuHpusTn_Q9-e-_87tOF3DEZRGn7pidDajQAvHPDFv6QFOTLwyEkDPPhc8DVErQ7ifak_d6PR22-YZb5-xWpalZMUyIu-rSrzl_aPVac6OXYr2dzDObu_2fwGfNWsNfRhIYI7oeXcq42GwPIIWuABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=8ngRXy5MIJU&uach_m=[UACH]&cid=CAQSKQDq26N9wMw18YdKluwFdZab7EQzi4OOzEOTZ5Xv0P-PAIpjo9_n0fe6GAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Nov 2022 08:08:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame CDE8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k8z_FPz1BqwC-gFi-C0SAgAAACE5AQwCW-6IAHiIk2U3JEEQZ5p0YyNZYeOxPIz7Uc3WABIAAA&wp=Y3SaaAAAgbsF2JSdAAY0UsD2bYVIX52lEbwRpw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
205907
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 77E2 		51 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAAAgbsF2JSdAAY0UsD2bYVIX52lEbwRpw&u=%7CblmW%2B78xYvO24PU1HIGV1U7CxfbgFPl3LU%2F4HOoIbxE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ6rMIWIpO3VPTJB-7wGvYWpdkgDChUYiXiEFK6UyuzkIpIwcpt8LJlclC9iAi5V4hYqRLeTnPUkgCaxtd-mTlzNhcQsnelFo2u3pgtc7DDEfDra2eFd6PENR_ysBcl1MWyADBZ_o7NnGdP2ZKElygrUEd7ekPoo11uslaXVOyXMRG5_KOSUitm5NY_6TfmPTc78QrhTnpYqxSAJArIVtj4zJooCScIvRgbODqFO5kX_wmrpA7WJEKnrmPPxw_A26uIM1kktSX_2sB0vshhqNpBo2Qwoc8tIFno53jlaDu5l380VCwgiQknJT9T99-MWS9c34qo1jfNloq-A5KNyXybd5w1I2KD84KXPyJMS7YgxlNksn2PHlxFqYszmNnD7iHFg97czokVJATBBiAdxS5klDT83mbM92OcXBZvqZ_o4i-wd7Kj6HW1A0l5rkAFyMz_zYHZUz1nklT7jNGtw5R_bBen_93xDO6NyENDBTP3wMEzdMTmB7YG-1bO77BLLPcuKdACLSptBzPC-wj2UGBGIw2tiBf0_1Sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbjbRaJp0Y7uDAp2p4t4P0uiY4AyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLbGiioZ7emPqgDAaoEsgJP0ETw6bJtFrLIPvDBtK3MgT93TzDH6Vg8L4aNrkxu8O5Jb3-5AZSpDqFJ4cRFxAmIVMCP-NQIu8MutEQwnf2REjdPsc0UY4OHvw8_h2F6jDistv2zKSwy3tMPyvLZ1lNoYIhv7qILo7gbaoZXiQut8oo1CGrZlcd2MyM3JWrDMm_jXudzi4IjnF7SpTrPQWDQZU8nvDbvVOfNnEFaU3CAQecrQSf2YtNTH4JZUivgE5yTiyGXebFEEf-fiOWAgGqMTuHpusTn_Q9-e-_87tOF3DEZRGn7pidDajQAvHPDFv6QFOTLwyEkDPPhc8DVErQ7ifak_d6PR22-YZb5-xWpalZMUyIu-rSrjF37r7NSYZsnJhbt57B0PE7kE2Rcns85DHVedE4pbIIu_OhZX5TfQAmABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_11iSGEiHkuV2W4zLPslF2jPHNf-w%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5983e4e959353ad972f456b3a23f9b43b1b03a5530530df67caab1c7e190826c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:08 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=uLOSZGfWJwwNOkB6YeLcoHubLkDWl-JjniTkwsE2k1IDVlWMrgJ-r7Q9M1anNwn4hkMw2FXTD9__CX0SMLtF094BSt_0n8CDQ42A_R8HAX3gxZ1QBJ719YNPQpcvWWe9kEcsKcQBY93wJ8BeIf_6fhyOfBKWLR4mq9CUagvolwctzWLS2wsJsN4_fno_o8N0Yr3zUnuSqfV0_KJtiCF74J6iNzNHna1ZJQjTFyUhvTIMr-XnhWi7V-jXPb-SDc5XWK15fV9bJJ3iBcQZ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2814880
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame CDE8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
56687
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:23:21 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E42B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
65569
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 13:55:19 GMT
etag
48472445140208031
expires
Wed, 16 Nov 2022 13:55:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame CDE8 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
56687
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:23:21 GMT
l
www.google.com/ads/measurement/ Frame CDE8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbniVj09KjVvdypGMYwxEXRhuS4XY1YP0tydi87gXrgcp5g_Yy-RAjujd8xEYvaDTbIRDR0vz2j1QNAq78u2KCfeYMUA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CDE8 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 08:08:09 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 17 Nov 2022 08:08:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 204B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CbaJEaJp0Y_SYB-aL3LUPqoOiwAGY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoEqQJP0LEKsYusBraWHVbla6Ndk_UN9ds7QNOqKPxCW8-w7igLPXXW1ERoR09mN3I3I-1qPPo5AmMHAZIiqAZwOqZG6CGsMuPVd6uwYEnUZMxkkqaq7D6bmwPzX3wS7iYLrLnRSwkOsEglrD5oHRVgOBLjtk_UI4gnFcjTJmVRMQWAs3cBk8kQSSJY8LiWMB8NlixubnZL-HYnOrHMHBqOeCZ5yCRwnDvGTNQXgRAl6vH7hnAGzMkLYIPSkyEon7sQpYx4Y3ZHXMDVG-WacFeGZLPvPlRMP9dAE-L96jKdzjVHydfPy31u7J22qzQImLheTar9hjtSmuE04ZqalCTQUGdGf0BL9Zgu3WUBdjvyMxb9K_U-cqdJpbDfHt1Lw-6RMA9ZSrjbA7bXQQGABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=EfqHiOREgbU&uach_m=[UACH]&cid=CAQSKQDq26N98vDewrh3DiCiwUyZTfvSp6_3xlnGEOH59hAtyQP0hNohnrCvGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086898&bpp=13&bdt=1268&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=1&ga_vid=1073885939.1668586088&ga_sid=1668586088&ga_hid=1140736577&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C44774649%2C42531705%2C44774653&oid=2&pvsid=3790493250117055&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17ayy7jn3lqg&fsb=1&dtd=786
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Nov 2022 08:08:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 204B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k8z_FPz1BqwC-gFi-C0SAgAAACE5AQwCW-6IAHiIk2U3JEEQZ5p0Y2zrWQQ8pReOhbh-ABIAAA&wp=Y3SaaAABzHQAtwXmAAiBqqtNWPCza_pntPmsng
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
172585
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 9592 		48 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAABzHQAtwXmAAiBqqtNWPCza_pntPmsng&u=%7CblmW%2B78xYvPawCxrpeal7UTb09aAfF9iI%2Fs1zCHTEag%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ_tIQWD71p_2W1r8IqVsJs-X3wyLFBDZ6KMSsjCGnrGc31W2HJq0Sdca2sN42hnwg8xDTJ_SxgyVB5G6ScC75IvqzQCH_Glt1yX0I5wRll4BHkvNu_9FcDbH1gclZOc8w5mqWkmXHEsOqpGG5S4nzkO4FPTXkAvzrKASyrP-ub5nPqDUPsVvFsYG1T8BY7swzp0ainFahwY2llACrbCchusi1Jr186aq36da4XH7vo1dFRR1UNgi-67vyJ1HPtEnNUUWkSa-UQe7XuwNzcBuapuSNy9pWa9jpCBMgUuwwnoyi8QRoDRtf7gqHm9oBVF21TVPcGZCwTMC7AOaBX7ZSTzijXkdfXz_BxY2xyTdTOu40cTfA45r8t4h0_-pBs6hF8d9YhYGjrzbkWB39Fg6dgu_5-UjpqyK9hjTGqTDH5hTFGgeIEnmbwotSax1mugqwxSC6_-_PIPm3VvS1TvRMc5BVZThem4WtnWljXprgAtplUMsbC4JHjnUsULBBZjbwjqBQ_V9DfGy9Z9hq2EE5ngsMsRm7Wptrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOJwgaJp0Y_SYB-aL3LUPqoOiwAGY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoErAJP0LEKsYusBraWHVbla6Ndk_UN9ds7QNOqKPxCW8-w7igLPXXW1ERoR09mN3I3I-1qPPo5AmMHAZIiqAZwOqZG6CGsMuPVd6uwYEnUZMxkkqaq7D6bmwPzX3wS7iYLrLnRSwkOsEglrD5oHRVgOBLjtk_UI4gnFcjTJmVRMQWAs3cBk8kQSSJY8LiWMB8NlixubnZL-HYnOrHMHBqOeCZ5yCRwnDvGTNQXgRAl6vH7hnAGzMkLYIPSkyEon7sQpYx4Y3ZHXMDVG-WacFeGZLPvPlRMP9dAE-L96jKdzjVHydfPy31u7J22qzQImLheTar9hjtSmuE04ZqalCTQUGdGf0BLt5oPT4DP_0UNumdjwKOksY5dryfVMMWjSx3HqsbnVJTD5F1GP_7kAF6ABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jUKfOYsExZtq831yQ7aQzggYRUg%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086898&bpp=13&bdt=1268&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=1&ga_vid=1073885939.1668586088&ga_sid=1668586088&ga_hid=1140736577&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C44774649%2C42531705%2C44774653&oid=2&pvsid=3790493250117055&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17ayy7jn3lqg&fsb=1&dtd=786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
aa391585461254bcdad0d85f6525155612c9496b67503ab5e3ffd1eada1e3799
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:09 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=c34pjmfWJwwNOkB6epXwuuGRiIkTEB-2Kro2DxrLOjTvcq-goa8GdYNjOAv8ZZjgF7pHtsAmuWv3xviMPFnGDl4jR21jFmtWwXAud0UtzdiK1X_eSIELNu5WnZ2S9TZuJOfNSaOABPStypvFIr27EDmTQz4XBKPv01M13HyhE3PJWuQM1C55Bv8H6CoWKcBown_ho7YEimjiZAhZBAY-fGMfMF64qNLapStxKvyLNaHFKjf5FG_OZRaia9h0NUPIDOZz--viPtmdxOq_"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
13733631
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 204B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086898&bpp=13&bdt=1268&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=1&ga_vid=1073885939.1668586088&ga_sid=1668586088&ga_hid=1140736577&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C44774649%2C42531705%2C44774653&oid=2&pvsid=3790493250117055&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17ayy7jn3lqg&fsb=1&dtd=786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
56687
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:23:21 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2DC4 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086898&bpp=13&bdt=1268&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=1&ga_vid=1073885939.1668586088&ga_sid=1668586088&ga_hid=1140736577&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C44774649%2C42531705%2C44774653&oid=2&pvsid=3790493250117055&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17ayy7jn3lqg&fsb=1&dtd=786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
65569
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 13:55:19 GMT
etag
48472445140208031
expires
Wed, 16 Nov 2022 13:55:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 204B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086898&bpp=13&bdt=1268&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=1&ga_vid=1073885939.1668586088&ga_sid=1668586088&ga_hid=1140736577&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C44774649%2C42531705%2C44774653&oid=2&pvsid=3790493250117055&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17ayy7jn3lqg&fsb=1&dtd=786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
56687
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:23:21 GMT
l
www.google.com/ads/measurement/ Frame 204B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRA4hd1dStwUjz208rffnEdHmZNZZ8CD7aNX3TBhLwNW7WYG-PLVuyQULqtqNRCNcVv0fn6cC-vilq7BLKSZwntQ_hywg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086898&bpp=13&bdt=1268&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=1&ga_vid=1073885939.1668586088&ga_sid=1668586088&ga_hid=1140736577&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C44774649%2C42531705%2C44774653&oid=2&pvsid=3790493250117055&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17ayy7jn3lqg&fsb=1&dtd=786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 204B 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086898&bpp=13&bdt=1268&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=1&ga_vid=1073885939.1668586088&ga_sid=1668586088&ga_hid=1140736577&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C44774649%2C42531705%2C44774653&oid=2&pvsid=3790493250117055&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17ayy7jn3lqg&fsb=1&dtd=786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 08:08:09 GMT
pixel
cm.g.doubleclick.net/ Frame E42B
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGwKLhT2Z5EsSC0h__ixaP8&google_cver=1&google_push=ASkJ3FatWPW5nHPatjWNK8QPwYNPvvfL7xeuGZEip2cVkNTwJ2HonE7I8GhyuColnVHOeWt7YREBs8k81xu74FViHkmJaJkLWPE3Jy...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8F8DDC3F656A478BB8086C577919FB8F&google_push=ASkJ3FatWPW5nHPatjWNK8QPwYNPvvfL7xeuGZEip2cVkNTwJ2HonE7I8GhyuColnVHOeWt7YREBs8k81xu74FV...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8F8DDC3F656A478BB8086C577919FB8F&google_push=ASkJ3FatWPW5nHPatjWNK8QPwYNPvvfL7xeuGZEip2cVkNTwJ2HonE7I8GhyuColnVHOeWt7YREBs8k81xu74FViHkmJaJkLWPE3JyHgVa2Eu2ywmSbwqLAgtK1PJeJ1F6v4JvpgQpZ0l-DI3_3BHWRAsXI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Protocol
H2
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8F8DDC3F656A478BB8086C577919FB8F&google_push=ASkJ3FatWPW5nHPatjWNK8QPwYNPvvfL7xeuGZEip2cVkNTwJ2HonE7I8GhyuColnVHOeWt7YREBs8k81xu74FViHkmJaJkLWPE3JyHgVa2Eu2ywmSbwqLAgtK1PJeJ1F6v4JvpgQpZ0l-DI3_3BHWRAsXI
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 15 Nov 2022 08:08:09 GMT
pixel
cm.g.doubleclick.net/ Frame E42B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPxWPToyWWxYyVrDStpbBHw&google_cver=1&google_push=ASkJ3FY4PGRi2H4-kgIp64Y4hL_KV35oVif_VuhbVuqa_0vSRj2Grx760BfaRxafl5ahrp7wAu_w--06i_h4X_4K4X...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEPxWPToyWWxYyVrDStpbBHw&google_cver=1&google_push=ASkJ3FY4PGRi2H4-kgIp64Y4hL_KV35oVif_VuhbVuqa_0vSRj2Grx760BfaRxafl5ahrp7wAu_w--06i_h4X_4K4X...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTMwNWNiYjAtZWUwZS00NmZiLWIxYTMtZDg2Njg3NTQ4YzJl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTMwNWNiYjAtZWUwZS00NmZiLWIxYTMtZDg2Njg3NTQ4YzJl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Protocol
H2
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YTMwNWNiYjAtZWUwZS00NmZiLWIxYTMtZDg2Njg3NTQ4YzJl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame E42B
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEMiKBRVNTCU3NGLQQO-LdvE&google_cver=1&google_push=ASkJ3FY_V26DBoSDaAsAh2KcrtE8EYYj8xgW3pBcuIsLN1A-S9YFl67pPaZjbpnEExuKdsFjEKm_-v_...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FY_V26DBoSDaAsAh2KcrtE8EYYj8xgW3pBcuIsLN1A-S9YFl67pPaZjbpnEExuKdsFjEKm_-v_YQsDhGyy3nOij9QZYoBpezTelooR4occqffnqCsyFvp1QuqgN...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FY_V26DBoSDaAsAh2KcrtE8EYYj8xgW3pBcuIsLN1A-S9YFl67pPaZjbpnEExuKdsFjEKm_-v_YQsDhGyy3nOij9QZYoBpezTelooR4occqffnqCsyFvp1QuqgNmMI5Dsdiz-R9yyuKoiT7CmYX2cM&google_hm=bwpH1LtKRB-S5Z4nxqStD8U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Protocol
H2
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:08 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FY_V26DBoSDaAsAh2KcrtE8EYYj8xgW3pBcuIsLN1A-S9YFl67pPaZjbpnEExuKdsFjEKm_-v_YQsDhGyy3nOij9QZYoBpezTelooR4occqffnqCsyFvp1QuqgNmMI5Dsdiz-R9yyuKoiT7CmYX2cM&google_hm=bwpH1LtKRB-S5Z4nxqStD8U
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E42B
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEBNgTp8WiAto2-92WpnSj-c&google_cver=1&google_push=ASkJ3FZ6L7hmaMw9wJavbFRHVQCOUN64wC3khLtX8v7T96z__ygCuqKJLlMvOE8FQYymgT4MVZKaJM90xy...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FZ6L7hmaMw9wJavbFRHVQCOUN64wC3khLtX8v7T96z__ygCuqKJLlMvOE8FQYymgT4MVZKaJM90xyN-rUJ-85hIteI_CmESV_C4tSaZJRqaxCTU205BayS86DU15O...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FZ6L7hmaMw9wJavbFRHVQCOUN64wC3khLtX8v7T96z__ygCuqKJLlMvOE8FQYymgT4MVZKaJM90xyN-rUJ-85hIteI_CmESV_C4tSaZJRqaxCTU205BayS86DU15ODXGdZjNmrGZZEz_gHW3xjoPK0&google_hm=M2VXQUZSRWNvTktCT2tiUWh0U25kYWw3d0k0&from_google=pc1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Protocol
H2
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:09 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FZ6L7hmaMw9wJavbFRHVQCOUN64wC3khLtX8v7T96z__ygCuqKJLlMvOE8FQYymgT4MVZKaJM90xyN-rUJ-85hIteI_CmESV_C4tSaZJRqaxCTU205BayS86DU15ODXGdZjNmrGZZEz_gHW3xjoPK0&google_hm=M2VXQUZSRWNvTktCT2tiUWh0U25kYWw3d0k0&from_google=pc1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame E42B
Redirect Chain
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEKIVvYAj6F-UzJZDmfdTa4g&google_cver=1&google_push=ASkJ3Fb6_crkuz4luByG7WtVQ9NJx13u5TF7fXJViD7qif5-uUEUR_TcP2fleT5T4Dxt8gZvyKMlCq_MuJGUYgI...
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3Fb6_crkuz4luByG7WtVQ9NJx13u5TF7fXJViD7qif5-uUEUR_TcP2fleT5T4Dxt8gZvyKMlCq_MuJGUYgIdGKJnERdJKRWtTQgTJWMJb5200uqpZlu...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3Fb6_crkuz4luByG7WtVQ9NJx13u5TF7fXJViD7qif5-uUEUR_TcP2fleT5T4Dxt8gZvyKMlCq_MuJGUYgIdGKJnERdJKRWtTQgTJWMJb5200uqpZluAK4WjJvot2a-MX_CvTa_dVEBeIYcd4_cVi68&google_hm=MDZmODZlZDktNmRlNS0zOTI1LWJlNzYtYmM1OTZmOThjZjE1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Protocol
H2
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3Fb6_crkuz4luByG7WtVQ9NJx13u5TF7fXJViD7qif5-uUEUR_TcP2fleT5T4Dxt8gZvyKMlCq_MuJGUYgIdGKJnERdJKRWtTQgTJWMJb5200uqpZluAK4WjJvot2a-MX_CvTa_dVEBeIYcd4_cVi68&google_hm=MDZmODZlZDktNmRlNS0zOTI1LWJlNzYtYmM1OTZmOThjZjE1
date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
content-length
0
pixel
cm.g.doubleclick.net/ Frame E42B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENqLHSZDyZFf3H3Nx1_7Y9A&google_cver=1&google_push=ASkJ3FbrYLWTIa-w3...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njc0ODc3NzMwNjAyNDg4ODI5NQ%3D%3D&google_gid=CAESENqLHSZDyZFf3H3Nx1_7Y9A&google_cver=1&google_push=ASkJ3FbrYLWTIa-w3YDyuhEP77_6_1azv2...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njc0ODc3NzMwNjAyNDg4ODI5NQ%3D%3D&google_gid=CAESENqLHSZDyZFf3H3Nx1_7Y9A&google_cver=1&google_push=ASkJ3FbrYLWTIa-w3YDyuhEP77_6_1azv25496QG7UyM3b9pdnllH74zpNQ1kN3HUe5KUxPo206KuXSWxrKVi7Xkgbs-vXoCb5LTp1m-ewUsXaa7lh3fd1PipFU4D9VS9frxvtA9JXi1LlPqjB2EnS5AGRR4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Protocol
H2
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:09 GMT
AN-X-Request-Uuid
c657c468-5cc5-40cc-95d5-d673ab93426b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njc0ODc3NzMwNjAyNDg4ODI5NQ%3D%3D&google_gid=CAESENqLHSZDyZFf3H3Nx1_7Y9A&google_cver=1&google_push=ASkJ3FbrYLWTIa-w3YDyuhEP77_6_1azv25496QG7UyM3b9pdnllH74zpNQ1kN3HUe5KUxPo206KuXSWxrKVi7Xkgbs-vXoCb5LTp1m-ewUsXaa7lh3fd1PipFU4D9VS9frxvtA9JXi1LlPqjB2EnS5AGRR4
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E42B
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEP8SyI5g9...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEP8...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=652bab48-9cce-4cc9-a1c8-5d71394c1333&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=652bab48-9cce-4cc9-a1c8-5d71394c1333&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=652bab48-9cce-4cc9-a1c8-5d71394c1333&%%GOOGLE_PUSH_PAIR%%
Date
Wed, 16 Nov 2022 08:08:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame E42B 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JxKfKNt7owa1GhZRh-8aS7Tm065_NREHbmsG_8dy7P6b5EyH4wQWfx-WxIDinu9lSkhNW9Q5IG
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 2DC4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJxMdEQH7gXr_hpcix-zhMY&google_cver=1&google_push=ASkJ3FbKJN1sWAAjKJrzzy0rrCP2QwBHURHTxYlxco-KpFE30JjjqA-F07cCF9u186ul5LeFtY06_yEtqo_7-nX5...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbKJN1sWAAjKJrzzy0rrCP2QwBHURHTxYlxco-KpFE30JjjqA-F07cCF9u186ul5LeFtY06_yEtqo_7-nX5-GyiETF1PzlGMHMpOdPfTSEjsyF5w6...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbKJN1sWAAjKJrzzy0rrCP2QwBHURHTxYlxco-KpFE30JjjqA-F07cCF9u186ul5LeFtY06_yEtqo_7-nX5-GyiETF1PzlGMHMpOdPfTSEjsyF5w6Y9AOcTwTPd5qVxldG7sm83x8c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086898&bpp=13&bdt=1268&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=1&ga_vid=1073885939.1668586088&ga_sid=1668586088&ga_hid=1140736577&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C44774649%2C42531705%2C44774653&oid=2&pvsid=3790493250117055&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17ayy7jn3lqg&fsb=1&dtd=786
Protocol
H2
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 16 Nov 2022 08:08:09 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x20 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbKJN1sWAAjKJrzzy0rrCP2QwBHURHTxYlxco-KpFE30JjjqA-F07cCF9u186ul5LeFtY06_yEtqo_7-nX5-GyiETF1PzlGMHMpOdPfTSEjsyF5w6Y9AOcTwTPd5qVxldG7sm83x8c
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Nov 2022 08:08:08 GMT
asr
aid.send.microad.jp/g/ Frame 2DC4 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEAYAqKsb4LL4qAyXb4dVe6o&google_cver=1&google_push=ASkJ3FY7ZuTX-Kx25nP1B86gBgPiRMkJZCWMr-y5UfqDS5KC832pyP4Q-BljyZ8ZQctrPiHYTmvqkWaSH6TZtWxT0_YXJPZHJ8PBL3Hj0bGPEbvrmLwQgnePTsTcwpireGMOIt6yhssO5TA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086898&bpp=13&bdt=1268&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=1&ga_vid=1073885939.1668586088&ga_sid=1668586088&ga_hid=1140736577&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C44774649%2C42531705%2C44774653&oid=2&pvsid=3790493250117055&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17ayy7jn3lqg&fsb=1&dtd=786
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 08:08:09 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame 2DC4
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEOD_zEz-n0c2CJElJtUxec8&c_param1=ASkJ3FY60IyCowEqF4uBWt0Jd-KrACTGPawBzim3iihf0pGekdGBPsrkdl4x6wYzT9zEtmJtZP9ZUsOj8WItzPfTF3zQIxZtzBFJ2UKzupdRX1pCkNt...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FY60IyCowEqF4uBWt0Jd-KrACTGPawBzim3iihf0pGekdGBPsrkdl4x6wYzT9zEtmJtZP9ZUsOj8WItzPfTF3zQIxZtzBFJ2UKzupdRX1pCkNtf7xQs2SKzxY19uINJi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FY60IyCowEqF4uBWt0Jd-KrACTGPawBzim3iihf0pGekdGBPsrkdl4x6wYzT9zEtmJtZP9ZUsOj8WItzPfTF3zQIxZtzBFJ2UKzupdRX1pCkNtf7xQs2SKzxY19uINJi_9avXYsoEY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086898&bpp=13&bdt=1268&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=1&ga_vid=1073885939.1668586088&ga_sid=1668586088&ga_hid=1140736577&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C44774649%2C42531705%2C44774653&oid=2&pvsid=3790493250117055&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17ayy7jn3lqg&fsb=1&dtd=786
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FY60IyCowEqF4uBWt0Jd-KrACTGPawBzim3iihf0pGekdGBPsrkdl4x6wYzT9zEtmJtZP9ZUsOj8WItzPfTF3zQIxZtzBFJ2UKzupdRX1pCkNtf7xQs2SKzxY19uINJi_9avXYsoEY
date
Wed, 16 Nov 2022 08:08:09 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2DC4
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEP_m4EEY1k_TosGGhl_09ak&google_cver=1&google_push=ASkJ3FYHgSRmSUfo8AzavyA976sLs7xEI21t-7HgEdWVKnInN8adCyCLyRwzc-bLjl36PBfwxcGh8...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYHgSRmSUfo8AzavyA976sLs7xEI21t-7HgEdWVKnInN8adCyCLyRwzc-bLjl36PBfwxcGh8Xel6o6PuSDIwBme5_C4dLp51Vpk2LMhVIvIDDY0j0RWQW...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYHgSRmSUfo8AzavyA976sLs7xEI21t-7HgEdWVKnInN8adCyCLyRwzc-bLjl36PBfwxcGh8Xel6o6PuSDIwBme5_C4dLp51Vpk2LMhVIvIDDY0j0RWQW8NnmXLJ7OchmijLlFs39o&google_hm=WTNTYWFjQ281c0lBQUVwM0h6c0FBQUFB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086898&bpp=13&bdt=1268&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=1&ga_vid=1073885939.1668586088&ga_sid=1668586088&ga_hid=1140736577&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C44774649%2C42531705%2C44774653&oid=2&pvsid=3790493250117055&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17ayy7jn3lqg&fsb=1&dtd=786
Protocol
H2
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
52
Date
Wed, 16 Nov 2022 08:08:09 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEP_m4EEY1k_TosGGhl_09ak&google_cver=1&google_push=ASkJ3FYHgSRmSUfo8AzavyA976sLs7xEI21t-7HgEdWVKnInN8adCyCLyRwzc-bLjl36PBfwxcGh8Xel6o6PuSDIwBme5_C4dLp51Vpk2LMhVIvIDDY0j0RWQW8NnmXLJ7OchmijLlFs39o","cluster_id":52,"gdpr":false,"ipv4":"116.90.74.197","key":"Y3SaacCo5sIAAEp3HzsAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad180"}
X-SO-Key
Y3SaacCo5sIAAEp3HzsAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad180
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ASkJ3FYHgSRmSUfo8AzavyA976sLs7xEI21t-7HgEdWVKnInN8adCyCLyRwzc-bLjl36PBfwxcGh8Xel6o6PuSDIwBme5_C4dLp51Vpk2LMhVIvIDDY0j0RWQW8NnmXLJ7OchmijLlFs39o&google_hm=WTNTYWFjQ281c0lBQUVwM0h6c0FBQUFB
Cache-Control
private
X-SO-HostName
m-ad180.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
4
Content-Length
0
X-SO-LB-Hostname
a-tgng40004.dc2p.scaleout.jp
X-SO-IP
116.90.74.197
pixel
cm.g.doubleclick.net/ Frame 2DC4
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESED4sbjB6UK8Ys6cBMDADXh4&google_cver=1&google_push=ASkJ3FYTZGD3ntyYGvqbcsuRRSiXj4YJvTQMIiaqSVORakH3QrC-W-6IlCl7Z4Vw_uvGHlEAjTsxiPg-...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESED4sbjB6UK8Ys6cBMDADXh4%26google_cver%3D1%26google_push%3DASkJ3FYTZGD3ntyYGvqbcs...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A5900175048819371639&exchange=193&google_gid=CAESED4sbjB6UK8Ys6cBMDADXh4&google_cver=1&google_push=ASkJ3FYTZGD3ntyYGvqbcsuRRSiXj4YJvTQMIiaqSVORakH3QrC-...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU5MDAxNzUwNDg4MTkzNzE2Mzk&google_push=ASkJ3FYTZGD3ntyYGvqbcsuRRSiXj4YJvTQMIiaqSVORakH3QrC-W-6IlCl7Z4Vw_uvGHlEAjTsxiPg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU5MDAxNzUwNDg4MTkzNzE2Mzk&google_push=ASkJ3FYTZGD3ntyYGvqbcsuRRSiXj4YJvTQMIiaqSVORakH3QrC-W-6IlCl7Z4Vw_uvGHlEAjTsxiPg-ojrxWxh9qrR2qtEO3B2iJTV2Jw28H7L5QDzZdZ1DTwkJId0SOT_J2244YU-8O4Pm
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU5MDAxNzUwNDg4MTkzNzE2Mzk&google_push=ASkJ3FYTZGD3ntyYGvqbcsuRRSiXj4YJvTQMIiaqSVORakH3QrC-W-6IlCl7Z4Vw_uvGHlEAjTsxiPg-ojrxWxh9qrR2qtEO3B2iJTV2Jw28H7L5QDzZdZ1DTwkJId0SOT_J2244YU-8O4Pm
Date
Wed, 16 Nov 2022 08:08:10 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 2DC4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKMC5CjvXKjHEA9YLKvJMjo&google_cver=1&google_push=ASkJ3FbC44IvR0yg0adDdoWH5MeDkXjnUmV6mbngFCV-G9b_epFq7MCWLnzBwKNMVVxOJFYDNx...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKMC5CjvXKjHEA9YLKvJMjo&google_cver=1&google_push=ASkJ3FbC44IvR0yg0adDdoWH5MeDkXjnUmV6mbngFCV-G9b_epFq7MCWLnzBwKNMVVxOJFYDNx...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IYmpHOUlWRTJ1RkVLbFpfWl9lMVRqbzBzQkVyQzRtT35B&google_push=ASkJ3FbC44IvR0yg0adDdoWH5MeDkXjnUmV6mbngFCV-G9b_epFq7MCWL...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IYmpHOUlWRTJ1RkVLbFpfWl9lMVRqbzBzQkVyQzRtT35B&google_push=ASkJ3FbC44IvR0yg0adDdoWH5MeDkXjnUmV6mbngFCV-G9b_epFq7MCWLnzBwKNMVVxOJFYDNxBZ2WwQQLMV8KWbKPdkLoZ_GRM2yjoLxpCqxeSmR1skgf4bjXPO8eWSliTFWXPHataLxHOi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086898&bpp=13&bdt=1268&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=1&ga_vid=1073885939.1668586088&ga_sid=1668586088&ga_hid=1140736577&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C44774649%2C42531705%2C44774653&oid=2&pvsid=3790493250117055&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17ayy7jn3lqg&fsb=1&dtd=786
Protocol
H2
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IYmpHOUlWRTJ1RkVLbFpfWl9lMVRqbzBzQkVyQzRtT35B&google_push=ASkJ3FbC44IvR0yg0adDdoWH5MeDkXjnUmV6mbngFCV-G9b_epFq7MCWLnzBwKNMVVxOJFYDNxBZ2WwQQLMV8KWbKPdkLoZ_GRM2yjoLxpCqxeSmR1skgf4bjXPO8eWSliTFWXPHataLxHOi
date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 2DC4
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENS8MOzG9GTEJtHv4npEbaA&google_cver=1&google_push=ASkJ3Fb_e6cLlAgB9XtWh08ntuggeFOJZsKevMNF8ohZ4bFE5M9ViMgGQluU5hqp...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESENS8MOzG9GTEJtHv4npEbaA&google_cver=1&google_push=ASkJ3Fb_e6cLlAgB9XtWh08ntuggeFOJZsKevMNF8ohZ4bFE5M9ViMgGQluU5hqp...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=ASkJ3Fb_e6cLlAgB9XtWh08ntuggeFOJZsKevMNF8ohZ4bFE5M9ViMgGQluU5hqpCtseH8eYnT_fyHT3EL2f5LJ7G_K_kknzKll0brKMQzcqNdcKKDhm2_kT6ghbHf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=ASkJ3Fb_e6cLlAgB9XtWh08ntuggeFOJZsKevMNF8ohZ4bFE5M9ViMgGQluU5hqpCtseH8eYnT_fyHT3EL2f5LJ7G_K_kknzKll0brKMQzcqNdcKKDhm2_kT6ghbHftwytRV-4FZ80kw7LpJ&google_hm=M3NNakxYeXNzNmk=&suid-set=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:10 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=ASkJ3Fb_e6cLlAgB9XtWh08ntuggeFOJZsKevMNF8ohZ4bFE5M9ViMgGQluU5hqpCtseH8eYnT_fyHT3EL2f5LJ7G_K_kknzKll0brKMQzcqNdcKKDhm2_kT6ghbHftwytRV-4FZ80kw7LpJ&google_hm=M3NNakxYeXNzNmk=&suid-set=1
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 2DC4 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kwa8vrmJ-LyUXt7-lr6zK2i4cBS5XeilnBhok5KHFWr5he0BX-5zsGfTl2Ghr_yHQgfX3zJAOs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086898&bpp=13&bdt=1268&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=1&ga_vid=1073885939.1668586088&ga_sid=1668586088&ga_hid=1140736577&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C44774649%2C42531705%2C44774653&oid=2&pvsid=3790493250117055&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.17ayy7jn3lqg&fsb=1&dtd=786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 17 Nov 2022 08:08:09 GMT
truncated
/ Frame CDE8 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8197cd7d02ab903d1eed22c6c828632425232993698b71d785d2bb0136c9a3c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 204B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
294710229b135e49d64c6367e5f6e2f9a9b3987f9333cc89310e6574d5cd65ba

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 2ED3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CeKbsZ5p0Y4H0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoErgJP0HeA1i-9H03YZF83negqWVk5cOZMiYkudDb9xv1TV1X470RvDuRbFZb0vJKsIau0GqTX1CMo9gQO7l2p29YSGmEqOwVxcgbVB6ByeHzOvPgFU2Sz__7NQSTergn8II7OtnYT4aM3lRGD4E7KIQCOo0QT1IPbVSb27FDPFcUKdqZWKxldNcbz-pn4NEjqfV00oUZY8aA-sJfYadIR7L4zKC9-rjTagddcK4x014oONE62b3TeAYx_adMxty0LepJxJOlmUrVaI5hJEVPplDaTZM-NMD2wi6RxrfNpeZc35hZyHCtd6Jwk3yIHtzA4jVsSCg07syBNZMq7Own_iXNkVxtk8Ulc4iR7j-N8MszEWPtvCLitvtXyXV6bZlB3OBxG9g8aNkqcV2RfFRonBeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=sF7-G2wdjbA&uach_m=[UACH]&cid=CAQSOwDq26N9e7kwnrDjKao8ReaTr7qS-UbSxWSzp_sF-8DIHUkqmbbM_BEgaNp8cYnCPXMcvpr4X24f69p_GAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 2ED3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMz_FPz1BqwC-gFi-C0SAgAAAPjjWbRbbk3DEGeadGOHgdVWJCsxX7Jd2gASAAA&wp=Y3SaZwAO-gEAtwC6AAsSxfubE1LfGQ7f6y4rpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
189545
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 8E7E 		48 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gEAtwC6AAsSxfubE1LfGQ7f6y4rpg&u=%7CblmW%2B78xYvNkhjutpKRiURwKzKJC7DItMzuXhjAm6pQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ2hC4uILZowBu82gW3RQjlaCA8zLvbqJSJI_JvLXwEi_Pv9EjEa0_9fV8l4HQQ4doblKx8F-gi16YXtAnpL6EARASuKUoPu3W5BmUbg-UthZyfjpVKB99pYNG72EcQ2q1EKpYWBoyPdk3j2k5DxwwMf9NdyyfwgvqoB_R7vCsuXQFZb_ckER_v7ASc4JpBMvYwg_LJBpyHOigNi2SrBheXsN_2_mgBlbB6wBBxocBqPXpLXJj4pRiEiLkYUEUlZd5wJLZg66nt5gfw5nHDDAo9VvZEHILtr2eF6iBx3Yn-T_LSfes6pMNiFFk0ekpXcDyp9hBtz_eVHLiLloOqfgGQ91XpiTd9qx_g--YiTgDAJI-JVRHTvGYNT61OdO3DOD7SlbG_BzPtqB8oU67HFVmPI6Um7HUpoQ82iLIkey7uM73z9lBU7a0EhvK3-om1WT0hYcj7v5qEaGCmViVj57vzEtHJ0nYcuRctZx3fndIxmocKY4j30AK4IyfYRaPKzDbahSEJxzOu6f9cNky_lAieTCb6s8DvAgGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8DswZ5p0Y4H0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0HeA1i-9H03YZF83negqWVk5cOZMiYkudDb9xv1TV1X470RvDuRbFZb0vJKsIau0GqTX1CMo9gQO7l2p29YSGmEqOwVxcgbVB6ByeHzOvPgFU2Sz__7NQSTergn8II7OtnYT4aM3lRGD4E7KIQCOo0QT1IPbVSb27FDPFcUKdqZWKxldNcbz-pn4NEjqfV00oUZY8aA-sJfYadIR7L4zKC9-rjTagddcK4x014oONE62b3TeAYx_adMxty0LepJxJOlmUrVaI5hJEVPplDaTZM-NMD2wi6RxrfNpeZc35hZyHCtd6Jwk3yIHtzA4jVsSCg07syBNZMq7Own_iXNkVxtk8Ulc4iQ5jcLu1wJNJgTmeSZG6E8xdEqR8VpZIPTOBVmA__SCe3y4_otZ-r1JEeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2WYjISZ1C26wiStbOesW--5-IUNA%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
725b46f7e731a74485fb7e18032afe30b4abd1b488558f5bff3195c02af351bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:08 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=SjBE9WfWJwwNOkB6FQRlUglBGVSGz2Ly4WMik9GaSVSyUBF2dv1Lcv74uz24uGIJfw3iswwtJ0HpXvTzlaSFok2Xctovnaxwu934zdaaisgHhpXIpwErcakxoPpIp9FhmRLyFix6i59-ZRbIu56whxR2PviFCWlqrYA1WtTknEmbVZPEmi4fo6ol5W9q6j4wvy7EGzxyoN4UIkNDCYUsr5sUcECy_S5UnQmC7122p0JRj1rgVsmGy737edbLL8imzc8-nQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
4010433
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2ED3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
56688
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:23:21 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 33F5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
65570
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 13:55:19 GMT
etag
48472445140208031
expires
Wed, 16 Nov 2022 13:55:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2ED3 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
56688
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:23:21 GMT
l
www.google.com/ads/measurement/ Frame 2ED3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSd_bewtbjqoG37RJLRSF2SqnOfTmI9BbW9X2TkbMGPSe8YAv7_ElndazXIGFNJqfOQYa4th7mQwJqKKiMRuYsaAvL07A
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2ED3 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:35:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
27184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Nov 2023 00:35:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2ED3 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 08:08:09 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F345 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFRsxZ5p0Y4P0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoErgJP0EESNkteSCRvuU18a-qFkAvEoeMAJ2LjBZE2uenJ-YckC4rX91kjLDrP1cYqoQljhZAeMlGaXoKV1BJVOmLv4xZyabv9ERZGrV3sVJkvWxYidtuT8c2Iwk1W9EX0iIj0wn8svMoW8TomkVaTv_3oIv9K40zyYo0loJ3A3AHPjNz0yNs1f91ixvpPYVWplARzog8slXtIj8Ih0lhNx3G8PkrEdPboCVJnF80y9SQNzQZ1U-yKm9SL-WhACp_wocGhRmfxSTGjbCSFbhrPvbLCWa095jSQVXXx2QBQnN6L95G7Ls77-uMdO_tY5GWjKTg0ikqeZituz4HNgsOXPyiuMSuFGWHsP6tPlawawykr6Gtud9OmuTs56EBc2MbHFql5oN1bR7y4twHH6aILz-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=9x0guYyRAzE&uach_m=[UACH]&cid=CAQSOwDq26N9e7kwnrDjKao8ReaTr7qS-UbSxWSzp_sF-8DIHUkqmbbM_BEgaNp8cYnCPXMcvpr4X24f69p_GAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame F345 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMz_FPn1BnjYBGL4LRICAAAA-ONZtFtuTcMQZ5p0YwuxY3Ed9HdwiDYSABIAAA&wp=Y3SaZwAO-gMAtwC6AAsSxaYFdrm8_yLTpTZ4sA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
258345
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame DA9D 		50 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gMAtwC6AAsSxaYFdrm8_yLTpTZ4sA&u=%7CblmW%2B78xYvNAZpfMoUi1BFqHroYVOEuwtsurV78kMoI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zHjxxn8QOSnCLs94eSnhCcxkqZtjNT8J_YrFxmMU_QqiIRqflQukMcO9O313gJ0njLAq173viBnuE4Mj4T0dE_k4mjCCWYvwxZjcklq86-BRkIuwrN11ZfSdKQn7RaXCMITkPk4UNZNRWTjq1R78I7Da2j2rQLgYSfpjez6aZWZvPuzqlgm6xZsxVI4qEBQPS3FJcGtNu4P8iwSvD2A_7Or644swb-us3Yg6MpA7DnYbD-5zqyx_S74zLnk3l13pF3QKgIEZnxDq19QTP4jLlE5dzvn-lmgivTQH0PtwfrAAdB4CHp1sJIvqlm0Z2-X6NAkFqbiIzy170ptkG-61husG7e7dS7H70eo4ilg1JigJ3jf_QmZ6NiYKvj6Et6tC5Towyn3R9HPV2eG46Q2ZPa4LYC9Rilovrs8dwuML5lu34SndOYn8Gckian0JBrsc5QG9iJzodDofOEVcwxZmmvSHfFHsDx8NwKP52LZnwHZcM7lNP9E7sA8weBCn-ifRQjPsaWs725xzxnf6qV4w4NbRiyEGIdtWufVUFlMbVwQKkhpaknQwCE0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt6dZ5p0Y4P0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0EESNkteSCRvuU18a-qFkAvEoeMAJ2LjBZE2uenJ-YckC4rX91kjLDrP1cYqoQljhZAeMlGaXoKV1BJVOmLv4xZyabv9ERZGrV3sVJkvWxYidtuT8c2Iwk1W9EX0iIj0wn8svMoW8TomkVaTv_3oIv9K40zyYo0loJ3A3AHPjNz0yNs1f91ixvpPYVWplARzog8slXtIj8Ih0lhNx3G8PkrEdPboCVJnF80y9SQNzQZ1U-yKm9SL-WhACp_wocGhRmfxSTGjbCSFbhrPvbLCWa095jSQVXXx2QBQnN6L95G7Ls77-uMdO_tY5GWjKTg0ikqeZituz4HNgsOXPyiuMSuFGWHsP6sNl42IJueilpTnBk1N76H6wVRWT8zpDkHxU4vBjgKmmxkgAjN1MCXnFeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3RUFt0DMfVnw_MjWinYwqxf_CptQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
98e0152a25b85e801108d94fdf52c914cd62d09629e3dfc1a1f19c8cf60ac109
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:08 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=Z3mAUWfWJwwNOkB6qKkvfqopOHvTVcRvFQ4Tl2uoWXPu4IC8g8BnJqea2mnuyZ-36obVA80zscUrnkwt2C8dKFbcDOpTu-NilldDGr2rsZDZfTOL4e3uGFhUYfo2TVpkLiQalaFhrV0c6S2yV_ODcKzYpGmxPsvZVPbCiL4Gja7I4MpSfZCUcfDMwSgKa0jTDFjBNrOVNnKcE0cEYCNlinKklyLR4WZPF8tye4e_V8UfYAa0JUnvLitMIr_qhvSG7b_kTxJdJK7skR4L"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3668665
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F345 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
56688
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:23:21 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A556 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
65570
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 13:55:19 GMT
etag
48472445140208031
expires
Wed, 16 Nov 2022 13:55:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F345 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
56688
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 16:23:21 GMT
l
www.google.com/ads/measurement/ Frame F345 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaStpnpMOVhH_u8zBxJUs19gNkkp-8hMJWS_pLsvFg8tHyvJWOkK7FHI_qjsDTvp5atMc09vp6t-xQu6mCz5vjEsyHgt1A
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F345 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:35:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
27184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Nov 2023 00:35:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F345 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 08:08:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 769E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111001&jk=1321784938764589&bg=!WVqlWh7NAAbvMpMzzzI7ACkAdvg8Wpca35LIOk87VgpN2mKHYRC36U_SLLm0nazd-FCsftphLa0ytgIAAACGUgAAAARoAQeZAsQWDDAtMVAbgAFP-ixJWrimdAHAfGCHjueg4vljHLFJfcJGAtPBmleE_eh-LnDKGNgf8HI80Tou3Dy3Wy8MT_w3BcHVvvGHzuIX2v_oNVC-UvS7LxPAnlKE5r9KuY2W1IBY3joi8R81qQsgaGfxN3KmXSkOKW6NzPnthYCvph8HtoLLni8HnwJrlqieK2miCxtEMUDBuVVqMBxyr7XY9xsbw1nwnsaQaC3SB113dNeNx6_NH7QsGve52k2KZQbY5Zyhcxb1i56wYYNrPVxbp7HrEAP2_XyQO-Gi87AgnPHpvcfbUAks_6GDixIOwGnnSc43yaGEKZooqlkoiLXNll0HXLxlz9gxydzIAHu-i7_LoI48h07vgBNDgtz1PFqW5PDvH319lM1ZItutmXCGz9lf-AF40MmsjgMwI1HqzEagCjy4R1PGPc1WaO-ObRsLVY0NrKZ2fIpzrzaLvVeNPFBvReGqIFkJMcjL_IXNqC9SoyIBEvJlrtY1qkMClrB-4ZInsKiLQsZLr0OmKnGWDQ0ee_I3vlil70AiVoPfp-bW-coZV_srWe9GEFeYK_mKhoRDiOLOXWYQFM8uyYIb4UCTilSEPuBF5ZqpqCLUYqh4-_yoHevMmeXDZEQTf5IHliWmoPrpmWErHzi7urQdIPEgPsz5E3wuXjcdUYJ4grO0_UNRCIbc91MHdn1xCo6gfnHr-zz3yVQ2adSxCoOD6gL-qcbunn9nYM7fbe1rx-MLIw-ZwbrcYDwb1yJAfuSqbHXCxvIlIZdVMeoY-Bne5IbFkaoAHWPggFt_9iYu_jvomTQL6XTWxgJ_kO9kEWghaBftiyJ6Lmon6JVxyGB7d9kbx3_LKxYtdUz9fMAv21S_SzzwrZIWEYzrWz3JVLp3dxKQ0IXRPZRoEP3W_bjXlEs68P7oXpOY-JuBLcyicVTqkHYf3Uc
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame E506 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111001&jk=427432321430001&bg=!7-yl7KjNAAbvMpMzzzI7ACkAdvg8Wioic7Rkbh2xMRdk3XqT8xtsdeSetLENxpigjY3iMQnZb5aaPgIAAAB8UgAAAAJoAQcKAJPRqwPWJx_3ADkhQnOHtI0ZjQw0DmObZoi50jKrZlH5ZgQlZ7-L4gL38M5-MxbMEPQ8K7NxMBi0CNPgf4RbV0VGiPGuOvmdGA93HR7PDJ0iquxhU6l6y8J1kmmP2g3cF4mb2QaXEgCKkMY4TNe4o-AsErjCpbYTimEUHPPteGT8b1bw5VwfTPbHiH6fhKP1R9HtDJKZArpikwhsgpOVPgrhBGuXe6FhOjLNTraQi8NpG6xqTNMkwaymVhxBKpXe4qpyOneH1Ia8LvnJ5dsCwWtwOvEXj0hYRtxFKs7-1b2ibnZnM6qFxAGXztoYMdO5I-qEB-IzU6f7va0d3ryWOM_5Dw-2xPZPJlJm15IssreHNeAJ7ER-kd7q496kzauI8OFBA8fjuZrla_XfCj1ihCZyMC-c0qoIn0HwV6qoNPmOEfC2xKrWHpL2bFiQts2UoUiPhQg9vgOgNCHZeawRtPrgsVRCYKvAxwl1_q3u6AvxEFpPnCQKlwTIzNvh_W5kSxzYYoC3ZUSP6yPRqzXy4fvG7ZPbTFQ52Wplb0Vcy5GDEmDgsyZ7he_MnerURGFh_6sZ9qUxY2Euj3UKMV16cK86wc-Myhnykw-gFsnj7ST4aQBz2Y8Xc6YbJAVMbauUowFSlKtjiCDFUhEhxYTfMWb1PkhM3jah3AB-a6eDTxPH6cwNuWcXASNiqaJyt3jVsMw5nSjPoEdZitL6HazuWaHEVqtqbEtE4QBHRf3W4y2Wnwy4BF-VnkPAaOLci8lixIbW8pSafq9LAsWkBuTVeqaP6n587celMtSxhpF7cB6sp_3BkWF4vjZkZiAmO0ecXH5rVkoiBojR8IW0YHahjmUE059YYOmUWeucGojOJJrERRZ0lDS93715u0gPGbPBQw9TgNeNafB6XQZ1yUEcuCi3n7samXmuVPa9mmoM_NkuAQJ2YZmqwjPqB-GSQKFTNsRtgoRrsMs3LK8TxUar1klC-YDJagI92pPbiwJz_V_E9qK1dPPkx8W6G-AQvNgOTSB1_7ya4TgrYMVy9KGrYwDFH7Qf00e8RyScrdd-nk7pvuDn50RklKWc7Tgn2OnMB30pvVlwawJ6WPjcdFiyWYcEcLktSitHXnWkQnYBvIbhMw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 33F5
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEOO-_qyifxbXd6clGJhhbHw&google_cver=1&google_push=ASkJ3FZtSH4o9GTjYTvVe0E9kFTr1NAoIbe8xXFu8RF7u8q7YTgvyqJM9DN59IfMHOv-WcxwSEmkRtN...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FZtSH4o9GTjYTvVe0E9kFTr1NAoIbe8xXFu8RF7u8q7YTgvyqJM9DN59IfMHOv-WcxwSEmkRtNJobmyx8eMJ18wodN8BH-sWyMqPPsgVyZxbK8ggyfSUBCwG_XW...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FZtSH4o9GTjYTvVe0E9kFTr1NAoIbe8xXFu8RF7u8q7YTgvyqJM9DN59IfMHOv-WcxwSEmkRtNJobmyx8eMJ18wodN8BH-sWyMqPPsgVyZxbK8ggyfSUBCwG_XWBpWOvzqU0psPbYxQrEZ1Rzqn6QQ&google_hm=Nz90972ZQgWJ_SPTGpFWM8U
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:08 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3FZtSH4o9GTjYTvVe0E9kFTr1NAoIbe8xXFu8RF7u8q7YTgvyqJM9DN59IfMHOv-WcxwSEmkRtNJobmyx8eMJ18wodN8BH-sWyMqPPsgVyZxbK8ggyfSUBCwG_XWBpWOvzqU0psPbYxQrEZ1Rzqn6QQ&google_hm=Nz90972ZQgWJ_SPTGpFWM8U
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 33F5
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YoPy0MmCTh-EM7-KbOkwJA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YoPy0MmCTh-EM7-KbOkwJA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaSOOItnFP-gS59WPGtXltJ-WmUh_LmB8H94GqRsJfXkFmaX_FO2zmemp0i7tsdnX1tkFew86zbhr1RqhRXA9pkdYyxI-3t_9olesiOAt1aM3GRL8hXW9B3FuY3fndAvAb9uK1g9NUMU-3rJBD8Zw
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YoPy0MmCTh-EM7-KbOkwJA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaSOOItnFP-gS59WPGtXltJ-WmUh_LmB8H94GqRsJfXkFmaX_FO2zmemp0i7tsdnX1tkFew86zbhr1RqhRXA9pkdYyxI-3t_9olesiOAt1aM3GRL8hXW9B3FuY3fndAvAb9uK1g9NUMU-3rJBD8Zw
date
Wed, 16 Nov 2022 08:08:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 33F5
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEFJU4zzo2Eir7bWEVcIU3Jk&google_cver=1&google_push=ASkJ3FYGGJNs-DA0dtc4smqgfBwdXjCFVS8ppra-J3AX_vC5S7u7QLxhtZ0ysIf2Q-dsKxqAKDPSx0JzDywVRVqzaD...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE3MDc0NDI3NTc2NjAyNDU5NzA&google_push=ASkJ3FYGGJNs-DA0dtc4smqgfBwdXjCFVS8ppra-J3AX_vC5S7u7QLxhtZ0ysIf2Q-dsKxqAKDPSx0JzDywVRVqzaD1x...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE3MDc0NDI3NTc2NjAyNDU5NzA&google_push=ASkJ3FYGGJNs-DA0dtc4smqgfBwdXjCFVS8ppra-J3AX_vC5S7u7QLxhtZ0ysIf2Q-dsKxqAKDPSx0JzDywVRVqzaD1xqFfwUQ65bXeFJSnjVwm1YK1xOfXRpAo-64JG7_e4DfQdGdV6XJA97AG6gBn_4hc
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE3MDc0NDI3NTc2NjAyNDU5NzA&google_push=ASkJ3FYGGJNs-DA0dtc4smqgfBwdXjCFVS8ppra-J3AX_vC5S7u7QLxhtZ0ysIf2Q-dsKxqAKDPSx0JzDywVRVqzaD1xqFfwUQ65bXeFJSnjVwm1YK1xOfXRpAo-64JG7_e4DfQdGdV6XJA97AG6gBn_4hc
Date
Wed, 16 Nov 2022 08:08:10 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 33F5
Redirect Chain
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESENh2dbQ8Qhg0dpK-t1Wgy4Y&google_cver=1&google_push=ASkJ3FZ4PGlYmQb9GEMNcyMStnrlekv76ZJfuke_AO0lnRX-SDzAD0iZWFE67uGT2gLHa8Z2S5bwDU2IK0PoD8tu49c5...
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ASkJ3FZ4PGlYmQb9GEMNcyMStnrlekv76ZJfuke_AO0lnRX-SDzAD0iZWFE67uGT2gLHa8Z2S5bwDU2IK0PoD8tu49c5uKMJq5ZHYIujBUMKAeXty1kV96sSTr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ASkJ3FZ4PGlYmQb9GEMNcyMStnrlekv76ZJfuke_AO0lnRX-SDzAD0iZWFE67uGT2gLHa8Z2S5bwDU2IK0PoD8tu49c5uKMJq5ZHYIujBUMKAeXty1kV96sSTrAvUV373MbcM0LUP8c0j1ZfF9W3aoMzv0g
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ASkJ3FZ4PGlYmQb9GEMNcyMStnrlekv76ZJfuke_AO0lnRX-SDzAD0iZWFE67uGT2gLHa8Z2S5bwDU2IK0PoD8tu49c5uKMJq5ZHYIujBUMKAeXty1kV96sSTrAvUV373MbcM0LUP8c0j1ZfF9W3aoMzv0g
date
Wed, 16 Nov 2022 08:08:10 GMT
server
nginx
pixel
cm.g.doubleclick.net/ Frame 33F5
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESENa5MHn_lyreSgcXOsRSxbg&google_cver=1&google_push=ASkJ3FZ6wHYOjY5mxxejtRLLpbG-6rOCW7XFJA3PXsEwPZo-tFipQaLiU...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ASkJ3FZ6wHYOjY5mxxejtRLLpbG-6rOCW7XFJA3PXsEwPZo-tFipQaLiUO9TU_gS5WtH57VBzVKI_x5CleuK-ipnIJbQRHZQUlDwp0SO2yN4W-bBkBSHd6mqEQ2gpEFRb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ASkJ3FZ6wHYOjY5mxxejtRLLpbG-6rOCW7XFJA3PXsEwPZo-tFipQaLiUO9TU_gS5WtH57VBzVKI_x5CleuK-ipnIJbQRHZQUlDwp0SO2yN4W-bBkBSHd6mqEQ2gpEFRbAxt3Hy7VMUdh3OfW_l7ulHKeNyx&google_hm=QlMuMWYzMy00N2JhLTRmODQtYWQwZg==
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ASkJ3FZ6wHYOjY5mxxejtRLLpbG-6rOCW7XFJA3PXsEwPZo-tFipQaLiUO9TU_gS5WtH57VBzVKI_x5CleuK-ipnIJbQRHZQUlDwp0SO2yN4W-bBkBSHd6mqEQ2gpEFRbAxt3Hy7VMUdh3OfW_l7ulHKeNyx&google_hm=QlMuMWYzMy00N2JhLTRmODQtYWQwZg==
Date
Wed, 16 Nov 2022 08:08:10 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
sspsync
cksync.yahoo.co.jp/ Frame 33F5 		35 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEA-AhF_hY2G07vpK8thQJno&google_cver=1&google_push=ASkJ3FYGGw8sGXg3mtqJ0cgCiVRFnqpUaY_Rl52U0KKLuj6fZIj55R7pjblbFYnu6DMgAXpzqTph5B5kFJpQBoYXsGF-SRr9Q58dt9M6hcCZOMZEyAq3tWDXZ7h4s6OREYvp39LdIeecgLyWdKl0x1j8R-k
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.249.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
ATS /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame 33F5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEMXkQ-V5b5v44cl2bNhiJ8s&google_cver=1&google_push=ASkJ3FYhSHM6nhfgrerR486tMljK3CVgWwmeNaUTZP5pWBD_jGQT9nfkd8E89JivlYmQ_s1tGSQOR...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEMXkQ-V5b5v44cl2bNhiJ8s&google_push=ASkJ3FYhSHM6nhfgrerR486tMljK3CVgWwmeNaUTZP5pWBD_jGQT9nfkd8E89JivlYmQ_s1tGSQOR...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FYhSHM6nhfgrerR486tMljK3CVgWwmeNaUTZP5pWBD_jGQT9nfkd8E89JivlYmQ_s1tGSQORGCNV0We8netbSgOlk8i_pxy8S3UbrFaFVM4CTH_65FncnUHL2W...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FYhSHM6nhfgrerR486tMljK3CVgWwmeNaUTZP5pWBD_jGQT9nfkd8E89JivlYmQ_s1tGSQORGCNV0We8netbSgOlk8i_pxy8S3UbrFaFVM4CTH_65FncnUHL2Wyl7irRD1ltQCzFSWS5bDbk7OsdeYA&google_hm=Mzd1ZldqeklJVGRNWWRHOTEtZ00=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:10 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FYhSHM6nhfgrerR486tMljK3CVgWwmeNaUTZP5pWBD_jGQT9nfkd8E89JivlYmQ_s1tGSQORGCNV0We8netbSgOlk8i_pxy8S3UbrFaFVM4CTH_65FncnUHL2Wyl7irRD1ltQCzFSWS5bDbk7OsdeYA&google_hm=Mzd1ZldqeklJVGRNWWRHOTEtZ00=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
296
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 33F5 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KMb25Ekw49WokBhkz3LzO11mbGBg997i2CGL_WWaS7d3BdI0_w3O_KxUw_AV_V-2qTBDamCSLr
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 2ED3 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9dcdf4f0cf903fd3e6e52fe353a5e069983621048f82ce4b3f45b695651e33e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame A556
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO6pV14UwX--V0Gx9jue6tU&google_cver=1&google_push=ASkJ3FYZKgWF42ewJnndQAFS0zk0JQnRTnn4G_PWp483AdTQ1IwxsLsnH9LxaIHP2z2yglzZot4RqF7M6OLc6eHX...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYZKgWF42ewJnndQAFS0zk0JQnRTnn4G_PWp483AdTQ1IwxsLsnH9LxaIHP2z2yglzZot4RqF7M6OLc6eHXol8K0u4sfm1u
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYZKgWF42ewJnndQAFS0zk0JQnRTnn4G_PWp483AdTQ1IwxsLsnH9LxaIHP2z2yglzZot4RqF7M6OLc6eHXol8K0u4sfm1u
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 16 Nov 2022 08:08:09 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x24 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYZKgWF42ewJnndQAFS0zk0JQnRTnn4G_PWp483AdTQ1IwxsLsnH9LxaIHP2z2yglzZot4RqF7M6OLc6eHXol8K0u4sfm1u
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Nov 2022 08:08:08 GMT
pixel
cm.g.doubleclick.net/ Frame A556
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEDqKeHVpU-ssVsmmm7oHdpQ&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YzAwNmNlY2EtMjc2MS00ZGNkLTljY2UtY2NiOTMwY2UyYjI1&google_gid=CAESEDqKeHVpU-ssVsmmm7oHdpQ&google_cver=1&google_push=ASkJ3FZ4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YzAwNmNlY2EtMjc2MS00ZGNkLTljY2UtY2NiOTMwY2UyYjI1&google_gid=CAESEDqKeHVpU-ssVsmmm7oHdpQ&google_cver=1&google_push=ASkJ3FZ4C2x-bxlbrGinaAqPWkYdTxC1OzMtOzBKSqrU_wKH_97ijnYVWNC6Phn2sJDJWRd9XLTOVFLyjhbvP28pI__O1pGDiQbo
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YzAwNmNlY2EtMjc2MS00ZGNkLTljY2UtY2NiOTMwY2UyYjI1&google_gid=CAESEDqKeHVpU-ssVsmmm7oHdpQ&google_cver=1&google_push=ASkJ3FZ4C2x-bxlbrGinaAqPWkYdTxC1OzMtOzBKSqrU_wKH_97ijnYVWNC6Phn2sJDJWRd9XLTOVFLyjhbvP28pI__O1pGDiQbo
date
Wed, 16 Nov 2022 08:08:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A556
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEBjBHu7F8mWNyXCRS6IJyn8&google_cver=1&google_push=ASkJ3FZ3b5PDWOcsI6DSVRCeMcx7xQEySKyi1OMk6sR9ay6zDseApR2NrawkQOdUzwTUjez4rqdJlEns9USdxqvQES5AgoF2zD5x
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WTRtbnRIWm1DbHlpMXRWUVpacDBZdw%3D%3D&google_push=ASkJ3FZ3b5PDWOcsI6DSVRCeMcx7xQEySKyi1OMk6sR9ay6zDseApR2NrawkQOdUzwTUjez4rqdJlEns9USdx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WTRtbnRIWm1DbHlpMXRWUVpacDBZdw%3D%3D&google_push=ASkJ3FZ3b5PDWOcsI6DSVRCeMcx7xQEySKyi1OMk6sR9ay6zDseApR2NrawkQOdUzwTUjez4rqdJlEns9USdxqvQES5AgoF2zD5x
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WTRtbnRIWm1DbHlpMXRWUVpacDBZdw%3D%3D&google_push=ASkJ3FZ3b5PDWOcsI6DSVRCeMcx7xQEySKyi1OMk6sR9ay6zDseApR2NrawkQOdUzwTUjez4rqdJlEns9USdxqvQES5AgoF2zD5x
date
Wed, 16 Nov 2022 08:08:10 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame A556
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEMXYY-wXEkHtCofMIIMseVE&c_param1=ASkJ3FbWQv4QHSZRVngQwqjEEDLyEXLiR8Sj5c3rcNquhIfFtGC1K0V7Cnx8eqTMqQLKms4MKjXDeo4xWBKpDHoj5ebWuyBx4uaS&gdpr=%%GDPR%%&...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FbWQv4QHSZRVngQwqjEEDLyEXLiR8Sj5c3rcNquhIfFtGC1K0V7Cnx8eqTMqQLKms4MKjXDeo4xWBKpDHoj5ebWuyBx4uaS
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FbWQv4QHSZRVngQwqjEEDLyEXLiR8Sj5c3rcNquhIfFtGC1K0V7Cnx8eqTMqQLKms4MKjXDeo4xWBKpDHoj5ebWuyBx4uaS
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ASkJ3FbWQv4QHSZRVngQwqjEEDLyEXLiR8Sj5c3rcNquhIfFtGC1K0V7Cnx8eqTMqQLKms4MKjXDeo4xWBKpDHoj5ebWuyBx4uaS
date
Wed, 16 Nov 2022 08:08:09 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame A556
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEAvAHbMqfpRUnDtEZYEDDAA&google_cver=1&google_push=ASkJ3Fata5qOoMD1CSr-SQnPzTJzvMuem0nRWYQ9c0CoKIkL7WLNgB5S7TwLkShKkABXwEwo7yQ6vBKMh_-lUtumA...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3Fata5qOoMD1CSr-SQnPzTJzvMuem0nRWYQ9c0CoKIkL7WLNgB5S7TwLkShKkABXwEwo7yQ6vBKMh_-lUtumAU_cbKplwAjj&google_hm=Ad9b43vjyUYaiQkG9Xe_NwM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3Fata5qOoMD1CSr-SQnPzTJzvMuem0nRWYQ9c0CoKIkL7WLNgB5S7TwLkShKkABXwEwo7yQ6vBKMh_-lUtumAU_cbKplwAjj&google_hm=Ad9b43vjyUYaiQkG9Xe_NwM
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=ASkJ3Fata5qOoMD1CSr-SQnPzTJzvMuem0nRWYQ9c0CoKIkL7WLNgB5S7TwLkShKkABXwEwo7yQ6vBKMh_-lUtumAU_cbKplwAjj&google_hm=Ad9b43vjyUYaiQkG9Xe_NwM
Date
Wed, 16 Nov 2022 08:08:10 GMT
Server
Apache
Connection
keep-alive
Content-Length
231
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame A556
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAZjbvvBRFcq_VWS6j3O5To&google_cver=1&google_push=ASkJ3FYfRKG40YAhmhULN5VeLoJ0vvuANMIoOQt2KFvLgz0irdhMB7AZk09FQ6FAISjThRjQBAwk0iDdBjZJSMrkoXLLP9qCAF7c
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FYfRKG40YAhmhULN5VeLoJ0vvuANMIoOQt2KFvLgz0irdhMB7AZk09FQ6FAISjThRjQBAwk0iDdBjZJSMrkoXLLP9qCAF7...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODUwODYyNDQ0MzA4MDAxNjk2OTM4&google_push=ASkJ3FYfRKG40YAhmhULN5VeLoJ0vvuANMIoOQt2KFvLgz0irdhMB7AZk09FQ6FA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODUwODYyNDQ0MzA4MDAxNjk2OTM4&google_push=ASkJ3FYfRKG40YAhmhULN5VeLoJ0vvuANMIoOQt2KFvLgz0irdhMB7AZk09FQ6FAISjThRjQBAwk0iDdBjZJSMrkoXLLP9qCAF7c
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODUwODYyNDQ0MzA4MDAxNjk2OTM4&google_push=ASkJ3FYfRKG40YAhmhULN5VeLoJ0vvuANMIoOQt2KFvLgz0irdhMB7AZk09FQ6FAISjThRjQBAwk0iDdBjZJSMrkoXLLP9qCAF7c
date
Wed, 16 Nov 2022 08:08:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame A556
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEAeWBf8ZQdIcIZjLpxuf8mY&google_cver=1&google_push=ASkJ3FY2tS7pH7HgJmk7rbusfEI8UMNuvf9VhirgvbHo4B9uyFTkNALJ3pECjxSC9kbEi8vVPrNyeB_VBuDDOHzXuEgGgZyMJzM
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FY2tS7pH7HgJmk7rbusfEI8UMNuvf9VhirgvbHo4B9uyFTkNALJ3pECjxSC9kbEi8vVPrNyeB_VBuDDOHzXuEgGgZyMJzM&google_hm=55d43ac19e59705a2c42...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FY2tS7pH7HgJmk7rbusfEI8UMNuvf9VhirgvbHo4B9uyFTkNALJ3pECjxSC9kbEi8vVPrNyeB_VBuDDOHzXuEgGgZyMJzM&google_hm=55d43ac19e59705a2c42d7f0ba432ac8
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ASkJ3FY2tS7pH7HgJmk7rbusfEI8UMNuvf9VhirgvbHo4B9uyFTkNALJ3pECjxSC9kbEi8vVPrNyeB_VBuDDOHzXuEgGgZyMJzM&google_hm=55d43ac19e59705a2c42d7f0ba432ac8
date
Wed, 16 Nov 2022 08:08:10 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
attr
cm.g.doubleclick.net/pixel/ Frame A556 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LGwindhYI-tZKoIT1lOiA6PfC7bFV6kj5VENuW36WBzK7HdmjwQnRYTs2IPlFT6NbPiKXA
Requested by
Host: 8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
URL: https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame F345 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0622b24ae21b906c69f5d790740693e1cc4431f7208a8087625894401bb4a4f7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 77E2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAAAgbsF2JSdAAY0UsD2bYVIX52lEbwRpw&u=%7CblmW%2B78xYvO24PU1HIGV1U7CxfbgFPl3LU%2F4HOoIbxE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ6rMIWIpO3VPTJB-7wGvYWpdkgDChUYiXiEFK6UyuzkIpIwcpt8LJlclC9iAi5V4hYqRLeTnPUkgCaxtd-mTlzNhcQsnelFo2u3pgtc7DDEfDra2eFd6PENR_ysBcl1MWyADBZ_o7NnGdP2ZKElygrUEd7ekPoo11uslaXVOyXMRG5_KOSUitm5NY_6TfmPTc78QrhTnpYqxSAJArIVtj4zJooCScIvRgbODqFO5kX_wmrpA7WJEKnrmPPxw_A26uIM1kktSX_2sB0vshhqNpBo2Qwoc8tIFno53jlaDu5l380VCwgiQknJT9T99-MWS9c34qo1jfNloq-A5KNyXybd5w1I2KD84KXPyJMS7YgxlNksn2PHlxFqYszmNnD7iHFg97czokVJATBBiAdxS5klDT83mbM92OcXBZvqZ_o4i-wd7Kj6HW1A0l5rkAFyMz_zYHZUz1nklT7jNGtw5R_bBen_93xDO6NyENDBTP3wMEzdMTmB7YG-1bO77BLLPcuKdACLSptBzPC-wj2UGBGIw2tiBf0_1Sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbjbRaJp0Y7uDAp2p4t4P0uiY4AyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLbGiioZ7emPqgDAaoEsgJP0ETw6bJtFrLIPvDBtK3MgT93TzDH6Vg8L4aNrkxu8O5Jb3-5AZSpDqFJ4cRFxAmIVMCP-NQIu8MutEQwnf2REjdPsc0UY4OHvw8_h2F6jDistv2zKSwy3tMPyvLZ1lNoYIhv7qILo7gbaoZXiQut8oo1CGrZlcd2MyM3JWrDMm_jXudzi4IjnF7SpTrPQWDQZU8nvDbvVOfNnEFaU3CAQecrQSf2YtNTH4JZUivgE5yTiyGXebFEEf-fiOWAgGqMTuHpusTn_Q9-e-_87tOF3DEZRGn7pidDajQAvHPDFv6QFOTLwyEkDPPhc8DVErQ7ifak_d6PR22-YZb5-xWpalZMUyIu-rSrjF37r7NSYZsnJhbt57B0PE7kE2Rcns85DHVedE4pbIIu_OhZX5TfQAmABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_11iSGEiHkuV2W4zLPslF2jPHNf-w%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:09 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 77E2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAAAgbsF2JSdAAY0UsD2bYVIX52lEbwRpw&u=%7CblmW%2B78xYvO24PU1HIGV1U7CxfbgFPl3LU%2F4HOoIbxE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ6rMIWIpO3VPTJB-7wGvYWpdkgDChUYiXiEFK6UyuzkIpIwcpt8LJlclC9iAi5V4hYqRLeTnPUkgCaxtd-mTlzNhcQsnelFo2u3pgtc7DDEfDra2eFd6PENR_ysBcl1MWyADBZ_o7NnGdP2ZKElygrUEd7ekPoo11uslaXVOyXMRG5_KOSUitm5NY_6TfmPTc78QrhTnpYqxSAJArIVtj4zJooCScIvRgbODqFO5kX_wmrpA7WJEKnrmPPxw_A26uIM1kktSX_2sB0vshhqNpBo2Qwoc8tIFno53jlaDu5l380VCwgiQknJT9T99-MWS9c34qo1jfNloq-A5KNyXybd5w1I2KD84KXPyJMS7YgxlNksn2PHlxFqYszmNnD7iHFg97czokVJATBBiAdxS5klDT83mbM92OcXBZvqZ_o4i-wd7Kj6HW1A0l5rkAFyMz_zYHZUz1nklT7jNGtw5R_bBen_93xDO6NyENDBTP3wMEzdMTmB7YG-1bO77BLLPcuKdACLSptBzPC-wj2UGBGIw2tiBf0_1Sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbjbRaJp0Y7uDAp2p4t4P0uiY4AyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLbGiioZ7emPqgDAaoEsgJP0ETw6bJtFrLIPvDBtK3MgT93TzDH6Vg8L4aNrkxu8O5Jb3-5AZSpDqFJ4cRFxAmIVMCP-NQIu8MutEQwnf2REjdPsc0UY4OHvw8_h2F6jDistv2zKSwy3tMPyvLZ1lNoYIhv7qILo7gbaoZXiQut8oo1CGrZlcd2MyM3JWrDMm_jXudzi4IjnF7SpTrPQWDQZU8nvDbvVOfNnEFaU3CAQecrQSf2YtNTH4JZUivgE5yTiyGXebFEEf-fiOWAgGqMTuHpusTn_Q9-e-_87tOF3DEZRGn7pidDajQAvHPDFv6QFOTLwyEkDPPhc8DVErQ7ifak_d6PR22-YZb5-xWpalZMUyIu-rSrjF37r7NSYZsnJhbt57B0PE7kE2Rcns85DHVedE4pbIIu_OhZX5TfQAmABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_11iSGEiHkuV2W4zLPslF2jPHNf-w%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:09 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 77E2 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAAAgbsF2JSdAAY0UsD2bYVIX52lEbwRpw&u=%7CblmW%2B78xYvO24PU1HIGV1U7CxfbgFPl3LU%2F4HOoIbxE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ6rMIWIpO3VPTJB-7wGvYWpdkgDChUYiXiEFK6UyuzkIpIwcpt8LJlclC9iAi5V4hYqRLeTnPUkgCaxtd-mTlzNhcQsnelFo2u3pgtc7DDEfDra2eFd6PENR_ysBcl1MWyADBZ_o7NnGdP2ZKElygrUEd7ekPoo11uslaXVOyXMRG5_KOSUitm5NY_6TfmPTc78QrhTnpYqxSAJArIVtj4zJooCScIvRgbODqFO5kX_wmrpA7WJEKnrmPPxw_A26uIM1kktSX_2sB0vshhqNpBo2Qwoc8tIFno53jlaDu5l380VCwgiQknJT9T99-MWS9c34qo1jfNloq-A5KNyXybd5w1I2KD84KXPyJMS7YgxlNksn2PHlxFqYszmNnD7iHFg97czokVJATBBiAdxS5klDT83mbM92OcXBZvqZ_o4i-wd7Kj6HW1A0l5rkAFyMz_zYHZUz1nklT7jNGtw5R_bBen_93xDO6NyENDBTP3wMEzdMTmB7YG-1bO77BLLPcuKdACLSptBzPC-wj2UGBGIw2tiBf0_1Sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbjbRaJp0Y7uDAp2p4t4P0uiY4AyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLbGiioZ7emPqgDAaoEsgJP0ETw6bJtFrLIPvDBtK3MgT93TzDH6Vg8L4aNrkxu8O5Jb3-5AZSpDqFJ4cRFxAmIVMCP-NQIu8MutEQwnf2REjdPsc0UY4OHvw8_h2F6jDistv2zKSwy3tMPyvLZ1lNoYIhv7qILo7gbaoZXiQut8oo1CGrZlcd2MyM3JWrDMm_jXudzi4IjnF7SpTrPQWDQZU8nvDbvVOfNnEFaU3CAQecrQSf2YtNTH4JZUivgE5yTiyGXebFEEf-fiOWAgGqMTuHpusTn_Q9-e-_87tOF3DEZRGn7pidDajQAvHPDFv6QFOTLwyEkDPPhc8DVErQ7ifak_d6PR22-YZb5-xWpalZMUyIu-rSrjF37r7NSYZsnJhbt57B0PE7kE2Rcns85DHVedE4pbIIu_OhZX5TfQAmABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_11iSGEiHkuV2W4zLPslF2jPHNf-w%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 11 Nov 2023 08:08:09 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 77E2 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAAAgbsF2JSdAAY0UsD2bYVIX52lEbwRpw&u=%7CblmW%2B78xYvO24PU1HIGV1U7CxfbgFPl3LU%2F4HOoIbxE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ6rMIWIpO3VPTJB-7wGvYWpdkgDChUYiXiEFK6UyuzkIpIwcpt8LJlclC9iAi5V4hYqRLeTnPUkgCaxtd-mTlzNhcQsnelFo2u3pgtc7DDEfDra2eFd6PENR_ysBcl1MWyADBZ_o7NnGdP2ZKElygrUEd7ekPoo11uslaXVOyXMRG5_KOSUitm5NY_6TfmPTc78QrhTnpYqxSAJArIVtj4zJooCScIvRgbODqFO5kX_wmrpA7WJEKnrmPPxw_A26uIM1kktSX_2sB0vshhqNpBo2Qwoc8tIFno53jlaDu5l380VCwgiQknJT9T99-MWS9c34qo1jfNloq-A5KNyXybd5w1I2KD84KXPyJMS7YgxlNksn2PHlxFqYszmNnD7iHFg97czokVJATBBiAdxS5klDT83mbM92OcXBZvqZ_o4i-wd7Kj6HW1A0l5rkAFyMz_zYHZUz1nklT7jNGtw5R_bBen_93xDO6NyENDBTP3wMEzdMTmB7YG-1bO77BLLPcuKdACLSptBzPC-wj2UGBGIw2tiBf0_1Sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbjbRaJp0Y7uDAp2p4t4P0uiY4AyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLbGiioZ7emPqgDAaoEsgJP0ETw6bJtFrLIPvDBtK3MgT93TzDH6Vg8L4aNrkxu8O5Jb3-5AZSpDqFJ4cRFxAmIVMCP-NQIu8MutEQwnf2REjdPsc0UY4OHvw8_h2F6jDistv2zKSwy3tMPyvLZ1lNoYIhv7qILo7gbaoZXiQut8oo1CGrZlcd2MyM3JWrDMm_jXudzi4IjnF7SpTrPQWDQZU8nvDbvVOfNnEFaU3CAQecrQSf2YtNTH4JZUivgE5yTiyGXebFEEf-fiOWAgGqMTuHpusTn_Q9-e-_87tOF3DEZRGn7pidDajQAvHPDFv6QFOTLwyEkDPPhc8DVErQ7ifak_d6PR22-YZb5-xWpalZMUyIu-rSrjF37r7NSYZsnJhbt57B0PE7kE2Rcns85DHVedE4pbIIu_OhZX5TfQAmABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_11iSGEiHkuV2W4zLPslF2jPHNf-w%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 11 Nov 2023 08:08:09 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 77E2 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=3smDijmL6mWA-AVkm3KuWvHIGhGNRP4k8ERbdnSQVVAizzoh_xOCzWMQghihIAYYr3y3Z1WPCz1RBTQD7PD7zwrPHA4_im0O9BOwmOWr96oJz_E8qekGBc3MwHyL30oGu4GS08dkoPwRal-XPu1b8RjAGVLYvnhBP-m8RmKw3bOE79AZ3faV3-NrtH99p5HZtWQqAa808mAxDOkeQ_b1NkvqDM4KebtdjwuRw-_GdkKBQ7_pgZj8hQcXyGMLtXZZVRVcwIId1KGg1yQHDnW_X8jrN2hvhCgIV6P8U6n2nqDjO5tkqHanoLNU0ShC3f4BLYQ8WNSu-exOZw1Plq26cPbum0P1aEFZmRKGiXTik4Tq9NH9g89skTde6lF8BRPVCYIyUqj4DbTd2hKuFwPh5lCqyoRb9xC8U6AXYwFT-E0ahajN
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAAAgbsF2JSdAAY0UsD2bYVIX52lEbwRpw&u=%7CblmW%2B78xYvO24PU1HIGV1U7CxfbgFPl3LU%2F4HOoIbxE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ6rMIWIpO3VPTJB-7wGvYWpdkgDChUYiXiEFK6UyuzkIpIwcpt8LJlclC9iAi5V4hYqRLeTnPUkgCaxtd-mTlzNhcQsnelFo2u3pgtc7DDEfDra2eFd6PENR_ysBcl1MWyADBZ_o7NnGdP2ZKElygrUEd7ekPoo11uslaXVOyXMRG5_KOSUitm5NY_6TfmPTc78QrhTnpYqxSAJArIVtj4zJooCScIvRgbODqFO5kX_wmrpA7WJEKnrmPPxw_A26uIM1kktSX_2sB0vshhqNpBo2Qwoc8tIFno53jlaDu5l380VCwgiQknJT9T99-MWS9c34qo1jfNloq-A5KNyXybd5w1I2KD84KXPyJMS7YgxlNksn2PHlxFqYszmNnD7iHFg97czokVJATBBiAdxS5klDT83mbM92OcXBZvqZ_o4i-wd7Kj6HW1A0l5rkAFyMz_zYHZUz1nklT7jNGtw5R_bBen_93xDO6NyENDBTP3wMEzdMTmB7YG-1bO77BLLPcuKdACLSptBzPC-wj2UGBGIw2tiBf0_1Sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbjbRaJp0Y7uDAp2p4t4P0uiY4AyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLbGiioZ7emPqgDAaoEsgJP0ETw6bJtFrLIPvDBtK3MgT93TzDH6Vg8L4aNrkxu8O5Jb3-5AZSpDqFJ4cRFxAmIVMCP-NQIu8MutEQwnf2REjdPsc0UY4OHvw8_h2F6jDistv2zKSwy3tMPyvLZ1lNoYIhv7qILo7gbaoZXiQut8oo1CGrZlcd2MyM3JWrDMm_jXudzi4IjnF7SpTrPQWDQZU8nvDbvVOfNnEFaU3CAQecrQSf2YtNTH4JZUivgE5yTiyGXebFEEf-fiOWAgGqMTuHpusTn_Q9-e-_87tOF3DEZRGn7pidDajQAvHPDFv6QFOTLwyEkDPPhc8DVErQ7ifak_d6PR22-YZb5-xWpalZMUyIu-rSrjF37r7NSYZsnJhbt57B0PE7kE2Rcns85DHVedE4pbIIu_OhZX5TfQAmABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_11iSGEiHkuV2W4zLPslF2jPHNf-w%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1747366
expires
Mon, 26 Jul 1997 05:00:00 GMT
589fa18543d74401a7e1a7bbcfd58f8e_image_ad_300x250.jpeg
static.criteo.net/design/dt/99951/221025/ Frame 77E2 		249 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/99951/221025/589fa18543d74401a7e1a7bbcfd58f8e_image_ad_300x250.jpeg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAAAgbsF2JSdAAY0UsD2bYVIX52lEbwRpw&u=%7CblmW%2B78xYvO24PU1HIGV1U7CxfbgFPl3LU%2F4HOoIbxE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ6rMIWIpO3VPTJB-7wGvYWpdkgDChUYiXiEFK6UyuzkIpIwcpt8LJlclC9iAi5V4hYqRLeTnPUkgCaxtd-mTlzNhcQsnelFo2u3pgtc7DDEfDra2eFd6PENR_ysBcl1MWyADBZ_o7NnGdP2ZKElygrUEd7ekPoo11uslaXVOyXMRG5_KOSUitm5NY_6TfmPTc78QrhTnpYqxSAJArIVtj4zJooCScIvRgbODqFO5kX_wmrpA7WJEKnrmPPxw_A26uIM1kktSX_2sB0vshhqNpBo2Qwoc8tIFno53jlaDu5l380VCwgiQknJT9T99-MWS9c34qo1jfNloq-A5KNyXybd5w1I2KD84KXPyJMS7YgxlNksn2PHlxFqYszmNnD7iHFg97czokVJATBBiAdxS5klDT83mbM92OcXBZvqZ_o4i-wd7Kj6HW1A0l5rkAFyMz_zYHZUz1nklT7jNGtw5R_bBen_93xDO6NyENDBTP3wMEzdMTmB7YG-1bO77BLLPcuKdACLSptBzPC-wj2UGBGIw2tiBf0_1Sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbjbRaJp0Y7uDAp2p4t4P0uiY4AyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLbGiioZ7emPqgDAaoEsgJP0ETw6bJtFrLIPvDBtK3MgT93TzDH6Vg8L4aNrkxu8O5Jb3-5AZSpDqFJ4cRFxAmIVMCP-NQIu8MutEQwnf2REjdPsc0UY4OHvw8_h2F6jDistv2zKSwy3tMPyvLZ1lNoYIhv7qILo7gbaoZXiQut8oo1CGrZlcd2MyM3JWrDMm_jXudzi4IjnF7SpTrPQWDQZU8nvDbvVOfNnEFaU3CAQecrQSf2YtNTH4JZUivgE5yTiyGXebFEEf-fiOWAgGqMTuHpusTn_Q9-e-_87tOF3DEZRGn7pidDajQAvHPDFv6QFOTLwyEkDPPhc8DVErQ7ifak_d6PR22-YZb5-xWpalZMUyIu-rSrjF37r7NSYZsnJhbt57B0PE7kE2Rcns85DHVedE4pbIIu_OhZX5TfQAmABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_11iSGEiHkuV2W4zLPslF2jPHNf-w%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
59137467b97878a05285b5b6ccb9a0e0d0b3453b550ddbb712b220a53e26fb5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 25 Oct 2022 22:30:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6358637d-3e208"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
254472
expires
Sat, 11 Nov 2023 08:08:09 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9592 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAABzHQAtwXmAAiBqqtNWPCza_pntPmsng&u=%7CblmW%2B78xYvPawCxrpeal7UTb09aAfF9iI%2Fs1zCHTEag%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ_tIQWD71p_2W1r8IqVsJs-X3wyLFBDZ6KMSsjCGnrGc31W2HJq0Sdca2sN42hnwg8xDTJ_SxgyVB5G6ScC75IvqzQCH_Glt1yX0I5wRll4BHkvNu_9FcDbH1gclZOc8w5mqWkmXHEsOqpGG5S4nzkO4FPTXkAvzrKASyrP-ub5nPqDUPsVvFsYG1T8BY7swzp0ainFahwY2llACrbCchusi1Jr186aq36da4XH7vo1dFRR1UNgi-67vyJ1HPtEnNUUWkSa-UQe7XuwNzcBuapuSNy9pWa9jpCBMgUuwwnoyi8QRoDRtf7gqHm9oBVF21TVPcGZCwTMC7AOaBX7ZSTzijXkdfXz_BxY2xyTdTOu40cTfA45r8t4h0_-pBs6hF8d9YhYGjrzbkWB39Fg6dgu_5-UjpqyK9hjTGqTDH5hTFGgeIEnmbwotSax1mugqwxSC6_-_PIPm3VvS1TvRMc5BVZThem4WtnWljXprgAtplUMsbC4JHjnUsULBBZjbwjqBQ_V9DfGy9Z9hq2EE5ngsMsRm7Wptrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOJwgaJp0Y_SYB-aL3LUPqoOiwAGY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoErAJP0LEKsYusBraWHVbla6Ndk_UN9ds7QNOqKPxCW8-w7igLPXXW1ERoR09mN3I3I-1qPPo5AmMHAZIiqAZwOqZG6CGsMuPVd6uwYEnUZMxkkqaq7D6bmwPzX3wS7iYLrLnRSwkOsEglrD5oHRVgOBLjtk_UI4gnFcjTJmVRMQWAs3cBk8kQSSJY8LiWMB8NlixubnZL-HYnOrHMHBqOeCZ5yCRwnDvGTNQXgRAl6vH7hnAGzMkLYIPSkyEon7sQpYx4Y3ZHXMDVG-WacFeGZLPvPlRMP9dAE-L96jKdzjVHydfPy31u7J22qzQImLheTar9hjtSmuE04ZqalCTQUGdGf0BLt5oPT4DP_0UNumdjwKOksY5dryfVMMWjSx3HqsbnVJTD5F1GP_7kAF6ABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jUKfOYsExZtq831yQ7aQzggYRUg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:09 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9592 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAABzHQAtwXmAAiBqqtNWPCza_pntPmsng&u=%7CblmW%2B78xYvPawCxrpeal7UTb09aAfF9iI%2Fs1zCHTEag%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ_tIQWD71p_2W1r8IqVsJs-X3wyLFBDZ6KMSsjCGnrGc31W2HJq0Sdca2sN42hnwg8xDTJ_SxgyVB5G6ScC75IvqzQCH_Glt1yX0I5wRll4BHkvNu_9FcDbH1gclZOc8w5mqWkmXHEsOqpGG5S4nzkO4FPTXkAvzrKASyrP-ub5nPqDUPsVvFsYG1T8BY7swzp0ainFahwY2llACrbCchusi1Jr186aq36da4XH7vo1dFRR1UNgi-67vyJ1HPtEnNUUWkSa-UQe7XuwNzcBuapuSNy9pWa9jpCBMgUuwwnoyi8QRoDRtf7gqHm9oBVF21TVPcGZCwTMC7AOaBX7ZSTzijXkdfXz_BxY2xyTdTOu40cTfA45r8t4h0_-pBs6hF8d9YhYGjrzbkWB39Fg6dgu_5-UjpqyK9hjTGqTDH5hTFGgeIEnmbwotSax1mugqwxSC6_-_PIPm3VvS1TvRMc5BVZThem4WtnWljXprgAtplUMsbC4JHjnUsULBBZjbwjqBQ_V9DfGy9Z9hq2EE5ngsMsRm7Wptrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOJwgaJp0Y_SYB-aL3LUPqoOiwAGY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoErAJP0LEKsYusBraWHVbla6Ndk_UN9ds7QNOqKPxCW8-w7igLPXXW1ERoR09mN3I3I-1qPPo5AmMHAZIiqAZwOqZG6CGsMuPVd6uwYEnUZMxkkqaq7D6bmwPzX3wS7iYLrLnRSwkOsEglrD5oHRVgOBLjtk_UI4gnFcjTJmVRMQWAs3cBk8kQSSJY8LiWMB8NlixubnZL-HYnOrHMHBqOeCZ5yCRwnDvGTNQXgRAl6vH7hnAGzMkLYIPSkyEon7sQpYx4Y3ZHXMDVG-WacFeGZLPvPlRMP9dAE-L96jKdzjVHydfPy31u7J22qzQImLheTar9hjtSmuE04ZqalCTQUGdGf0BLt5oPT4DP_0UNumdjwKOksY5dryfVMMWjSx3HqsbnVJTD5F1GP_7kAF6ABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jUKfOYsExZtq831yQ7aQzggYRUg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:09 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9592 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAABzHQAtwXmAAiBqqtNWPCza_pntPmsng&u=%7CblmW%2B78xYvPawCxrpeal7UTb09aAfF9iI%2Fs1zCHTEag%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ_tIQWD71p_2W1r8IqVsJs-X3wyLFBDZ6KMSsjCGnrGc31W2HJq0Sdca2sN42hnwg8xDTJ_SxgyVB5G6ScC75IvqzQCH_Glt1yX0I5wRll4BHkvNu_9FcDbH1gclZOc8w5mqWkmXHEsOqpGG5S4nzkO4FPTXkAvzrKASyrP-ub5nPqDUPsVvFsYG1T8BY7swzp0ainFahwY2llACrbCchusi1Jr186aq36da4XH7vo1dFRR1UNgi-67vyJ1HPtEnNUUWkSa-UQe7XuwNzcBuapuSNy9pWa9jpCBMgUuwwnoyi8QRoDRtf7gqHm9oBVF21TVPcGZCwTMC7AOaBX7ZSTzijXkdfXz_BxY2xyTdTOu40cTfA45r8t4h0_-pBs6hF8d9YhYGjrzbkWB39Fg6dgu_5-UjpqyK9hjTGqTDH5hTFGgeIEnmbwotSax1mugqwxSC6_-_PIPm3VvS1TvRMc5BVZThem4WtnWljXprgAtplUMsbC4JHjnUsULBBZjbwjqBQ_V9DfGy9Z9hq2EE5ngsMsRm7Wptrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOJwgaJp0Y_SYB-aL3LUPqoOiwAGY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoErAJP0LEKsYusBraWHVbla6Ndk_UN9ds7QNOqKPxCW8-w7igLPXXW1ERoR09mN3I3I-1qPPo5AmMHAZIiqAZwOqZG6CGsMuPVd6uwYEnUZMxkkqaq7D6bmwPzX3wS7iYLrLnRSwkOsEglrD5oHRVgOBLjtk_UI4gnFcjTJmVRMQWAs3cBk8kQSSJY8LiWMB8NlixubnZL-HYnOrHMHBqOeCZ5yCRwnDvGTNQXgRAl6vH7hnAGzMkLYIPSkyEon7sQpYx4Y3ZHXMDVG-WacFeGZLPvPlRMP9dAE-L96jKdzjVHydfPy31u7J22qzQImLheTar9hjtSmuE04ZqalCTQUGdGf0BLt5oPT4DP_0UNumdjwKOksY5dryfVMMWjSx3HqsbnVJTD5F1GP_7kAF6ABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jUKfOYsExZtq831yQ7aQzggYRUg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 11 Nov 2023 08:08:09 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9592 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAABzHQAtwXmAAiBqqtNWPCza_pntPmsng&u=%7CblmW%2B78xYvPawCxrpeal7UTb09aAfF9iI%2Fs1zCHTEag%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ_tIQWD71p_2W1r8IqVsJs-X3wyLFBDZ6KMSsjCGnrGc31W2HJq0Sdca2sN42hnwg8xDTJ_SxgyVB5G6ScC75IvqzQCH_Glt1yX0I5wRll4BHkvNu_9FcDbH1gclZOc8w5mqWkmXHEsOqpGG5S4nzkO4FPTXkAvzrKASyrP-ub5nPqDUPsVvFsYG1T8BY7swzp0ainFahwY2llACrbCchusi1Jr186aq36da4XH7vo1dFRR1UNgi-67vyJ1HPtEnNUUWkSa-UQe7XuwNzcBuapuSNy9pWa9jpCBMgUuwwnoyi8QRoDRtf7gqHm9oBVF21TVPcGZCwTMC7AOaBX7ZSTzijXkdfXz_BxY2xyTdTOu40cTfA45r8t4h0_-pBs6hF8d9YhYGjrzbkWB39Fg6dgu_5-UjpqyK9hjTGqTDH5hTFGgeIEnmbwotSax1mugqwxSC6_-_PIPm3VvS1TvRMc5BVZThem4WtnWljXprgAtplUMsbC4JHjnUsULBBZjbwjqBQ_V9DfGy9Z9hq2EE5ngsMsRm7Wptrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOJwgaJp0Y_SYB-aL3LUPqoOiwAGY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoErAJP0LEKsYusBraWHVbla6Ndk_UN9ds7QNOqKPxCW8-w7igLPXXW1ERoR09mN3I3I-1qPPo5AmMHAZIiqAZwOqZG6CGsMuPVd6uwYEnUZMxkkqaq7D6bmwPzX3wS7iYLrLnRSwkOsEglrD5oHRVgOBLjtk_UI4gnFcjTJmVRMQWAs3cBk8kQSSJY8LiWMB8NlixubnZL-HYnOrHMHBqOeCZ5yCRwnDvGTNQXgRAl6vH7hnAGzMkLYIPSkyEon7sQpYx4Y3ZHXMDVG-WacFeGZLPvPlRMP9dAE-L96jKdzjVHydfPy31u7J22qzQImLheTar9hjtSmuE04ZqalCTQUGdGf0BLt5oPT4DP_0UNumdjwKOksY5dryfVMMWjSx3HqsbnVJTD5F1GP_7kAF6ABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jUKfOYsExZtq831yQ7aQzggYRUg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 11 Nov 2023 08:08:09 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 9592 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=wdTvUTmL6mWA-AVkm3KuWvHIGhEVI6AHcT1Oce9U84CkapnYRVa15vB4WbowUDf96pVVSybh8nCxxWQk4r3nK6lGDr-1Nx36Mu8IfxovKx0u_9RxlG4VJtwI8A7z1-8KF-uFAMl2bEQocTFdvoCofyrsuEI4WYSsEWvDXVOBSStguzUD-FGlB48QF8nwaynS9wtY6hRPQPlvZChhdlPYdQMBlJdV-U03vYf_uPRvIJAvWn7x7mg6aUem8Uhrsn8Qi6f9c_AFWv7PWmvhuI5LD_N7TDXarDWqvEJwABhCMUlXx2FXq1WfzgSq_ePhZ6CMTHp6wl_4N2SajQhHx7cdWkrTUT6golrEcCZcbFNLnxAZl50nKC0HA_sVbrFlmy-9lOoi9A6qtZYXFtTIx2tWgrkBQaRSG_yi0tifsXoVGxQKaxPZ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAABzHQAtwXmAAiBqqtNWPCza_pntPmsng&u=%7CblmW%2B78xYvPawCxrpeal7UTb09aAfF9iI%2Fs1zCHTEag%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ_tIQWD71p_2W1r8IqVsJs-X3wyLFBDZ6KMSsjCGnrGc31W2HJq0Sdca2sN42hnwg8xDTJ_SxgyVB5G6ScC75IvqzQCH_Glt1yX0I5wRll4BHkvNu_9FcDbH1gclZOc8w5mqWkmXHEsOqpGG5S4nzkO4FPTXkAvzrKASyrP-ub5nPqDUPsVvFsYG1T8BY7swzp0ainFahwY2llACrbCchusi1Jr186aq36da4XH7vo1dFRR1UNgi-67vyJ1HPtEnNUUWkSa-UQe7XuwNzcBuapuSNy9pWa9jpCBMgUuwwnoyi8QRoDRtf7gqHm9oBVF21TVPcGZCwTMC7AOaBX7ZSTzijXkdfXz_BxY2xyTdTOu40cTfA45r8t4h0_-pBs6hF8d9YhYGjrzbkWB39Fg6dgu_5-UjpqyK9hjTGqTDH5hTFGgeIEnmbwotSax1mugqwxSC6_-_PIPm3VvS1TvRMc5BVZThem4WtnWljXprgAtplUMsbC4JHjnUsULBBZjbwjqBQ_V9DfGy9Z9hq2EE5ngsMsRm7Wptrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOJwgaJp0Y_SYB-aL3LUPqoOiwAGY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoErAJP0LEKsYusBraWHVbla6Ndk_UN9ds7QNOqKPxCW8-w7igLPXXW1ERoR09mN3I3I-1qPPo5AmMHAZIiqAZwOqZG6CGsMuPVd6uwYEnUZMxkkqaq7D6bmwPzX3wS7iYLrLnRSwkOsEglrD5oHRVgOBLjtk_UI4gnFcjTJmVRMQWAs3cBk8kQSSJY8LiWMB8NlixubnZL-HYnOrHMHBqOeCZ5yCRwnDvGTNQXgRAl6vH7hnAGzMkLYIPSkyEon7sQpYx4Y3ZHXMDVG-WacFeGZLPvPlRMP9dAE-L96jKdzjVHydfPy31u7J22qzQImLheTar9hjtSmuE04ZqalCTQUGdGf0BLt5oPT4DP_0UNumdjwKOksY5dryfVMMWjSx3HqsbnVJTD5F1GP_7kAF6ABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jUKfOYsExZtq831yQ7aQzggYRUg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1694345
expires
Mon, 26 Jul 1997 05:00:00 GMT
589fa18543d74401a7e1a7bbcfd58f8e_image_ad_300x250.jpeg
static.criteo.net/design/dt/99951/221025/ Frame 9592 		249 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/99951/221025/589fa18543d74401a7e1a7bbcfd58f8e_image_ad_300x250.jpeg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAABzHQAtwXmAAiBqqtNWPCza_pntPmsng&u=%7CblmW%2B78xYvPawCxrpeal7UTb09aAfF9iI%2Fs1zCHTEag%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ_tIQWD71p_2W1r8IqVsJs-X3wyLFBDZ6KMSsjCGnrGc31W2HJq0Sdca2sN42hnwg8xDTJ_SxgyVB5G6ScC75IvqzQCH_Glt1yX0I5wRll4BHkvNu_9FcDbH1gclZOc8w5mqWkmXHEsOqpGG5S4nzkO4FPTXkAvzrKASyrP-ub5nPqDUPsVvFsYG1T8BY7swzp0ainFahwY2llACrbCchusi1Jr186aq36da4XH7vo1dFRR1UNgi-67vyJ1HPtEnNUUWkSa-UQe7XuwNzcBuapuSNy9pWa9jpCBMgUuwwnoyi8QRoDRtf7gqHm9oBVF21TVPcGZCwTMC7AOaBX7ZSTzijXkdfXz_BxY2xyTdTOu40cTfA45r8t4h0_-pBs6hF8d9YhYGjrzbkWB39Fg6dgu_5-UjpqyK9hjTGqTDH5hTFGgeIEnmbwotSax1mugqwxSC6_-_PIPm3VvS1TvRMc5BVZThem4WtnWljXprgAtplUMsbC4JHjnUsULBBZjbwjqBQ_V9DfGy9Z9hq2EE5ngsMsRm7Wptrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOJwgaJp0Y_SYB-aL3LUPqoOiwAGY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoErAJP0LEKsYusBraWHVbla6Ndk_UN9ds7QNOqKPxCW8-w7igLPXXW1ERoR09mN3I3I-1qPPo5AmMHAZIiqAZwOqZG6CGsMuPVd6uwYEnUZMxkkqaq7D6bmwPzX3wS7iYLrLnRSwkOsEglrD5oHRVgOBLjtk_UI4gnFcjTJmVRMQWAs3cBk8kQSSJY8LiWMB8NlixubnZL-HYnOrHMHBqOeCZ5yCRwnDvGTNQXgRAl6vH7hnAGzMkLYIPSkyEon7sQpYx4Y3ZHXMDVG-WacFeGZLPvPlRMP9dAE-L96jKdzjVHydfPy31u7J22qzQImLheTar9hjtSmuE04ZqalCTQUGdGf0BLt5oPT4DP_0UNumdjwKOksY5dryfVMMWjSx3HqsbnVJTD5F1GP_7kAF6ABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jUKfOYsExZtq831yQ7aQzggYRUg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
59137467b97878a05285b5b6ccb9a0e0d0b3453b550ddbb712b220a53e26fb5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 25 Oct 2022 22:30:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6358637d-3e208"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
254472
expires
Sat, 11 Nov 2023 08:08:09 GMT
all
csm.as.criteo.net/ Frame 77E2 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=uLOSZGfWJwwNOkB6YeLcoHubLkDWl-JjniTkwsE2k1IDVlWMrgJ-r7Q9M1anNwn4hkMw2FXTD9__CX0SMLtF094BSt_0n8CDQ42A_R8HAX3gxZ1QBJ719YNPQpcvWWe9kEcsKcQBY93wJ8BeIf_6fhyOfBKWLR4mq9CUagvolwctzWLS2wsJsN4_fno_o8N0Yr3zUnuSqfV0_KJtiCF74J6iNzNHna1ZJQjTFyUhvTIMr-XnhWi7V-jXPb-SDc5XWK15fV9bJJ3iBcQZ&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAAAgbsF2JSdAAY0UsD2bYVIX52lEbwRpw&u=%7CblmW%2B78xYvO24PU1HIGV1U7CxfbgFPl3LU%2F4HOoIbxE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ6rMIWIpO3VPTJB-7wGvYWpdkgDChUYiXiEFK6UyuzkIpIwcpt8LJlclC9iAi5V4hYqRLeTnPUkgCaxtd-mTlzNhcQsnelFo2u3pgtc7DDEfDra2eFd6PENR_ysBcl1MWyADBZ_o7NnGdP2ZKElygrUEd7ekPoo11uslaXVOyXMRG5_KOSUitm5NY_6TfmPTc78QrhTnpYqxSAJArIVtj4zJooCScIvRgbODqFO5kX_wmrpA7WJEKnrmPPxw_A26uIM1kktSX_2sB0vshhqNpBo2Qwoc8tIFno53jlaDu5l380VCwgiQknJT9T99-MWS9c34qo1jfNloq-A5KNyXybd5w1I2KD84KXPyJMS7YgxlNksn2PHlxFqYszmNnD7iHFg97czokVJATBBiAdxS5klDT83mbM92OcXBZvqZ_o4i-wd7Kj6HW1A0l5rkAFyMz_zYHZUz1nklT7jNGtw5R_bBen_93xDO6NyENDBTP3wMEzdMTmB7YG-1bO77BLLPcuKdACLSptBzPC-wj2UGBGIw2tiBf0_1Sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbjbRaJp0Y7uDAp2p4t4P0uiY4AyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLbGiioZ7emPqgDAaoEsgJP0ETw6bJtFrLIPvDBtK3MgT93TzDH6Vg8L4aNrkxu8O5Jb3-5AZSpDqFJ4cRFxAmIVMCP-NQIu8MutEQwnf2REjdPsc0UY4OHvw8_h2F6jDistv2zKSwy3tMPyvLZ1lNoYIhv7qILo7gbaoZXiQut8oo1CGrZlcd2MyM3JWrDMm_jXudzi4IjnF7SpTrPQWDQZU8nvDbvVOfNnEFaU3CAQecrQSf2YtNTH4JZUivgE5yTiyGXebFEEf-fiOWAgGqMTuHpusTn_Q9-e-_87tOF3DEZRGn7pidDajQAvHPDFv6QFOTLwyEkDPPhc8DVErQ7ifak_d6PR22-YZb5-xWpalZMUyIu-rSrjF37r7NSYZsnJhbt57B0PE7kE2Rcns85DHVedE4pbIIu_OhZX5TfQAmABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_11iSGEiHkuV2W4zLPslF2jPHNf-w%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 77E2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAAAgbsF2JSdAAY0UsD2bYVIX52lEbwRpw&u=%7CblmW%2B78xYvO24PU1HIGV1U7CxfbgFPl3LU%2F4HOoIbxE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ6rMIWIpO3VPTJB-7wGvYWpdkgDChUYiXiEFK6UyuzkIpIwcpt8LJlclC9iAi5V4hYqRLeTnPUkgCaxtd-mTlzNhcQsnelFo2u3pgtc7DDEfDra2eFd6PENR_ysBcl1MWyADBZ_o7NnGdP2ZKElygrUEd7ekPoo11uslaXVOyXMRG5_KOSUitm5NY_6TfmPTc78QrhTnpYqxSAJArIVtj4zJooCScIvRgbODqFO5kX_wmrpA7WJEKnrmPPxw_A26uIM1kktSX_2sB0vshhqNpBo2Qwoc8tIFno53jlaDu5l380VCwgiQknJT9T99-MWS9c34qo1jfNloq-A5KNyXybd5w1I2KD84KXPyJMS7YgxlNksn2PHlxFqYszmNnD7iHFg97czokVJATBBiAdxS5klDT83mbM92OcXBZvqZ_o4i-wd7Kj6HW1A0l5rkAFyMz_zYHZUz1nklT7jNGtw5R_bBen_93xDO6NyENDBTP3wMEzdMTmB7YG-1bO77BLLPcuKdACLSptBzPC-wj2UGBGIw2tiBf0_1Sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbjbRaJp0Y7uDAp2p4t4P0uiY4AyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLbGiioZ7emPqgDAaoEsgJP0ETw6bJtFrLIPvDBtK3MgT93TzDH6Vg8L4aNrkxu8O5Jb3-5AZSpDqFJ4cRFxAmIVMCP-NQIu8MutEQwnf2REjdPsc0UY4OHvw8_h2F6jDistv2zKSwy3tMPyvLZ1lNoYIhv7qILo7gbaoZXiQut8oo1CGrZlcd2MyM3JWrDMm_jXudzi4IjnF7SpTrPQWDQZU8nvDbvVOfNnEFaU3CAQecrQSf2YtNTH4JZUivgE5yTiyGXebFEEf-fiOWAgGqMTuHpusTn_Q9-e-_87tOF3DEZRGn7pidDajQAvHPDFv6QFOTLwyEkDPPhc8DVErQ7ifak_d6PR22-YZb5-xWpalZMUyIu-rSrjF37r7NSYZsnJhbt57B0PE7kE2Rcns85DHVedE4pbIIu_OhZX5TfQAmABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_11iSGEiHkuV2W4zLPslF2jPHNf-w%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:10 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 77E2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAAAgbsF2JSdAAY0UsD2bYVIX52lEbwRpw&u=%7CblmW%2B78xYvO24PU1HIGV1U7CxfbgFPl3LU%2F4HOoIbxE%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ6rMIWIpO3VPTJB-7wGvYWpdkgDChUYiXiEFK6UyuzkIpIwcpt8LJlclC9iAi5V4hYqRLeTnPUkgCaxtd-mTlzNhcQsnelFo2u3pgtc7DDEfDra2eFd6PENR_ysBcl1MWyADBZ_o7NnGdP2ZKElygrUEd7ekPoo11uslaXVOyXMRG5_KOSUitm5NY_6TfmPTc78QrhTnpYqxSAJArIVtj4zJooCScIvRgbODqFO5kX_wmrpA7WJEKnrmPPxw_A26uIM1kktSX_2sB0vshhqNpBo2Qwoc8tIFno53jlaDu5l380VCwgiQknJT9T99-MWS9c34qo1jfNloq-A5KNyXybd5w1I2KD84KXPyJMS7YgxlNksn2PHlxFqYszmNnD7iHFg97czokVJATBBiAdxS5klDT83mbM92OcXBZvqZ_o4i-wd7Kj6HW1A0l5rkAFyMz_zYHZUz1nklT7jNGtw5R_bBen_93xDO6NyENDBTP3wMEzdMTmB7YG-1bO77BLLPcuKdACLSptBzPC-wj2UGBGIw2tiBf0_1Sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbjbRaJp0Y7uDAp2p4t4P0uiY4AyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQLbGiioZ7emPqgDAaoEsgJP0ETw6bJtFrLIPvDBtK3MgT93TzDH6Vg8L4aNrkxu8O5Jb3-5AZSpDqFJ4cRFxAmIVMCP-NQIu8MutEQwnf2REjdPsc0UY4OHvw8_h2F6jDistv2zKSwy3tMPyvLZ1lNoYIhv7qILo7gbaoZXiQut8oo1CGrZlcd2MyM3JWrDMm_jXudzi4IjnF7SpTrPQWDQZU8nvDbvVOfNnEFaU3CAQecrQSf2YtNTH4JZUivgE5yTiyGXebFEEf-fiOWAgGqMTuHpusTn_Q9-e-_87tOF3DEZRGn7pidDajQAvHPDFv6QFOTLwyEkDPPhc8DVErQ7ifak_d6PR22-YZb5-xWpalZMUyIu-rSrjF37r7NSYZsnJhbt57B0PE7kE2Rcns85DHVedE4pbIIu_OhZX5TfQAmABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_11iSGEiHkuV2W4zLPslF2jPHNf-w%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:10 GMT
all
csm.as.criteo.net/ Frame 9592 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=c34pjmfWJwwNOkB6epXwuuGRiIkTEB-2Kro2DxrLOjTvcq-goa8GdYNjOAv8ZZjgF7pHtsAmuWv3xviMPFnGDl4jR21jFmtWwXAud0UtzdiK1X_eSIELNu5WnZ2S9TZuJOfNSaOABPStypvFIr27EDmTQz4XBKPv01M13HyhE3PJWuQM1C55Bv8H6CoWKcBown_ho7YEimjiZAhZBAY-fGMfMF64qNLapStxKvyLNaHFKjf5FG_OZRaia9h0NUPIDOZz--viPtmdxOq_&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAABzHQAtwXmAAiBqqtNWPCza_pntPmsng&u=%7CblmW%2B78xYvPawCxrpeal7UTb09aAfF9iI%2Fs1zCHTEag%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ_tIQWD71p_2W1r8IqVsJs-X3wyLFBDZ6KMSsjCGnrGc31W2HJq0Sdca2sN42hnwg8xDTJ_SxgyVB5G6ScC75IvqzQCH_Glt1yX0I5wRll4BHkvNu_9FcDbH1gclZOc8w5mqWkmXHEsOqpGG5S4nzkO4FPTXkAvzrKASyrP-ub5nPqDUPsVvFsYG1T8BY7swzp0ainFahwY2llACrbCchusi1Jr186aq36da4XH7vo1dFRR1UNgi-67vyJ1HPtEnNUUWkSa-UQe7XuwNzcBuapuSNy9pWa9jpCBMgUuwwnoyi8QRoDRtf7gqHm9oBVF21TVPcGZCwTMC7AOaBX7ZSTzijXkdfXz_BxY2xyTdTOu40cTfA45r8t4h0_-pBs6hF8d9YhYGjrzbkWB39Fg6dgu_5-UjpqyK9hjTGqTDH5hTFGgeIEnmbwotSax1mugqwxSC6_-_PIPm3VvS1TvRMc5BVZThem4WtnWljXprgAtplUMsbC4JHjnUsULBBZjbwjqBQ_V9DfGy9Z9hq2EE5ngsMsRm7Wptrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOJwgaJp0Y_SYB-aL3LUPqoOiwAGY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoErAJP0LEKsYusBraWHVbla6Ndk_UN9ds7QNOqKPxCW8-w7igLPXXW1ERoR09mN3I3I-1qPPo5AmMHAZIiqAZwOqZG6CGsMuPVd6uwYEnUZMxkkqaq7D6bmwPzX3wS7iYLrLnRSwkOsEglrD5oHRVgOBLjtk_UI4gnFcjTJmVRMQWAs3cBk8kQSSJY8LiWMB8NlixubnZL-HYnOrHMHBqOeCZ5yCRwnDvGTNQXgRAl6vH7hnAGzMkLYIPSkyEon7sQpYx4Y3ZHXMDVG-WacFeGZLPvPlRMP9dAE-L96jKdzjVHydfPy31u7J22qzQImLheTar9hjtSmuE04ZqalCTQUGdGf0BLt5oPT4DP_0UNumdjwKOksY5dryfVMMWjSx3HqsbnVJTD5F1GP_7kAF6ABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jUKfOYsExZtq831yQ7aQzggYRUg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 16 Nov 2022 08:08:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9592 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAABzHQAtwXmAAiBqqtNWPCza_pntPmsng&u=%7CblmW%2B78xYvPawCxrpeal7UTb09aAfF9iI%2Fs1zCHTEag%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ_tIQWD71p_2W1r8IqVsJs-X3wyLFBDZ6KMSsjCGnrGc31W2HJq0Sdca2sN42hnwg8xDTJ_SxgyVB5G6ScC75IvqzQCH_Glt1yX0I5wRll4BHkvNu_9FcDbH1gclZOc8w5mqWkmXHEsOqpGG5S4nzkO4FPTXkAvzrKASyrP-ub5nPqDUPsVvFsYG1T8BY7swzp0ainFahwY2llACrbCchusi1Jr186aq36da4XH7vo1dFRR1UNgi-67vyJ1HPtEnNUUWkSa-UQe7XuwNzcBuapuSNy9pWa9jpCBMgUuwwnoyi8QRoDRtf7gqHm9oBVF21TVPcGZCwTMC7AOaBX7ZSTzijXkdfXz_BxY2xyTdTOu40cTfA45r8t4h0_-pBs6hF8d9YhYGjrzbkWB39Fg6dgu_5-UjpqyK9hjTGqTDH5hTFGgeIEnmbwotSax1mugqwxSC6_-_PIPm3VvS1TvRMc5BVZThem4WtnWljXprgAtplUMsbC4JHjnUsULBBZjbwjqBQ_V9DfGy9Z9hq2EE5ngsMsRm7Wptrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOJwgaJp0Y_SYB-aL3LUPqoOiwAGY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoErAJP0LEKsYusBraWHVbla6Ndk_UN9ds7QNOqKPxCW8-w7igLPXXW1ERoR09mN3I3I-1qPPo5AmMHAZIiqAZwOqZG6CGsMuPVd6uwYEnUZMxkkqaq7D6bmwPzX3wS7iYLrLnRSwkOsEglrD5oHRVgOBLjtk_UI4gnFcjTJmVRMQWAs3cBk8kQSSJY8LiWMB8NlixubnZL-HYnOrHMHBqOeCZ5yCRwnDvGTNQXgRAl6vH7hnAGzMkLYIPSkyEon7sQpYx4Y3ZHXMDVG-WacFeGZLPvPlRMP9dAE-L96jKdzjVHydfPy31u7J22qzQImLheTar9hjtSmuE04ZqalCTQUGdGf0BLt5oPT4DP_0UNumdjwKOksY5dryfVMMWjSx3HqsbnVJTD5F1GP_7kAF6ABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jUKfOYsExZtq831yQ7aQzggYRUg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:10 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9592 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAABzHQAtwXmAAiBqqtNWPCza_pntPmsng&u=%7CblmW%2B78xYvPawCxrpeal7UTb09aAfF9iI%2Fs1zCHTEag%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ_tIQWD71p_2W1r8IqVsJs-X3wyLFBDZ6KMSsjCGnrGc31W2HJq0Sdca2sN42hnwg8xDTJ_SxgyVB5G6ScC75IvqzQCH_Glt1yX0I5wRll4BHkvNu_9FcDbH1gclZOc8w5mqWkmXHEsOqpGG5S4nzkO4FPTXkAvzrKASyrP-ub5nPqDUPsVvFsYG1T8BY7swzp0ainFahwY2llACrbCchusi1Jr186aq36da4XH7vo1dFRR1UNgi-67vyJ1HPtEnNUUWkSa-UQe7XuwNzcBuapuSNy9pWa9jpCBMgUuwwnoyi8QRoDRtf7gqHm9oBVF21TVPcGZCwTMC7AOaBX7ZSTzijXkdfXz_BxY2xyTdTOu40cTfA45r8t4h0_-pBs6hF8d9YhYGjrzbkWB39Fg6dgu_5-UjpqyK9hjTGqTDH5hTFGgeIEnmbwotSax1mugqwxSC6_-_PIPm3VvS1TvRMc5BVZThem4WtnWljXprgAtplUMsbC4JHjnUsULBBZjbwjqBQ_V9DfGy9Z9hq2EE5ngsMsRm7Wptrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOJwgaJp0Y_SYB-aL3LUPqoOiwAGY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoErAJP0LEKsYusBraWHVbla6Ndk_UN9ds7QNOqKPxCW8-w7igLPXXW1ERoR09mN3I3I-1qPPo5AmMHAZIiqAZwOqZG6CGsMuPVd6uwYEnUZMxkkqaq7D6bmwPzX3wS7iYLrLnRSwkOsEglrD5oHRVgOBLjtk_UI4gnFcjTJmVRMQWAs3cBk8kQSSJY8LiWMB8NlixubnZL-HYnOrHMHBqOeCZ5yCRwnDvGTNQXgRAl6vH7hnAGzMkLYIPSkyEon7sQpYx4Y3ZHXMDVG-WacFeGZLPvPlRMP9dAE-L96jKdzjVHydfPy31u7J22qzQImLheTar9hjtSmuE04ZqalCTQUGdGf0BLt5oPT4DP_0UNumdjwKOksY5dryfVMMWjSx3HqsbnVJTD5F1GP_7kAF6ABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jUKfOYsExZtq831yQ7aQzggYRUg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:10 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8E7E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gEAtwC6AAsSxfubE1LfGQ7f6y4rpg&u=%7CblmW%2B78xYvNkhjutpKRiURwKzKJC7DItMzuXhjAm6pQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ2hC4uILZowBu82gW3RQjlaCA8zLvbqJSJI_JvLXwEi_Pv9EjEa0_9fV8l4HQQ4doblKx8F-gi16YXtAnpL6EARASuKUoPu3W5BmUbg-UthZyfjpVKB99pYNG72EcQ2q1EKpYWBoyPdk3j2k5DxwwMf9NdyyfwgvqoB_R7vCsuXQFZb_ckER_v7ASc4JpBMvYwg_LJBpyHOigNi2SrBheXsN_2_mgBlbB6wBBxocBqPXpLXJj4pRiEiLkYUEUlZd5wJLZg66nt5gfw5nHDDAo9VvZEHILtr2eF6iBx3Yn-T_LSfes6pMNiFFk0ekpXcDyp9hBtz_eVHLiLloOqfgGQ91XpiTd9qx_g--YiTgDAJI-JVRHTvGYNT61OdO3DOD7SlbG_BzPtqB8oU67HFVmPI6Um7HUpoQ82iLIkey7uM73z9lBU7a0EhvK3-om1WT0hYcj7v5qEaGCmViVj57vzEtHJ0nYcuRctZx3fndIxmocKY4j30AK4IyfYRaPKzDbahSEJxzOu6f9cNky_lAieTCb6s8DvAgGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8DswZ5p0Y4H0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0HeA1i-9H03YZF83negqWVk5cOZMiYkudDb9xv1TV1X470RvDuRbFZb0vJKsIau0GqTX1CMo9gQO7l2p29YSGmEqOwVxcgbVB6ByeHzOvPgFU2Sz__7NQSTergn8II7OtnYT4aM3lRGD4E7KIQCOo0QT1IPbVSb27FDPFcUKdqZWKxldNcbz-pn4NEjqfV00oUZY8aA-sJfYadIR7L4zKC9-rjTagddcK4x014oONE62b3TeAYx_adMxty0LepJxJOlmUrVaI5hJEVPplDaTZM-NMD2wi6RxrfNpeZc35hZyHCtd6Jwk3yIHtzA4jVsSCg07syBNZMq7Own_iXNkVxtk8Ulc4iQ5jcLu1wJNJgTmeSZG6E8xdEqR8VpZIPTOBVmA__SCe3y4_otZ-r1JEeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2WYjISZ1C26wiStbOesW--5-IUNA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:09 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 8E7E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gEAtwC6AAsSxfubE1LfGQ7f6y4rpg&u=%7CblmW%2B78xYvNkhjutpKRiURwKzKJC7DItMzuXhjAm6pQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ2hC4uILZowBu82gW3RQjlaCA8zLvbqJSJI_JvLXwEi_Pv9EjEa0_9fV8l4HQQ4doblKx8F-gi16YXtAnpL6EARASuKUoPu3W5BmUbg-UthZyfjpVKB99pYNG72EcQ2q1EKpYWBoyPdk3j2k5DxwwMf9NdyyfwgvqoB_R7vCsuXQFZb_ckER_v7ASc4JpBMvYwg_LJBpyHOigNi2SrBheXsN_2_mgBlbB6wBBxocBqPXpLXJj4pRiEiLkYUEUlZd5wJLZg66nt5gfw5nHDDAo9VvZEHILtr2eF6iBx3Yn-T_LSfes6pMNiFFk0ekpXcDyp9hBtz_eVHLiLloOqfgGQ91XpiTd9qx_g--YiTgDAJI-JVRHTvGYNT61OdO3DOD7SlbG_BzPtqB8oU67HFVmPI6Um7HUpoQ82iLIkey7uM73z9lBU7a0EhvK3-om1WT0hYcj7v5qEaGCmViVj57vzEtHJ0nYcuRctZx3fndIxmocKY4j30AK4IyfYRaPKzDbahSEJxzOu6f9cNky_lAieTCb6s8DvAgGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8DswZ5p0Y4H0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0HeA1i-9H03YZF83negqWVk5cOZMiYkudDb9xv1TV1X470RvDuRbFZb0vJKsIau0GqTX1CMo9gQO7l2p29YSGmEqOwVxcgbVB6ByeHzOvPgFU2Sz__7NQSTergn8II7OtnYT4aM3lRGD4E7KIQCOo0QT1IPbVSb27FDPFcUKdqZWKxldNcbz-pn4NEjqfV00oUZY8aA-sJfYadIR7L4zKC9-rjTagddcK4x014oONE62b3TeAYx_adMxty0LepJxJOlmUrVaI5hJEVPplDaTZM-NMD2wi6RxrfNpeZc35hZyHCtd6Jwk3yIHtzA4jVsSCg07syBNZMq7Own_iXNkVxtk8Ulc4iQ5jcLu1wJNJgTmeSZG6E8xdEqR8VpZIPTOBVmA__SCe3y4_otZ-r1JEeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2WYjISZ1C26wiStbOesW--5-IUNA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:09 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8E7E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gEAtwC6AAsSxfubE1LfGQ7f6y4rpg&u=%7CblmW%2B78xYvNkhjutpKRiURwKzKJC7DItMzuXhjAm6pQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ2hC4uILZowBu82gW3RQjlaCA8zLvbqJSJI_JvLXwEi_Pv9EjEa0_9fV8l4HQQ4doblKx8F-gi16YXtAnpL6EARASuKUoPu3W5BmUbg-UthZyfjpVKB99pYNG72EcQ2q1EKpYWBoyPdk3j2k5DxwwMf9NdyyfwgvqoB_R7vCsuXQFZb_ckER_v7ASc4JpBMvYwg_LJBpyHOigNi2SrBheXsN_2_mgBlbB6wBBxocBqPXpLXJj4pRiEiLkYUEUlZd5wJLZg66nt5gfw5nHDDAo9VvZEHILtr2eF6iBx3Yn-T_LSfes6pMNiFFk0ekpXcDyp9hBtz_eVHLiLloOqfgGQ91XpiTd9qx_g--YiTgDAJI-JVRHTvGYNT61OdO3DOD7SlbG_BzPtqB8oU67HFVmPI6Um7HUpoQ82iLIkey7uM73z9lBU7a0EhvK3-om1WT0hYcj7v5qEaGCmViVj57vzEtHJ0nYcuRctZx3fndIxmocKY4j30AK4IyfYRaPKzDbahSEJxzOu6f9cNky_lAieTCb6s8DvAgGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8DswZ5p0Y4H0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0HeA1i-9H03YZF83negqWVk5cOZMiYkudDb9xv1TV1X470RvDuRbFZb0vJKsIau0GqTX1CMo9gQO7l2p29YSGmEqOwVxcgbVB6ByeHzOvPgFU2Sz__7NQSTergn8II7OtnYT4aM3lRGD4E7KIQCOo0QT1IPbVSb27FDPFcUKdqZWKxldNcbz-pn4NEjqfV00oUZY8aA-sJfYadIR7L4zKC9-rjTagddcK4x014oONE62b3TeAYx_adMxty0LepJxJOlmUrVaI5hJEVPplDaTZM-NMD2wi6RxrfNpeZc35hZyHCtd6Jwk3yIHtzA4jVsSCg07syBNZMq7Own_iXNkVxtk8Ulc4iQ5jcLu1wJNJgTmeSZG6E8xdEqR8VpZIPTOBVmA__SCe3y4_otZ-r1JEeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2WYjISZ1C26wiStbOesW--5-IUNA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 11 Nov 2023 08:08:09 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 8E7E 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gEAtwC6AAsSxfubE1LfGQ7f6y4rpg&u=%7CblmW%2B78xYvNkhjutpKRiURwKzKJC7DItMzuXhjAm6pQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ2hC4uILZowBu82gW3RQjlaCA8zLvbqJSJI_JvLXwEi_Pv9EjEa0_9fV8l4HQQ4doblKx8F-gi16YXtAnpL6EARASuKUoPu3W5BmUbg-UthZyfjpVKB99pYNG72EcQ2q1EKpYWBoyPdk3j2k5DxwwMf9NdyyfwgvqoB_R7vCsuXQFZb_ckER_v7ASc4JpBMvYwg_LJBpyHOigNi2SrBheXsN_2_mgBlbB6wBBxocBqPXpLXJj4pRiEiLkYUEUlZd5wJLZg66nt5gfw5nHDDAo9VvZEHILtr2eF6iBx3Yn-T_LSfes6pMNiFFk0ekpXcDyp9hBtz_eVHLiLloOqfgGQ91XpiTd9qx_g--YiTgDAJI-JVRHTvGYNT61OdO3DOD7SlbG_BzPtqB8oU67HFVmPI6Um7HUpoQ82iLIkey7uM73z9lBU7a0EhvK3-om1WT0hYcj7v5qEaGCmViVj57vzEtHJ0nYcuRctZx3fndIxmocKY4j30AK4IyfYRaPKzDbahSEJxzOu6f9cNky_lAieTCb6s8DvAgGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8DswZ5p0Y4H0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0HeA1i-9H03YZF83negqWVk5cOZMiYkudDb9xv1TV1X470RvDuRbFZb0vJKsIau0GqTX1CMo9gQO7l2p29YSGmEqOwVxcgbVB6ByeHzOvPgFU2Sz__7NQSTergn8II7OtnYT4aM3lRGD4E7KIQCOo0QT1IPbVSb27FDPFcUKdqZWKxldNcbz-pn4NEjqfV00oUZY8aA-sJfYadIR7L4zKC9-rjTagddcK4x014oONE62b3TeAYx_adMxty0LepJxJOlmUrVaI5hJEVPplDaTZM-NMD2wi6RxrfNpeZc35hZyHCtd6Jwk3yIHtzA4jVsSCg07syBNZMq7Own_iXNkVxtk8Ulc4iQ5jcLu1wJNJgTmeSZG6E8xdEqR8VpZIPTOBVmA__SCe3y4_otZ-r1JEeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2WYjISZ1C26wiStbOesW--5-IUNA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 11 Nov 2023 08:08:09 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 8E7E 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=W_BPqjmL6mWA-AVkm3KuWvHIGhHwq15ouLHWsXWo4qkqAg92bsg83yTj3lI-fwmAi3lDTPJiGeE7qUa0Lqe4OGw30gS7-sbRJU6EEQk9pxuflzpUUh2cKQj4Kg7q_wWeHhgIQtjlMQwkxZOxBVxluCgUr7BFokchDMec5f4AGRlUGXmst2g4q6Jsw7U5ZsOyrfYBacZ7wASKzuENoDtVQvp0DueSoDrfT9cTUnNdBdMIx5o0hDihLlSXM8rArJtVh0qdrTqpTeVhDif42OnNAKIV3OzOfPcGs6gDA5aSVYBJj829CcF1tYp6YEjo0Aaef3hBTAgq4aij3MEy9OOOx9YR8lA8yRCbplX0wXhKwr-JAUFBeJu4eocIiOyrhQHFIBmMec5xu46Z-2xIMiVUA4mRbe2ZmusfGPkPpoqFNtmEc8oRL3lee5P2HsULjEuW-6ujMg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gEAtwC6AAsSxfubE1LfGQ7f6y4rpg&u=%7CblmW%2B78xYvNkhjutpKRiURwKzKJC7DItMzuXhjAm6pQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ2hC4uILZowBu82gW3RQjlaCA8zLvbqJSJI_JvLXwEi_Pv9EjEa0_9fV8l4HQQ4doblKx8F-gi16YXtAnpL6EARASuKUoPu3W5BmUbg-UthZyfjpVKB99pYNG72EcQ2q1EKpYWBoyPdk3j2k5DxwwMf9NdyyfwgvqoB_R7vCsuXQFZb_ckER_v7ASc4JpBMvYwg_LJBpyHOigNi2SrBheXsN_2_mgBlbB6wBBxocBqPXpLXJj4pRiEiLkYUEUlZd5wJLZg66nt5gfw5nHDDAo9VvZEHILtr2eF6iBx3Yn-T_LSfes6pMNiFFk0ekpXcDyp9hBtz_eVHLiLloOqfgGQ91XpiTd9qx_g--YiTgDAJI-JVRHTvGYNT61OdO3DOD7SlbG_BzPtqB8oU67HFVmPI6Um7HUpoQ82iLIkey7uM73z9lBU7a0EhvK3-om1WT0hYcj7v5qEaGCmViVj57vzEtHJ0nYcuRctZx3fndIxmocKY4j30AK4IyfYRaPKzDbahSEJxzOu6f9cNky_lAieTCb6s8DvAgGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8DswZ5p0Y4H0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0HeA1i-9H03YZF83negqWVk5cOZMiYkudDb9xv1TV1X470RvDuRbFZb0vJKsIau0GqTX1CMo9gQO7l2p29YSGmEqOwVxcgbVB6ByeHzOvPgFU2Sz__7NQSTergn8II7OtnYT4aM3lRGD4E7KIQCOo0QT1IPbVSb27FDPFcUKdqZWKxldNcbz-pn4NEjqfV00oUZY8aA-sJfYadIR7L4zKC9-rjTagddcK4x014oONE62b3TeAYx_adMxty0LepJxJOlmUrVaI5hJEVPplDaTZM-NMD2wi6RxrfNpeZc35hZyHCtd6Jwk3yIHtzA4jVsSCg07syBNZMq7Own_iXNkVxtk8Ulc4iQ5jcLu1wJNJgTmeSZG6E8xdEqR8VpZIPTOBVmA__SCe3y4_otZ-r1JEeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2WYjISZ1C26wiStbOesW--5-IUNA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2962425
expires
Mon, 26 Jul 1997 05:00:00 GMT
589fa18543d74401a7e1a7bbcfd58f8e_image_ad_300x250.jpeg
static.criteo.net/design/dt/99951/221025/ Frame 8E7E 		249 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/99951/221025/589fa18543d74401a7e1a7bbcfd58f8e_image_ad_300x250.jpeg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gEAtwC6AAsSxfubE1LfGQ7f6y4rpg&u=%7CblmW%2B78xYvNkhjutpKRiURwKzKJC7DItMzuXhjAm6pQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ2hC4uILZowBu82gW3RQjlaCA8zLvbqJSJI_JvLXwEi_Pv9EjEa0_9fV8l4HQQ4doblKx8F-gi16YXtAnpL6EARASuKUoPu3W5BmUbg-UthZyfjpVKB99pYNG72EcQ2q1EKpYWBoyPdk3j2k5DxwwMf9NdyyfwgvqoB_R7vCsuXQFZb_ckER_v7ASc4JpBMvYwg_LJBpyHOigNi2SrBheXsN_2_mgBlbB6wBBxocBqPXpLXJj4pRiEiLkYUEUlZd5wJLZg66nt5gfw5nHDDAo9VvZEHILtr2eF6iBx3Yn-T_LSfes6pMNiFFk0ekpXcDyp9hBtz_eVHLiLloOqfgGQ91XpiTd9qx_g--YiTgDAJI-JVRHTvGYNT61OdO3DOD7SlbG_BzPtqB8oU67HFVmPI6Um7HUpoQ82iLIkey7uM73z9lBU7a0EhvK3-om1WT0hYcj7v5qEaGCmViVj57vzEtHJ0nYcuRctZx3fndIxmocKY4j30AK4IyfYRaPKzDbahSEJxzOu6f9cNky_lAieTCb6s8DvAgGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8DswZ5p0Y4H0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0HeA1i-9H03YZF83negqWVk5cOZMiYkudDb9xv1TV1X470RvDuRbFZb0vJKsIau0GqTX1CMo9gQO7l2p29YSGmEqOwVxcgbVB6ByeHzOvPgFU2Sz__7NQSTergn8II7OtnYT4aM3lRGD4E7KIQCOo0QT1IPbVSb27FDPFcUKdqZWKxldNcbz-pn4NEjqfV00oUZY8aA-sJfYadIR7L4zKC9-rjTagddcK4x014oONE62b3TeAYx_adMxty0LepJxJOlmUrVaI5hJEVPplDaTZM-NMD2wi6RxrfNpeZc35hZyHCtd6Jwk3yIHtzA4jVsSCg07syBNZMq7Own_iXNkVxtk8Ulc4iQ5jcLu1wJNJgTmeSZG6E8xdEqR8VpZIPTOBVmA__SCe3y4_otZ-r1JEeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2WYjISZ1C26wiStbOesW--5-IUNA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
59137467b97878a05285b5b6ccb9a0e0d0b3453b550ddbb712b220a53e26fb5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 25 Oct 2022 22:30:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6358637d-3e208"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
254472
expires
Sat, 11 Nov 2023 08:08:09 GMT
all
csm.as.criteo.net/ Frame 8E7E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=SjBE9WfWJwwNOkB6FQRlUglBGVSGz2Ly4WMik9GaSVSyUBF2dv1Lcv74uz24uGIJfw3iswwtJ0HpXvTzlaSFok2Xctovnaxwu934zdaaisgHhpXIpwErcakxoPpIp9FhmRLyFix6i59-ZRbIu56whxR2PviFCWlqrYA1WtTknEmbVZPEmi4fo6ol5W9q6j4wvy7EGzxyoN4UIkNDCYUsr5sUcECy_S5UnQmC7122p0JRj1rgVsmGy737edbLL8imzc8-nQ&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gEAtwC6AAsSxfubE1LfGQ7f6y4rpg&u=%7CblmW%2B78xYvNkhjutpKRiURwKzKJC7DItMzuXhjAm6pQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ2hC4uILZowBu82gW3RQjlaCA8zLvbqJSJI_JvLXwEi_Pv9EjEa0_9fV8l4HQQ4doblKx8F-gi16YXtAnpL6EARASuKUoPu3W5BmUbg-UthZyfjpVKB99pYNG72EcQ2q1EKpYWBoyPdk3j2k5DxwwMf9NdyyfwgvqoB_R7vCsuXQFZb_ckER_v7ASc4JpBMvYwg_LJBpyHOigNi2SrBheXsN_2_mgBlbB6wBBxocBqPXpLXJj4pRiEiLkYUEUlZd5wJLZg66nt5gfw5nHDDAo9VvZEHILtr2eF6iBx3Yn-T_LSfes6pMNiFFk0ekpXcDyp9hBtz_eVHLiLloOqfgGQ91XpiTd9qx_g--YiTgDAJI-JVRHTvGYNT61OdO3DOD7SlbG_BzPtqB8oU67HFVmPI6Um7HUpoQ82iLIkey7uM73z9lBU7a0EhvK3-om1WT0hYcj7v5qEaGCmViVj57vzEtHJ0nYcuRctZx3fndIxmocKY4j30AK4IyfYRaPKzDbahSEJxzOu6f9cNky_lAieTCb6s8DvAgGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8DswZ5p0Y4H0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0HeA1i-9H03YZF83negqWVk5cOZMiYkudDb9xv1TV1X470RvDuRbFZb0vJKsIau0GqTX1CMo9gQO7l2p29YSGmEqOwVxcgbVB6ByeHzOvPgFU2Sz__7NQSTergn8II7OtnYT4aM3lRGD4E7KIQCOo0QT1IPbVSb27FDPFcUKdqZWKxldNcbz-pn4NEjqfV00oUZY8aA-sJfYadIR7L4zKC9-rjTagddcK4x014oONE62b3TeAYx_adMxty0LepJxJOlmUrVaI5hJEVPplDaTZM-NMD2wi6RxrfNpeZc35hZyHCtd6Jwk3yIHtzA4jVsSCg07syBNZMq7Own_iXNkVxtk8Ulc4iQ5jcLu1wJNJgTmeSZG6E8xdEqR8VpZIPTOBVmA__SCe3y4_otZ-r1JEeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2WYjISZ1C26wiStbOesW--5-IUNA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 16 Nov 2022 08:08:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8E7E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gEAtwC6AAsSxfubE1LfGQ7f6y4rpg&u=%7CblmW%2B78xYvNkhjutpKRiURwKzKJC7DItMzuXhjAm6pQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ2hC4uILZowBu82gW3RQjlaCA8zLvbqJSJI_JvLXwEi_Pv9EjEa0_9fV8l4HQQ4doblKx8F-gi16YXtAnpL6EARASuKUoPu3W5BmUbg-UthZyfjpVKB99pYNG72EcQ2q1EKpYWBoyPdk3j2k5DxwwMf9NdyyfwgvqoB_R7vCsuXQFZb_ckER_v7ASc4JpBMvYwg_LJBpyHOigNi2SrBheXsN_2_mgBlbB6wBBxocBqPXpLXJj4pRiEiLkYUEUlZd5wJLZg66nt5gfw5nHDDAo9VvZEHILtr2eF6iBx3Yn-T_LSfes6pMNiFFk0ekpXcDyp9hBtz_eVHLiLloOqfgGQ91XpiTd9qx_g--YiTgDAJI-JVRHTvGYNT61OdO3DOD7SlbG_BzPtqB8oU67HFVmPI6Um7HUpoQ82iLIkey7uM73z9lBU7a0EhvK3-om1WT0hYcj7v5qEaGCmViVj57vzEtHJ0nYcuRctZx3fndIxmocKY4j30AK4IyfYRaPKzDbahSEJxzOu6f9cNky_lAieTCb6s8DvAgGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8DswZ5p0Y4H0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0HeA1i-9H03YZF83negqWVk5cOZMiYkudDb9xv1TV1X470RvDuRbFZb0vJKsIau0GqTX1CMo9gQO7l2p29YSGmEqOwVxcgbVB6ByeHzOvPgFU2Sz__7NQSTergn8II7OtnYT4aM3lRGD4E7KIQCOo0QT1IPbVSb27FDPFcUKdqZWKxldNcbz-pn4NEjqfV00oUZY8aA-sJfYadIR7L4zKC9-rjTagddcK4x014oONE62b3TeAYx_adMxty0LepJxJOlmUrVaI5hJEVPplDaTZM-NMD2wi6RxrfNpeZc35hZyHCtd6Jwk3yIHtzA4jVsSCg07syBNZMq7Own_iXNkVxtk8Ulc4iQ5jcLu1wJNJgTmeSZG6E8xdEqR8VpZIPTOBVmA__SCe3y4_otZ-r1JEeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2WYjISZ1C26wiStbOesW--5-IUNA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:10 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8E7E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gEAtwC6AAsSxfubE1LfGQ7f6y4rpg&u=%7CblmW%2B78xYvNkhjutpKRiURwKzKJC7DItMzuXhjAm6pQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ2hC4uILZowBu82gW3RQjlaCA8zLvbqJSJI_JvLXwEi_Pv9EjEa0_9fV8l4HQQ4doblKx8F-gi16YXtAnpL6EARASuKUoPu3W5BmUbg-UthZyfjpVKB99pYNG72EcQ2q1EKpYWBoyPdk3j2k5DxwwMf9NdyyfwgvqoB_R7vCsuXQFZb_ckER_v7ASc4JpBMvYwg_LJBpyHOigNi2SrBheXsN_2_mgBlbB6wBBxocBqPXpLXJj4pRiEiLkYUEUlZd5wJLZg66nt5gfw5nHDDAo9VvZEHILtr2eF6iBx3Yn-T_LSfes6pMNiFFk0ekpXcDyp9hBtz_eVHLiLloOqfgGQ91XpiTd9qx_g--YiTgDAJI-JVRHTvGYNT61OdO3DOD7SlbG_BzPtqB8oU67HFVmPI6Um7HUpoQ82iLIkey7uM73z9lBU7a0EhvK3-om1WT0hYcj7v5qEaGCmViVj57vzEtHJ0nYcuRctZx3fndIxmocKY4j30AK4IyfYRaPKzDbahSEJxzOu6f9cNky_lAieTCb6s8DvAgGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8DswZ5p0Y4H0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0HeA1i-9H03YZF83negqWVk5cOZMiYkudDb9xv1TV1X470RvDuRbFZb0vJKsIau0GqTX1CMo9gQO7l2p29YSGmEqOwVxcgbVB6ByeHzOvPgFU2Sz__7NQSTergn8II7OtnYT4aM3lRGD4E7KIQCOo0QT1IPbVSb27FDPFcUKdqZWKxldNcbz-pn4NEjqfV00oUZY8aA-sJfYadIR7L4zKC9-rjTagddcK4x014oONE62b3TeAYx_adMxty0LepJxJOlmUrVaI5hJEVPplDaTZM-NMD2wi6RxrfNpeZc35hZyHCtd6Jwk3yIHtzA4jVsSCg07syBNZMq7Own_iXNkVxtk8Ulc4iQ5jcLu1wJNJgTmeSZG6E8xdEqR8VpZIPTOBVmA__SCe3y4_otZ-r1JEeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2WYjISZ1C26wiStbOesW--5-IUNA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:10 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame DA9D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gMAtwC6AAsSxaYFdrm8_yLTpTZ4sA&u=%7CblmW%2B78xYvNAZpfMoUi1BFqHroYVOEuwtsurV78kMoI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zHjxxn8QOSnCLs94eSnhCcxkqZtjNT8J_YrFxmMU_QqiIRqflQukMcO9O313gJ0njLAq173viBnuE4Mj4T0dE_k4mjCCWYvwxZjcklq86-BRkIuwrN11ZfSdKQn7RaXCMITkPk4UNZNRWTjq1R78I7Da2j2rQLgYSfpjez6aZWZvPuzqlgm6xZsxVI4qEBQPS3FJcGtNu4P8iwSvD2A_7Or644swb-us3Yg6MpA7DnYbD-5zqyx_S74zLnk3l13pF3QKgIEZnxDq19QTP4jLlE5dzvn-lmgivTQH0PtwfrAAdB4CHp1sJIvqlm0Z2-X6NAkFqbiIzy170ptkG-61husG7e7dS7H70eo4ilg1JigJ3jf_QmZ6NiYKvj6Et6tC5Towyn3R9HPV2eG46Q2ZPa4LYC9Rilovrs8dwuML5lu34SndOYn8Gckian0JBrsc5QG9iJzodDofOEVcwxZmmvSHfFHsDx8NwKP52LZnwHZcM7lNP9E7sA8weBCn-ifRQjPsaWs725xzxnf6qV4w4NbRiyEGIdtWufVUFlMbVwQKkhpaknQwCE0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt6dZ5p0Y4P0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0EESNkteSCRvuU18a-qFkAvEoeMAJ2LjBZE2uenJ-YckC4rX91kjLDrP1cYqoQljhZAeMlGaXoKV1BJVOmLv4xZyabv9ERZGrV3sVJkvWxYidtuT8c2Iwk1W9EX0iIj0wn8svMoW8TomkVaTv_3oIv9K40zyYo0loJ3A3AHPjNz0yNs1f91ixvpPYVWplARzog8slXtIj8Ih0lhNx3G8PkrEdPboCVJnF80y9SQNzQZ1U-yKm9SL-WhACp_wocGhRmfxSTGjbCSFbhrPvbLCWa095jSQVXXx2QBQnN6L95G7Ls77-uMdO_tY5GWjKTg0ikqeZituz4HNgsOXPyiuMSuFGWHsP6sNl42IJueilpTnBk1N76H6wVRWT8zpDkHxU4vBjgKmmxkgAjN1MCXnFeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3RUFt0DMfVnw_MjWinYwqxf_CptQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:10 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame DA9D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gMAtwC6AAsSxaYFdrm8_yLTpTZ4sA&u=%7CblmW%2B78xYvNAZpfMoUi1BFqHroYVOEuwtsurV78kMoI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zHjxxn8QOSnCLs94eSnhCcxkqZtjNT8J_YrFxmMU_QqiIRqflQukMcO9O313gJ0njLAq173viBnuE4Mj4T0dE_k4mjCCWYvwxZjcklq86-BRkIuwrN11ZfSdKQn7RaXCMITkPk4UNZNRWTjq1R78I7Da2j2rQLgYSfpjez6aZWZvPuzqlgm6xZsxVI4qEBQPS3FJcGtNu4P8iwSvD2A_7Or644swb-us3Yg6MpA7DnYbD-5zqyx_S74zLnk3l13pF3QKgIEZnxDq19QTP4jLlE5dzvn-lmgivTQH0PtwfrAAdB4CHp1sJIvqlm0Z2-X6NAkFqbiIzy170ptkG-61husG7e7dS7H70eo4ilg1JigJ3jf_QmZ6NiYKvj6Et6tC5Towyn3R9HPV2eG46Q2ZPa4LYC9Rilovrs8dwuML5lu34SndOYn8Gckian0JBrsc5QG9iJzodDofOEVcwxZmmvSHfFHsDx8NwKP52LZnwHZcM7lNP9E7sA8weBCn-ifRQjPsaWs725xzxnf6qV4w4NbRiyEGIdtWufVUFlMbVwQKkhpaknQwCE0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt6dZ5p0Y4P0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0EESNkteSCRvuU18a-qFkAvEoeMAJ2LjBZE2uenJ-YckC4rX91kjLDrP1cYqoQljhZAeMlGaXoKV1BJVOmLv4xZyabv9ERZGrV3sVJkvWxYidtuT8c2Iwk1W9EX0iIj0wn8svMoW8TomkVaTv_3oIv9K40zyYo0loJ3A3AHPjNz0yNs1f91ixvpPYVWplARzog8slXtIj8Ih0lhNx3G8PkrEdPboCVJnF80y9SQNzQZ1U-yKm9SL-WhACp_wocGhRmfxSTGjbCSFbhrPvbLCWa095jSQVXXx2QBQnN6L95G7Ls77-uMdO_tY5GWjKTg0ikqeZituz4HNgsOXPyiuMSuFGWHsP6sNl42IJueilpTnBk1N76H6wVRWT8zpDkHxU4vBjgKmmxkgAjN1MCXnFeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3RUFt0DMfVnw_MjWinYwqxf_CptQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:10 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DA9D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gMAtwC6AAsSxaYFdrm8_yLTpTZ4sA&u=%7CblmW%2B78xYvNAZpfMoUi1BFqHroYVOEuwtsurV78kMoI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zHjxxn8QOSnCLs94eSnhCcxkqZtjNT8J_YrFxmMU_QqiIRqflQukMcO9O313gJ0njLAq173viBnuE4Mj4T0dE_k4mjCCWYvwxZjcklq86-BRkIuwrN11ZfSdKQn7RaXCMITkPk4UNZNRWTjq1R78I7Da2j2rQLgYSfpjez6aZWZvPuzqlgm6xZsxVI4qEBQPS3FJcGtNu4P8iwSvD2A_7Or644swb-us3Yg6MpA7DnYbD-5zqyx_S74zLnk3l13pF3QKgIEZnxDq19QTP4jLlE5dzvn-lmgivTQH0PtwfrAAdB4CHp1sJIvqlm0Z2-X6NAkFqbiIzy170ptkG-61husG7e7dS7H70eo4ilg1JigJ3jf_QmZ6NiYKvj6Et6tC5Towyn3R9HPV2eG46Q2ZPa4LYC9Rilovrs8dwuML5lu34SndOYn8Gckian0JBrsc5QG9iJzodDofOEVcwxZmmvSHfFHsDx8NwKP52LZnwHZcM7lNP9E7sA8weBCn-ifRQjPsaWs725xzxnf6qV4w4NbRiyEGIdtWufVUFlMbVwQKkhpaknQwCE0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt6dZ5p0Y4P0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0EESNkteSCRvuU18a-qFkAvEoeMAJ2LjBZE2uenJ-YckC4rX91kjLDrP1cYqoQljhZAeMlGaXoKV1BJVOmLv4xZyabv9ERZGrV3sVJkvWxYidtuT8c2Iwk1W9EX0iIj0wn8svMoW8TomkVaTv_3oIv9K40zyYo0loJ3A3AHPjNz0yNs1f91ixvpPYVWplARzog8slXtIj8Ih0lhNx3G8PkrEdPboCVJnF80y9SQNzQZ1U-yKm9SL-WhACp_wocGhRmfxSTGjbCSFbhrPvbLCWa095jSQVXXx2QBQnN6L95G7Ls77-uMdO_tY5GWjKTg0ikqeZituz4HNgsOXPyiuMSuFGWHsP6sNl42IJueilpTnBk1N76H6wVRWT8zpDkHxU4vBjgKmmxkgAjN1MCXnFeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3RUFt0DMfVnw_MjWinYwqxf_CptQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 11 Nov 2023 08:08:10 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame DA9D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gMAtwC6AAsSxaYFdrm8_yLTpTZ4sA&u=%7CblmW%2B78xYvNAZpfMoUi1BFqHroYVOEuwtsurV78kMoI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zHjxxn8QOSnCLs94eSnhCcxkqZtjNT8J_YrFxmMU_QqiIRqflQukMcO9O313gJ0njLAq173viBnuE4Mj4T0dE_k4mjCCWYvwxZjcklq86-BRkIuwrN11ZfSdKQn7RaXCMITkPk4UNZNRWTjq1R78I7Da2j2rQLgYSfpjez6aZWZvPuzqlgm6xZsxVI4qEBQPS3FJcGtNu4P8iwSvD2A_7Or644swb-us3Yg6MpA7DnYbD-5zqyx_S74zLnk3l13pF3QKgIEZnxDq19QTP4jLlE5dzvn-lmgivTQH0PtwfrAAdB4CHp1sJIvqlm0Z2-X6NAkFqbiIzy170ptkG-61husG7e7dS7H70eo4ilg1JigJ3jf_QmZ6NiYKvj6Et6tC5Towyn3R9HPV2eG46Q2ZPa4LYC9Rilovrs8dwuML5lu34SndOYn8Gckian0JBrsc5QG9iJzodDofOEVcwxZmmvSHfFHsDx8NwKP52LZnwHZcM7lNP9E7sA8weBCn-ifRQjPsaWs725xzxnf6qV4w4NbRiyEGIdtWufVUFlMbVwQKkhpaknQwCE0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt6dZ5p0Y4P0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0EESNkteSCRvuU18a-qFkAvEoeMAJ2LjBZE2uenJ-YckC4rX91kjLDrP1cYqoQljhZAeMlGaXoKV1BJVOmLv4xZyabv9ERZGrV3sVJkvWxYidtuT8c2Iwk1W9EX0iIj0wn8svMoW8TomkVaTv_3oIv9K40zyYo0loJ3A3AHPjNz0yNs1f91ixvpPYVWplARzog8slXtIj8Ih0lhNx3G8PkrEdPboCVJnF80y9SQNzQZ1U-yKm9SL-WhACp_wocGhRmfxSTGjbCSFbhrPvbLCWa095jSQVXXx2QBQnN6L95G7Ls77-uMdO_tY5GWjKTg0ikqeZituz4HNgsOXPyiuMSuFGWHsP6sNl42IJueilpTnBk1N76H6wVRWT8zpDkHxU4vBjgKmmxkgAjN1MCXnFeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3RUFt0DMfVnw_MjWinYwqxf_CptQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 11 Nov 2023 08:08:10 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame DA9D 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=vyE1VACpRbeiqdUhLpbMzaRfvMCdG5nFM9bgC-qbRgESg_4ObKd7vVnWviMtSsW0DwUpu5990vHJxhRKUrIQwzv8T3B8CZT1mIYW4JTtIUHdqR-XrZj2dXdGy7xoT7NYf7ws3Em4Wkt89XkdiSgToypJDTQhwPTEFhlQsXKogWj30qdp11tITBdYA1EfL548_1OFddRdA6iXFHLuYPjBID4USvCnqWnjN2O6yYuukbtWSjbmHukyIh_wjkHdP6VMseGnOGcbW5JvOBdLWJYHsqchQzEPdWJSuHnJFEFTQyTGdS4RQ81Qs6pMv6377qyp5g7p8z3i47HnomPk-odpEn-wlJsut-hAnDNJFRERbpgNyMNoX34nsW_PY_-mdOq0FJjCU6bLUnQe1vkGDApBRfx7y5qQLtFMt0MC1BPNuMG5Yydxi1pVMuS76XHtPF75eHMfxQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gMAtwC6AAsSxaYFdrm8_yLTpTZ4sA&u=%7CblmW%2B78xYvNAZpfMoUi1BFqHroYVOEuwtsurV78kMoI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zHjxxn8QOSnCLs94eSnhCcxkqZtjNT8J_YrFxmMU_QqiIRqflQukMcO9O313gJ0njLAq173viBnuE4Mj4T0dE_k4mjCCWYvwxZjcklq86-BRkIuwrN11ZfSdKQn7RaXCMITkPk4UNZNRWTjq1R78I7Da2j2rQLgYSfpjez6aZWZvPuzqlgm6xZsxVI4qEBQPS3FJcGtNu4P8iwSvD2A_7Or644swb-us3Yg6MpA7DnYbD-5zqyx_S74zLnk3l13pF3QKgIEZnxDq19QTP4jLlE5dzvn-lmgivTQH0PtwfrAAdB4CHp1sJIvqlm0Z2-X6NAkFqbiIzy170ptkG-61husG7e7dS7H70eo4ilg1JigJ3jf_QmZ6NiYKvj6Et6tC5Towyn3R9HPV2eG46Q2ZPa4LYC9Rilovrs8dwuML5lu34SndOYn8Gckian0JBrsc5QG9iJzodDofOEVcwxZmmvSHfFHsDx8NwKP52LZnwHZcM7lNP9E7sA8weBCn-ifRQjPsaWs725xzxnf6qV4w4NbRiyEGIdtWufVUFlMbVwQKkhpaknQwCE0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt6dZ5p0Y4P0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0EESNkteSCRvuU18a-qFkAvEoeMAJ2LjBZE2uenJ-YckC4rX91kjLDrP1cYqoQljhZAeMlGaXoKV1BJVOmLv4xZyabv9ERZGrV3sVJkvWxYidtuT8c2Iwk1W9EX0iIj0wn8svMoW8TomkVaTv_3oIv9K40zyYo0loJ3A3AHPjNz0yNs1f91ixvpPYVWplARzog8slXtIj8Ih0lhNx3G8PkrEdPboCVJnF80y9SQNzQZ1U-yKm9SL-WhACp_wocGhRmfxSTGjbCSFbhrPvbLCWa095jSQVXXx2QBQnN6L95G7Ls77-uMdO_tY5GWjKTg0ikqeZituz4HNgsOXPyiuMSuFGWHsP6sNl42IJueilpTnBk1N76H6wVRWT8zpDkHxU4vBjgKmmxkgAjN1MCXnFeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3RUFt0DMfVnw_MjWinYwqxf_CptQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2872995
expires
Mon, 26 Jul 1997 05:00:00 GMT
6e98b2cfec6c4c9dbc2e5a5d5913cb7d_image_ad_120x600.jpeg
static.criteo.net/design/dt/99951/221025/ Frame DA9D 		244 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/99951/221025/6e98b2cfec6c4c9dbc2e5a5d5913cb7d_image_ad_120x600.jpeg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gMAtwC6AAsSxaYFdrm8_yLTpTZ4sA&u=%7CblmW%2B78xYvNAZpfMoUi1BFqHroYVOEuwtsurV78kMoI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zHjxxn8QOSnCLs94eSnhCcxkqZtjNT8J_YrFxmMU_QqiIRqflQukMcO9O313gJ0njLAq173viBnuE4Mj4T0dE_k4mjCCWYvwxZjcklq86-BRkIuwrN11ZfSdKQn7RaXCMITkPk4UNZNRWTjq1R78I7Da2j2rQLgYSfpjez6aZWZvPuzqlgm6xZsxVI4qEBQPS3FJcGtNu4P8iwSvD2A_7Or644swb-us3Yg6MpA7DnYbD-5zqyx_S74zLnk3l13pF3QKgIEZnxDq19QTP4jLlE5dzvn-lmgivTQH0PtwfrAAdB4CHp1sJIvqlm0Z2-X6NAkFqbiIzy170ptkG-61husG7e7dS7H70eo4ilg1JigJ3jf_QmZ6NiYKvj6Et6tC5Towyn3R9HPV2eG46Q2ZPa4LYC9Rilovrs8dwuML5lu34SndOYn8Gckian0JBrsc5QG9iJzodDofOEVcwxZmmvSHfFHsDx8NwKP52LZnwHZcM7lNP9E7sA8weBCn-ifRQjPsaWs725xzxnf6qV4w4NbRiyEGIdtWufVUFlMbVwQKkhpaknQwCE0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt6dZ5p0Y4P0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0EESNkteSCRvuU18a-qFkAvEoeMAJ2LjBZE2uenJ-YckC4rX91kjLDrP1cYqoQljhZAeMlGaXoKV1BJVOmLv4xZyabv9ERZGrV3sVJkvWxYidtuT8c2Iwk1W9EX0iIj0wn8svMoW8TomkVaTv_3oIv9K40zyYo0loJ3A3AHPjNz0yNs1f91ixvpPYVWplARzog8slXtIj8Ih0lhNx3G8PkrEdPboCVJnF80y9SQNzQZ1U-yKm9SL-WhACp_wocGhRmfxSTGjbCSFbhrPvbLCWa095jSQVXXx2QBQnN6L95G7Ls77-uMdO_tY5GWjKTg0ikqeZituz4HNgsOXPyiuMSuFGWHsP6sNl42IJueilpTnBk1N76H6wVRWT8zpDkHxU4vBjgKmmxkgAjN1MCXnFeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3RUFt0DMfVnw_MjWinYwqxf_CptQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
d9cf1bdc04ec9e82f94d73bc3841aa4dbd39309e1f7f647b7b01108eaad00c24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 25 Oct 2022 22:30:20 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6358637c-3cfdf"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
249823
expires
Sat, 11 Nov 2023 08:08:10 GMT
all
csm.as.criteo.net/ Frame DA9D 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=Z3mAUWfWJwwNOkB6qKkvfqopOHvTVcRvFQ4Tl2uoWXPu4IC8g8BnJqea2mnuyZ-36obVA80zscUrnkwt2C8dKFbcDOpTu-NilldDGr2rsZDZfTOL4e3uGFhUYfo2TVpkLiQalaFhrV0c6S2yV_ODcKzYpGmxPsvZVPbCiL4Gja7I4MpSfZCUcfDMwSgKa0jTDFjBNrOVNnKcE0cEYCNlinKklyLR4WZPF8tye4e_V8UfYAa0JUnvLitMIr_qhvSG7b_kTxJdJK7skR4L&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gMAtwC6AAsSxaYFdrm8_yLTpTZ4sA&u=%7CblmW%2B78xYvNAZpfMoUi1BFqHroYVOEuwtsurV78kMoI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zHjxxn8QOSnCLs94eSnhCcxkqZtjNT8J_YrFxmMU_QqiIRqflQukMcO9O313gJ0njLAq173viBnuE4Mj4T0dE_k4mjCCWYvwxZjcklq86-BRkIuwrN11ZfSdKQn7RaXCMITkPk4UNZNRWTjq1R78I7Da2j2rQLgYSfpjez6aZWZvPuzqlgm6xZsxVI4qEBQPS3FJcGtNu4P8iwSvD2A_7Or644swb-us3Yg6MpA7DnYbD-5zqyx_S74zLnk3l13pF3QKgIEZnxDq19QTP4jLlE5dzvn-lmgivTQH0PtwfrAAdB4CHp1sJIvqlm0Z2-X6NAkFqbiIzy170ptkG-61husG7e7dS7H70eo4ilg1JigJ3jf_QmZ6NiYKvj6Et6tC5Towyn3R9HPV2eG46Q2ZPa4LYC9Rilovrs8dwuML5lu34SndOYn8Gckian0JBrsc5QG9iJzodDofOEVcwxZmmvSHfFHsDx8NwKP52LZnwHZcM7lNP9E7sA8weBCn-ifRQjPsaWs725xzxnf6qV4w4NbRiyEGIdtWufVUFlMbVwQKkhpaknQwCE0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt6dZ5p0Y4P0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0EESNkteSCRvuU18a-qFkAvEoeMAJ2LjBZE2uenJ-YckC4rX91kjLDrP1cYqoQljhZAeMlGaXoKV1BJVOmLv4xZyabv9ERZGrV3sVJkvWxYidtuT8c2Iwk1W9EX0iIj0wn8svMoW8TomkVaTv_3oIv9K40zyYo0loJ3A3AHPjNz0yNs1f91ixvpPYVWplARzog8slXtIj8Ih0lhNx3G8PkrEdPboCVJnF80y9SQNzQZ1U-yKm9SL-WhACp_wocGhRmfxSTGjbCSFbhrPvbLCWa095jSQVXXx2QBQnN6L95G7Ls77-uMdO_tY5GWjKTg0ikqeZituz4HNgsOXPyiuMSuFGWHsP6sNl42IJueilpTnBk1N76H6wVRWT8zpDkHxU4vBjgKmmxkgAjN1MCXnFeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3RUFt0DMfVnw_MjWinYwqxf_CptQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 16 Nov 2022 08:08:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DA9D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gMAtwC6AAsSxaYFdrm8_yLTpTZ4sA&u=%7CblmW%2B78xYvNAZpfMoUi1BFqHroYVOEuwtsurV78kMoI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zHjxxn8QOSnCLs94eSnhCcxkqZtjNT8J_YrFxmMU_QqiIRqflQukMcO9O313gJ0njLAq173viBnuE4Mj4T0dE_k4mjCCWYvwxZjcklq86-BRkIuwrN11ZfSdKQn7RaXCMITkPk4UNZNRWTjq1R78I7Da2j2rQLgYSfpjez6aZWZvPuzqlgm6xZsxVI4qEBQPS3FJcGtNu4P8iwSvD2A_7Or644swb-us3Yg6MpA7DnYbD-5zqyx_S74zLnk3l13pF3QKgIEZnxDq19QTP4jLlE5dzvn-lmgivTQH0PtwfrAAdB4CHp1sJIvqlm0Z2-X6NAkFqbiIzy170ptkG-61husG7e7dS7H70eo4ilg1JigJ3jf_QmZ6NiYKvj6Et6tC5Towyn3R9HPV2eG46Q2ZPa4LYC9Rilovrs8dwuML5lu34SndOYn8Gckian0JBrsc5QG9iJzodDofOEVcwxZmmvSHfFHsDx8NwKP52LZnwHZcM7lNP9E7sA8weBCn-ifRQjPsaWs725xzxnf6qV4w4NbRiyEGIdtWufVUFlMbVwQKkhpaknQwCE0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt6dZ5p0Y4P0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0EESNkteSCRvuU18a-qFkAvEoeMAJ2LjBZE2uenJ-YckC4rX91kjLDrP1cYqoQljhZAeMlGaXoKV1BJVOmLv4xZyabv9ERZGrV3sVJkvWxYidtuT8c2Iwk1W9EX0iIj0wn8svMoW8TomkVaTv_3oIv9K40zyYo0loJ3A3AHPjNz0yNs1f91ixvpPYVWplARzog8slXtIj8Ih0lhNx3G8PkrEdPboCVJnF80y9SQNzQZ1U-yKm9SL-WhACp_wocGhRmfxSTGjbCSFbhrPvbLCWa095jSQVXXx2QBQnN6L95G7Ls77-uMdO_tY5GWjKTg0ikqeZituz4HNgsOXPyiuMSuFGWHsP6sNl42IJueilpTnBk1N76H6wVRWT8zpDkHxU4vBjgKmmxkgAjN1MCXnFeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3RUFt0DMfVnw_MjWinYwqxf_CptQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:10 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DA9D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gMAtwC6AAsSxaYFdrm8_yLTpTZ4sA&u=%7CblmW%2B78xYvNAZpfMoUi1BFqHroYVOEuwtsurV78kMoI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zHjxxn8QOSnCLs94eSnhCcxkqZtjNT8J_YrFxmMU_QqiIRqflQukMcO9O313gJ0njLAq173viBnuE4Mj4T0dE_k4mjCCWYvwxZjcklq86-BRkIuwrN11ZfSdKQn7RaXCMITkPk4UNZNRWTjq1R78I7Da2j2rQLgYSfpjez6aZWZvPuzqlgm6xZsxVI4qEBQPS3FJcGtNu4P8iwSvD2A_7Or644swb-us3Yg6MpA7DnYbD-5zqyx_S74zLnk3l13pF3QKgIEZnxDq19QTP4jLlE5dzvn-lmgivTQH0PtwfrAAdB4CHp1sJIvqlm0Z2-X6NAkFqbiIzy170ptkG-61husG7e7dS7H70eo4ilg1JigJ3jf_QmZ6NiYKvj6Et6tC5Towyn3R9HPV2eG46Q2ZPa4LYC9Rilovrs8dwuML5lu34SndOYn8Gckian0JBrsc5QG9iJzodDofOEVcwxZmmvSHfFHsDx8NwKP52LZnwHZcM7lNP9E7sA8weBCn-ifRQjPsaWs725xzxnf6qV4w4NbRiyEGIdtWufVUFlMbVwQKkhpaknQwCE0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt6dZ5p0Y4P0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0EESNkteSCRvuU18a-qFkAvEoeMAJ2LjBZE2uenJ-YckC4rX91kjLDrP1cYqoQljhZAeMlGaXoKV1BJVOmLv4xZyabv9ERZGrV3sVJkvWxYidtuT8c2Iwk1W9EX0iIj0wn8svMoW8TomkVaTv_3oIv9K40zyYo0loJ3A3AHPjNz0yNs1f91ixvpPYVWplARzog8slXtIj8Ih0lhNx3G8PkrEdPboCVJnF80y9SQNzQZ1U-yKm9SL-WhACp_wocGhRmfxSTGjbCSFbhrPvbLCWa095jSQVXXx2QBQnN6L95G7Ls77-uMdO_tY5GWjKTg0ikqeZituz4HNgsOXPyiuMSuFGWHsP6sNl42IJueilpTnBk1N76H6wVRWT8zpDkHxU4vBjgKmmxkgAjN1MCXnFeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3RUFt0DMfVnw_MjWinYwqxf_CptQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Nov 2023 08:08:10 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C6DD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUDuzyjlxjBbvHReRfTjUuq2oSRLXVuIHPWiNhU5RDBJH3zW0li0IFn_yqJMPpRb1VMkWhnTQdasZ3edd4MN7GgKBv5PAtHVldg4aItPNgu-TbEQocL0ksgEBQTnwpZz_Znktsi1Ou-r7aGIR3V1cNXtVDcf_cbg&sai=AMfl-YQsO_173jHa68h683T60gx7okYRTm9nQsrSNboxCbG5wEFWZIwVFN4928z1h-RlVx2D28xtkkiwSq9mtN4FbySnZJYKyLcfZdZK4hAQQTqaYamx1Egh0rLxJ2ZQEQ&sig=Cg0ArKJSzLRZUw71hn8KEAE&cid=CAQSOwDq26N9e7kwnrDjKao8ReaTr7qS-UbSxWSzp_sF-8DIHUkqmbbM_BEgaNp8cYnCPXMcvpr4X24f69p_GAEgEw&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1006&mtos=0,0,1006,1006,1006&tos=0,0,1006,0,0&tfs=755&tls=1761&g=100&h=100&tt=1761&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 9592 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=c34pjmfWJwwNOkB6epXwuuGRiIkTEB-2Kro2DxrLOjTvcq-goa8GdYNjOAv8ZZjgF7pHtsAmuWv3xviMPFnGDl4jR21jFmtWwXAud0UtzdiK1X_eSIELNu5WnZ2S9TZuJOfNSaOABPStypvFIr27EDmTQz4XBKPv01M13HyhE3PJWuQM1C55Bv8H6CoWKcBown_ho7YEimjiZAhZBAY-fGMfMF64qNLapStxKvyLNaHFKjf5FG_OZRaia9h0NUPIDOZz--viPtmdxOq_&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaaAABzHQAtwXmAAiBqqtNWPCza_pntPmsng&u=%7CblmW%2B78xYvPawCxrpeal7UTb09aAfF9iI%2Fs1zCHTEag%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ_tIQWD71p_2W1r8IqVsJs-X3wyLFBDZ6KMSsjCGnrGc31W2HJq0Sdca2sN42hnwg8xDTJ_SxgyVB5G6ScC75IvqzQCH_Glt1yX0I5wRll4BHkvNu_9FcDbH1gclZOc8w5mqWkmXHEsOqpGG5S4nzkO4FPTXkAvzrKASyrP-ub5nPqDUPsVvFsYG1T8BY7swzp0ainFahwY2llACrbCchusi1Jr186aq36da4XH7vo1dFRR1UNgi-67vyJ1HPtEnNUUWkSa-UQe7XuwNzcBuapuSNy9pWa9jpCBMgUuwwnoyi8QRoDRtf7gqHm9oBVF21TVPcGZCwTMC7AOaBX7ZSTzijXkdfXz_BxY2xyTdTOu40cTfA45r8t4h0_-pBs6hF8d9YhYGjrzbkWB39Fg6dgu_5-UjpqyK9hjTGqTDH5hTFGgeIEnmbwotSax1mugqwxSC6_-_PIPm3VvS1TvRMc5BVZThem4WtnWljXprgAtplUMsbC4JHjnUsULBBZjbwjqBQ_V9DfGy9Z9hq2EE5ngsMsRm7Wptrg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOJwgaJp0Y_SYB-aL3LUPqoOiwAGY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoErAJP0LEKsYusBraWHVbla6Ndk_UN9ds7QNOqKPxCW8-w7igLPXXW1ERoR09mN3I3I-1qPPo5AmMHAZIiqAZwOqZG6CGsMuPVd6uwYEnUZMxkkqaq7D6bmwPzX3wS7iYLrLnRSwkOsEglrD5oHRVgOBLjtk_UI4gnFcjTJmVRMQWAs3cBk8kQSSJY8LiWMB8NlixubnZL-HYnOrHMHBqOeCZ5yCRwnDvGTNQXgRAl6vH7hnAGzMkLYIPSkyEon7sQpYx4Y3ZHXMDVG-WacFeGZLPvPlRMP9dAE-L96jKdzjVHydfPy31u7J22qzQImLheTar9hjtSmuE04ZqalCTQUGdGf0BLt5oPT4DP_0UNumdjwKOksY5dryfVMMWjSx3HqsbnVJTD5F1GP_7kAF6ABvmh7dS30vndYqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0jUKfOYsExZtq831yQ7aQzggYRUg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 16 Nov 2022 08:08:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 16 Nov 2022 08:08:10 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
234108
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		338 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
21e4d3688c0f8a04bf486c0f8784fe3f61b6a790f1a868a0ef2c4d62b60e6c16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1528927
expires
0
rid
match.adsrvr.org/track/ 		108 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
f0b6324bb1feefa8f0b28804f8333511a5e869501ae7b4ef23ab434f1a2d6c54

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 16 Dec 2022 08:08:11 GMT
sync.html
public.servenobid.com/ Frame F73C 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-9.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55240e190af93c329c339c44aef4e37701f7cac83c65df0afb7e801b7eead39f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
56325
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 15 Nov 2022 16:29:27 GMT
etag
W/"02a59c9399d935f64b331e61178d2c9f"
last-modified
Mon, 14 Nov 2022 16:28:27 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cf82d48fdf484813132bbd9c90904672.cloudfront.net (CloudFront)
x-amz-cf-id
lyJFlt-5xsltpd28DkFTYGqglcn8c6AgGSqvVAM2hvodDCvKCYIERw==
x-amz-cf-pop
CDG52-P2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:9114884f-60db-4078-afb1-cde242f68696
x-amz-meta-codebuild-content-md5
3d437d58b8bd54e8a0e378e97cd0e39f
x-amz-meta-codebuild-content-sha256
85fe75fc3aebfc86893a7760fc0ac12e3ff269743874600311aae7eb8917fccd
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9869 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
12347
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 16 Nov 2022 08:08:11 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
30, 16626
X-Served-By
cache-lga13626-LGA, cache-mel11263-MEL
X-Timer
S1668586091.192262,VS0,VE0
sync
eb2.3lift.com/ Frame AD8C 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
235946cd53b32786a30d9e9374386897bf27827dfbbad252dac649e05d68e992

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1143
content-type
text/html; charset=utf-8
date
Wed, 16 Nov 2022 08:08:10 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 9944 		533 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5883eb7fe40b1f46934ef7d8d954ae66d71278ff1d476c5cf85d2ef9d09a35fd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
326
content-type
text/html
date
Wed, 16 Nov 2022 08:08:10 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame E850 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1668586086626
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
9a021ddf0a5dc3c01fe8d8af486917580010c5121f17a3f9666269b13ba27eba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1372
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 2132 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Nov 2022 08:08:11 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame DF62 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
20707f9920bfce99c4dcc27ec009acd915ead8b82684371ad28f00f8d691b474
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11837
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 08:08:11 GMT
expires
Fri, 18 Nov 2022 08:08:11 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame A073 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
661
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
76aebcbd6fb6eeaa-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 08:08:11 GMT
expires
Wed, 16 Nov 2022 12:08:11 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
all
csm.as.criteo.net/ Frame 8E7E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=SjBE9WfWJwwNOkB6FQRlUglBGVSGz2Ly4WMik9GaSVSyUBF2dv1Lcv74uz24uGIJfw3iswwtJ0HpXvTzlaSFok2Xctovnaxwu934zdaaisgHhpXIpwErcakxoPpIp9FhmRLyFix6i59-ZRbIu56whxR2PviFCWlqrYA1WtTknEmbVZPEmi4fo6ol5W9q6j4wvy7EGzxyoN4UIkNDCYUsr5sUcECy_S5UnQmC7122p0JRj1rgVsmGy737edbLL8imzc8-nQ&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gEAtwC6AAsSxfubE1LfGQ7f6y4rpg&u=%7CblmW%2B78xYvNkhjutpKRiURwKzKJC7DItMzuXhjAm6pQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHC6Wf8FnTZ7gOMNfHgBeUfxX0ozAy-WGZ2hC4uILZowBu82gW3RQjlaCA8zLvbqJSJI_JvLXwEi_Pv9EjEa0_9fV8l4HQQ4doblKx8F-gi16YXtAnpL6EARASuKUoPu3W5BmUbg-UthZyfjpVKB99pYNG72EcQ2q1EKpYWBoyPdk3j2k5DxwwMf9NdyyfwgvqoB_R7vCsuXQFZb_ckER_v7ASc4JpBMvYwg_LJBpyHOigNi2SrBheXsN_2_mgBlbB6wBBxocBqPXpLXJj4pRiEiLkYUEUlZd5wJLZg66nt5gfw5nHDDAo9VvZEHILtr2eF6iBx3Yn-T_LSfes6pMNiFFk0ekpXcDyp9hBtz_eVHLiLloOqfgGQ91XpiTd9qx_g--YiTgDAJI-JVRHTvGYNT61OdO3DOD7SlbG_BzPtqB8oU67HFVmPI6Um7HUpoQ82iLIkey7uM73z9lBU7a0EhvK3-om1WT0hYcj7v5qEaGCmViVj57vzEtHJ0nYcuRctZx3fndIxmocKY4j30AK4IyfYRaPKzDbahSEJxzOu6f9cNky_lAieTCb6s8DvAgGQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8DswZ5p0Y4H0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0HeA1i-9H03YZF83negqWVk5cOZMiYkudDb9xv1TV1X470RvDuRbFZb0vJKsIau0GqTX1CMo9gQO7l2p29YSGmEqOwVxcgbVB6ByeHzOvPgFU2Sz__7NQSTergn8II7OtnYT4aM3lRGD4E7KIQCOo0QT1IPbVSb27FDPFcUKdqZWKxldNcbz-pn4NEjqfV00oUZY8aA-sJfYadIR7L4zKC9-rjTagddcK4x014oONE62b3TeAYx_adMxty0LepJxJOlmUrVaI5hJEVPplDaTZM-NMD2wi6RxrfNpeZc35hZyHCtd6Jwk3yIHtzA4jVsSCg07syBNZMq7Own_iXNkVxtk8Ulc4iQ5jcLu1wJNJgTmeSZG6E8xdEqR8VpZIPTOBVmA__SCe3y4_otZ-r1JEeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2WYjISZ1C26wiStbOesW--5-IUNA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 16 Nov 2022 08:08:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2064 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
90a951e4e6f51ca091aa6bc4caac831ad00b4a9d281998875b350115837b69e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12498
x-xss-protection
0
all
csm.as.criteo.net/ Frame DA9D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=Z3mAUWfWJwwNOkB6qKkvfqopOHvTVcRvFQ4Tl2uoWXPu4IC8g8BnJqea2mnuyZ-36obVA80zscUrnkwt2C8dKFbcDOpTu-NilldDGr2rsZDZfTOL4e3uGFhUYfo2TVpkLiQalaFhrV0c6S2yV_ODcKzYpGmxPsvZVPbCiL4Gja7I4MpSfZCUcfDMwSgKa0jTDFjBNrOVNnKcE0cEYCNlinKklyLR4WZPF8tye4e_V8UfYAa0JUnvLitMIr_qhvSG7b_kTxJdJK7skR4L&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3SaZwAO-gMAtwC6AAsSxaYFdrm8_yLTpTZ4sA&u=%7CblmW%2B78xYvNAZpfMoUi1BFqHroYVOEuwtsurV78kMoI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOItschJng31zHjxxn8QOSnCLs94eSnhCcxkqZtjNT8J_YrFxmMU_QqiIRqflQukMcO9O313gJ0njLAq173viBnuE4Mj4T0dE_k4mjCCWYvwxZjcklq86-BRkIuwrN11ZfSdKQn7RaXCMITkPk4UNZNRWTjq1R78I7Da2j2rQLgYSfpjez6aZWZvPuzqlgm6xZsxVI4qEBQPS3FJcGtNu4P8iwSvD2A_7Or644swb-us3Yg6MpA7DnYbD-5zqyx_S74zLnk3l13pF3QKgIEZnxDq19QTP4jLlE5dzvn-lmgivTQH0PtwfrAAdB4CHp1sJIvqlm0Z2-X6NAkFqbiIzy170ptkG-61husG7e7dS7H70eo4ilg1JigJ3jf_QmZ6NiYKvj6Et6tC5Towyn3R9HPV2eG46Q2ZPa4LYC9Rilovrs8dwuML5lu34SndOYn8Gckian0JBrsc5QG9iJzodDofOEVcwxZmmvSHfFHsDx8NwKP52LZnwHZcM7lNP9E7sA8weBCn-ifRQjPsaWs725xzxnf6qV4w4NbRiyEGIdtWufVUFlMbVwQKkhpaknQwCE0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwt6dZ5p0Y4P0O7qB3LUPxaWs8A-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLbGiioZ7emPuACAKgDAaoEsQJP0EESNkteSCRvuU18a-qFkAvEoeMAJ2LjBZE2uenJ-YckC4rX91kjLDrP1cYqoQljhZAeMlGaXoKV1BJVOmLv4xZyabv9ERZGrV3sVJkvWxYidtuT8c2Iwk1W9EX0iIj0wn8svMoW8TomkVaTv_3oIv9K40zyYo0loJ3A3AHPjNz0yNs1f91ixvpPYVWplARzog8slXtIj8Ih0lhNx3G8PkrEdPboCVJnF80y9SQNzQZ1U-yKm9SL-WhACp_wocGhRmfxSTGjbCSFbhrPvbLCWa095jSQVXXx2QBQnN6L95G7Ls77-uMdO_tY5GWjKTg0ikqeZituz4HNgsOXPyiuMSuFGWHsP6sNl42IJueilpTnBk1N76H6wVRWT8zpDkHxU4vBjgKmmxkgAjN1MCXnFeAEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3RUFt0DMfVnw_MjWinYwqxf_CptQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 16 Nov 2022 08:08:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 934B 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
508576136d24e6571949b7e4c353ed7854dcad76560628cd5ce53975098104ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12436
x-xss-protection
0
xuid
eb2.3lift.com/ Frame AD8C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&dongle=0cfd
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 16 Nov 2022 08:08:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame AD8C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODUwODYyNDQ0MzA4MDAxNjk2OTM4
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame AD8C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL-Bt44mOa1FGTptp8Nn0oc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL-Bt44mOa1FGTptp8Nn0oc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 16 Nov 2022 08:08:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL-Bt44mOa1FGTptp8Nn0oc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AD8C
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODUwODYyNDQ0MzA4MDAxNjk2OTM4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODUwODYyNDQ0MzA4MDAxNjk2OTM4
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODUwODYyNDQ0MzA4MDAxNjk2OTM4
date
Wed, 16 Nov 2022 08:08:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame AD8C
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=850862444308001696938&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=850862444308001696938&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=cfc39a69-2e78-488f-9d27-119bd8c83ff0&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=cfc39a69-2e78-488f-9d27-119bd8c83ff0&_noobservation=1&_expected_cookie=7766d5f...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=cfc39a69-2e78-488f-9d27-119bd8c83ff0&_noobservation=1&_expected_cookie=7766d5f5557dedda9c7814cb041f3d56
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.99.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Wed, 16 Nov 2022 08:08:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76aebcc77b02a83d-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=cfc39a69-2e78-488f-9d27-119bd8c83ff0&_noobservation=1&_expected_cookie=7766d5f5557dedda9c7814cb041f3d56
date
Wed, 16 Nov 2022 08:08:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76aebcc5f978a83d-SYD
content-length
0
xuid
eb2.3lift.com/ Frame AD8C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=850862444308001696938&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=1782628806885734110&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=652bab48-9cce-4cc9-a1c8-5d71394c1333&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=652bab48-9cce-4cc9-a1c8-5d71394c1333&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 16 Nov 2022 08:08:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=652bab48-9cce-4cc9-a1c8-5d71394c1333&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 16 Nov 2022 08:08:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame AD8C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/850862444308001696938?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-xEFAw1dE2oSyw.JELsn2N7wPkOUJBGbdfYVMGKPcWg--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-xEFAw1dE2oSyw.JELsn2N7wPkOUJBGbdfYVMGKPcWg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 16 Nov 2022 08:08:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 16 Nov 2022 08:08:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-xEFAw1dE2oSyw.JELsn2N7wPkOUJBGbdfYVMGKPcWg--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame AD8C
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=850862444308001696938
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=850862444308001696938&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=850862444308001696938&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NHXMH8P39WV47CHGRN0Y
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=850862444308001696938&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame AD8C 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=850862444308001696938&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:10 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 25970D63954E479787BBBCA0F7F2AF87 Ref B: SYD03EDGE0918 Ref C: 2022-11-16T08:08:11Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame AD8C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6748777306024888295&dongle=4d58&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6748777306024888295&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 16 Nov 2022 08:08:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:11 GMT
AN-X-Request-Uuid
41da8a53-d988-4135-8c3b-96ac0aba0d25
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=6748777306024888295&dongle=4d58&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9944
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2809913597948024367&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2809913597948024367&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2809913597948024367&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 9944
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=a9bf5b01-24e7-7434-f509-f0c2c99ee1ce&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&ttd_puid=a9bf5b01-24e7-7434-f509-f0c2c99ee1ce&gdpr=0&gdpr_consent=
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&ttd_puid=a9bf5b01-24e7-7434-f509-f0c2c99ee1ce&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&ttd_puid=a9bf5b01-24e7-7434-f509-f0c2c99ee1ce&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 9944
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y3SaacCo5sIAAEp3HzsAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y3SaacCo5sIAAEp3HzsAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 16 Nov 2022 08:08:11 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":52,"gdpr":false,"ipv4":"116.90.74.197","key":"Y3SaacCo5sIAAEp3HzsAAAAA","privacy_sensitive":false,"uid":"Y3SaacCo5sIAAEp3HzsAAAAA","upstream_id":"m-ad180"}
X-SO-Key
Y3SaacCo5sIAAEp3HzsAAAAA
X-SO-Upstream-ID
m-ad180
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad180.dc4p.scaleout.jp
X-SO-UID
Y3SaacCo5sIAAEp3HzsAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
116.90.74.197
X-SO-Cluster-ID
52
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y3SaacCo5sIAAEp3HzsAAAAA
Cache-Control
private
X-SO-Ads-Time
4
X-SO-LB-Hostname
a-tgng40004.dc2p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame 9944
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUjA00bx_gxcks8ADv76RCfT_88AAAGEf3s2Yg
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUjA00bx_gxcks8ADv76RCfT_88AAAGEf3s2Yg
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
via
1.1 57441ee201b6bfb8ff8be48f8e002574.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AUjA00bx_gxcks8ADv76RCfT_88AAAGEf3s2Yg
cache-control
no-cache
content-length
0
x-amz-cf-id
MTv2TFptgELD5TKwvqkUkFI12y0kt3DE9em9fSQWd--y5rcuuqh4yA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9944 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODVkMDg4Y2ItZWQ5MC0yYTkwLWUwZTktYWE3YjAzN2MyZmFl
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9944
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJnTYJEpldFPxqcir41oiEs&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJnTYJEpldFPxqcir41oiEs&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJnTYJEpldFPxqcir41oiEs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2064 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 08:08:11 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2F98
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96e01b7b57816c274e0c47f5194dc6ec81291a15c11ffe624c439085ceaad3de

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76aebcc3e81aa7ef-SYD
content-encoding
br
content-type
text/html
date
Wed, 16 Nov 2022 08:08:12 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wg5IlDOOka0QHuX9qQn4e%2FixPPLCC9FpbrbMv2r5tdy5CD2%2B9da9FdpMBdsN4NXwu6xXq%2B10VpjlT64f%2BCXjQU7OAjBZFyt8GxgKH%2F2cXnIrjyjLDaBma7UiTMES68mBEBmeC%2F2tV%2FSx%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76aebcc15814dfa7-SYD
content-length
0
date
Wed, 16 Nov 2022 08:08:11 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2w4Vz9HCe0KKoBD8WNDmUezTmZJpSSDlTJheuqEq9HO8IdOWCQar5B8Ezvj2B7364sCJtvT%2FfPehanFNW8VNhj7CEHeXFrfYCScjWXTrggv67ZNDewx5%2BF9S7KEGsSOYQgu4uUxWrm5AGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 9869 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:11 GMT
AN-X-Request-Uuid
d0618885-f39a-487a-b918-6b21f5bb37dd
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 934B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 08:08:11 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F345 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssY13IjJ8jss6IMPgiMxIYfseGwjJTJv6LJ9TsuA8wMastg-IretkRQt3oQOuhIIoB9ZRvEPVeCwbVHzSmYkuymFyuT&sig=Cg0ArKJSzKg_-u3yoaXYEAE&cid=CAASFeRow-I4_j_BHmj7mGjjQ12_ruoHQA&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668586088584&rpt=1725&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 204B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5t51uMNa-gTugng-NczRPGujb9nIH3uDgicXmBlSu2bfZyCvGtNP6b6nh7e1sLMQgLiaUtPXiFfyrguccW-8udfEq&sig=Cg0ArKJSzLMriZa9QI0REAE&cid=CAASFeRo9Qd_mjfvX0MhzT1lJd5CN6dsPw&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2844491747&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668586088620&rpt=1663&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2ED3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrrNJVg1frlljo994qXDv40FV4wjY9yj3dn9J34xOdpSkb1Zvomlmkbf3J5emByGy8nAH3LYV_rP_9o06VgXkHyQNf&sig=Cg0ArKJSzKLZzYPBG_WtEAE&cid=CAASFeRoRNb2vIc7CgYdKba93v7RH8408Q&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668586088556&rpt=1975&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 2132 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
89f2d25bf8e6781eeefcc2d75034007dd82c0cf52a8294ec7df4713fbea13362

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 08:08:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Nov 2022 23:46:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56257
Connection
keep-alive
Content-Length
10066
Expires
Wed, 16 Nov 2022 23:45:48 GMT
/
onetag-sys.com/match/ Frame E850
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=914f6374-9a69-4800-af7f-7b69775be572&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=914f6374-9a69-4800-af7f-7b69775be572&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668586086626
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 16 Nov 2022 08:08:11 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x24 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=914f6374-9a69-4800-af7f-7b69775be572&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Nov 2022 08:08:10 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame E850 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668586086626
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame E850
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6748777306024888295
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6748777306024888295
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668586086626
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:11 GMT
AN-X-Request-Uuid
e79f5b93-4321-45bb-b1c1-113959234697
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6748777306024888295
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame E850 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=4Q3y85IQEyickX8-nwWKFamey6f6C3B_d5P-bygmNjs
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668586086626
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame E850
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhH97NX0Bg_7I2-WK0UaoSu2RiaseuLc-zw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhH97NX0Bg_7I2-WK0UaoSu2RiaseuLc-zw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668586086626
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhH97NX0Bg_7I2-WK0UaoSu2RiaseuLc-zw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame E850 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668586086626
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:12 GMT
content-length
0
/
onetag-sys.com/match/ Frame E850
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCOy00psGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668586086626
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Wed, 16 Nov 2022 08:08:12 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame E850
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=5F5ALdvNJl9fsn1wttvRbLvgek8DIbMWg2MLdIWfmVg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=5F5ALdvNJl9fsn1wttvRbLvgek8DIbMWg2MLdIWfmVg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668586086626
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N5JBSTP42J8PT59AXPMF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=5F5ALdvNJl9fsn1wttvRbLvgek8DIbMWg2MLdIWfmVg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame E850 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668586086626
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:12 GMT
content-length
0
/
onetag-sys.com/match/ Frame E850
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDKk8FDKKHa7yBNkVk-xC68&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDKk8FDKKHa7yBNkVk-xC68&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668586086626
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDKk8FDKKHa7yBNkVk-xC68&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame E850 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668586086626
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame E850
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668586086626
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame E850 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668586086626
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 08:08:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
gum.criteo.com/ Frame DF62 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
358253
expires
60
usync.html
eus.rubiconproject.com/ Frame 8926
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Nov 2022 08:08:12 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 16 Nov 2022 08:08:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 46AB
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Drkt%26refUrl%3D%26vid%3D858609170831158769174437420...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3115876917443742000V10&type=rkt&refUrl=&vid=85860917083115876917443742000V10&ovsid=1977432090496657568
219 B
652 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3115876917443742000V10&type=rkt&refUrl=&vid=85860917083115876917443742000V10&ovsid=1977432090496657568
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Wed, 16 Nov 2022 08:08:13 GMT
expires
Wed, 16 Nov 2022 08:08:13 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Wed, 16 Nov 2022 08:08:12 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3115876917443742000V10&type=rkt&refUrl=&vid=85860917083115876917443742000V10&ovsid=1977432090496657568
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 54D9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Dpba%26refUrl%3D%26vid%3D85860917083115876917443742000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=68822
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 08:08:12 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 17 Nov 2022 03:15:14 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame DF62
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Dapx%26refUrl%3D%26vid%3D85860917083115876917443742000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3115876917443742000V10&type=apx&refUrl=&vid=85860917083115876917443742000V10&ovsid=6748777306024888295
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3115876917443742000V10&type=apx&refUrl=&vid=85860917083115876917443742000V10&ovsid=6748777306024888295
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 16 Nov 2022 08:08:12 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 16 Nov 2022 08:08:12 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:12 GMT
AN-X-Request-Uuid
30234250-0351-4663-8b72-4880e3324c7d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3115876917443742000V10&type=apx&refUrl=&vid=85860917083115876917443742000V10&ovsid=6748777306024888295
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame DF62
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3115876917443742...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3115876917443742000V10&type=opx&refUrl=&vid=85860917083115876917443742000V10&ovsid=6193329e-8fe7-4ed4-9646-8eac7b717312
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3115876917443742000V10&type=opx&refUrl=&vid=85860917083115876917443742000V10&ovsid=6193329e-8fe7-4ed4-9646-8eac7b717312
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 16 Nov 2022 08:08:12 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Wed, 16 Nov 2022 08:08:12 GMT

Redirect headers

date
Wed, 16 Nov 2022 08:08:11 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3115876917443742000V10&type=opx&refUrl=&vid=85860917083115876917443742000V10&ovsid=6193329e-8fe7-4ed4-9646-8eac7b717312
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame DF62
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Dmma%26refUrl%3D%26vid%3D858609170831158769174437...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3115876917443742000V10&type=mma&refUrl=&vid=85860917083115876917443742000V10&ovsid=914f6374-9a69-4800-af7f-7b69775be572
45 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3115876917443742000V10&type=mma&refUrl=&vid=85860917083115876917443742000V10&ovsid=914f6374-9a69-4800-af7f-7b69775be572
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 16 Nov 2022 08:08:12 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 16 Nov 2022 08:08:12 GMT

Redirect headers

Date
Wed, 16 Nov 2022 08:08:11 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x5 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3115876917443742000V10&type=mma&refUrl=&vid=85860917083115876917443742000V10&ovsid=914f6374-9a69-4800-af7f-7b69775be572
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Nov 2022 08:08:10 GMT
RX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004
sync.targeting.unrulymedia.com/csync/ Frame DF62
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Dr1%26refUrl%3D%26vid%3D85860917083115876917...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Dr1%26refUrl%3D%26vid%3D85860917083115...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6302193893
  • https://sync.1rx.io/usersync/tradedesk/a305cbb0-ee0e-46fb-b1a3-d86687548c2e
  • https://sync.targeting.unrulymedia.com/csync/RX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004
0
0
cksync
cs.media.net/ Frame DF62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzExNTg3NjkxNzQ0Mzc0MjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEt_yULbAZP9i7lK0yGemUc&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEt_yULbAZP9i7lK0yGemUc&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:12 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Wed, 16 Nov 2022 08:08:12 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEEt_yULbAZP9i7lK0yGemUc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame DF62
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Ddxu%26refUrl%3D%26vid%3D85860917083115876917443...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Ddxu%26refUrl%3D%26vid%3D85860917083115876...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3115876917443742000V10&type=dxu&refUrl=&vid=85860917083115876917443742000V10&ovsid=7pBKhEm51OVdsU5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3115876917443742000V10&type=dxu&refUrl=&vid=85860917083115876917443742000V10&ovsid=7pBKhEm51OVdsU5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 16 Nov 2022 08:08:13 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 16 Nov 2022 08:08:13 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:11 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0f40721276a047f1b@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3115876917443742000V10&type=dxu&refUrl=&vid=85860917083115876917443742000V10&ovsid=7pBKhEm51OVdsU5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame DF62 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:11 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
252392
expires
Wed, 16 Nov 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame DF62
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=652bab48-9cce-4cc9-a1c8-5d71394c1333&google_hm=NjUyYmFiNDgtOWNjZS00Y2M5LWExYzgtNWQ3MTM5NGMxMzMz
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIGJeeGwUT3-qYLpLjq6tsQ&google_cver=1&ssp=medianet&bsw_param=652bab48-9cce-4cc9-a1c8-5d71394c1333
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=652bab48-9cce-4cc9-a1c8-5d71394c1333&gdpr=&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=652bab48-9cce-4cc9-a1c8-5d71394c1333&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 16 Nov 2022 08:08:13 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 16 Nov 2022 08:08:13 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=652bab48-9cce-4cc9-a1c8-5d71394c1333&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 16 Nov 2022 08:08:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame DF62
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Dzem%26refUrl%3D%26vid%3D85860917083115876917443742...
  • https://stags.bluekai.com/site/23178?id=37ufWjzIITdMYdG91-gM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJTG52WMV3KPJEUSVDEJVMWIRZZGEWWO...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=37ufWjzIITdMYdG91-gM&refUrl=&type=zem&vid=85860917083115876917443742000V10&vsid=3115876917443742000V10
0
0
sync
rtb.mfadsrvr.com/ Frame DF62 		0
0
um
cs.emxdgt.com/ Frame DF62 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Demx%26refUrl%3D%26vid%3D85860917083115876917443742000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.238.86 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame DF62
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:12 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Wed, 16 Nov 2022 08:08:12 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7AA0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
80969
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 09:38:42 GMT
expires
Wed, 15 Nov 2023 09:38:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C165 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f104.1e100.net
Software
GSE /
Resource Hash
d997fe7132448a6852bb71a30154f20600919be2635ea5f75b9ccf2722c30e2a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FfjqcUYkco4L_Jo60vgXxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-FfjqcUYkco4L_Jo60vgXxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:11 GMT
expires
Wed, 16 Nov 2022 08:08:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C0A4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
80969
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 09:38:42 GMT
expires
Wed, 15 Nov 2023 09:38:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 45E1 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f104.1e100.net
Software
GSE /
Resource Hash
e9c17d5c68c3f5dcce8afebe510ae4c7de3ecfafaed4617eca4ee3b01d8666c0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--nHKZ_5Bfv2JdT8PAkxc-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce--nHKZ_5Bfv2JdT8PAkxc-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:11 GMT
expires
Wed, 16 Nov 2022 08:08:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 45E1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3790493250117055&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame C165 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=4213802077170865&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 7AA0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 04:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
271310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Nov 2023 04:46:22 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame C0A4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 04:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
271310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Nov 2023 04:46:22 GMT
ecm3
s.amazon-adsystem.com/ Frame 2132
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=V0ANedu8SimUwubjpPpCTQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V0ANedu8SimUwubjpPpCTQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V0ANedu8SimUwubjpPpCTQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3XZ8C78HEWSFFRNW72WY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V0ANedu8SimUwubjpPpCTQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 2132
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKRDJPOEYtMjItTTlJVw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKRDJPOEYtMjItTTlJVw==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFKRDJPOEYtMjItTTlJVw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2132
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIOPLYFqPqNgfT68EDAfu7E&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIOPLYFqPqNgfT68EDAfu7E&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIOPLYFqPqNgfT68EDAfu7E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 2132
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=&expires=30
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
setuid
px.ads.linkedin.com/ Frame 2132
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAJD2O8F-22-M9IW
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAJD2O8F-22-M9IW
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: BE61DA7261664BCFA282CBE51F4F0E6A Ref B: SYD03EDGE1411 Ref C: 2022-11-16T08:08:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtkflcqqK0/yrYkFsSsw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAJD2O8F-22-M9IW
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 2132
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDYzZTk5MWJkNDdlMDhjODE1ZDAyYjZlZjFiZDlkNmNhMDg1MDA3ZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDYzZTk5MWJkNDdlMDhjODE1ZDAyYjZlZjFiZDlkNmNhMDg1MDA3ZQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDYzZTk5MWJkNDdlMDhjODE1ZDAyYjZlZjFiZDlkNmNhMDg1MDA3ZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2132
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/1ew6hE_bNeIEyQdw2tm6_cn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5435956436937066325
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5435956436937066325
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 16 Nov 2022 08:08:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5435956436937066325
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2132
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
0
0
13926
g2.gumgum.com/usync/ Frame B189 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.73.78.161 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-78-161.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
751502514b4e1c5430b219edd586c8834bb17bfb42a6d780e78deab6da68fbbb

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 16 Nov 2022 08:08:12 GMT
etag
W/"0a5c7b2c5856ae9648f4f94eb3bcffb00"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 34E0 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
8a95d8e5eef4f82f55f3b81fde9efcc42a824b2df26435ebffb9242796fa3576
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1395
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame B9C3 		743 B
993 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
8478418d94b0505befafa231e64faf85d57197802ed303c677bafa0046fbf988

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
743
content-type
text/html
date
Wed, 16 Nov 2022 08:08:12 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 33B8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
587699d319ba902488fbadcf1bcadf78c821fc5c1266a234af41be6469b4e7e1

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76aebcc40851a7ef-SYD
content-encoding
br
content-type
text/html
date
Wed, 16 Nov 2022 08:08:12 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAFHlUeHBsilChw2hRZCKizbrkwph78GT0OgN5Aa%2FNRse2XA7IIyR6Gez9Ugd1kn2lNjcUcdwGi%2FTU5vfXs2SFDXm5PnKLJsdUOMZ3zg7ARw9LEzcXWlitfVxuVhzQoouSJkUF9%2BrSZVHg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame EFBB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Nov 2022 08:08:12 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 16 Nov 2022 08:08:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8C0A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=68822
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 08:08:12 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 17 Nov 2022 03:15:14 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 0020 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-40.sin2.r.cloudfront.net
Software
/
Resource Hash
edeec4bb88bbd406844580f1be7a835362552d4122b6a8141bd16fd78ca8d0c4

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Wed, 16 Nov 2022 08:08:12 GMT
via
1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
x-amz-cf-id
C2p7LauktLLxS8p_fXZadBWtgVewXtZxglIZ9Nm9bJz8AOTO0XyQkA==
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
sync
ads.servenobid.com/ Frame F73C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=6748777306024888295
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=6748777306024888295
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:12 GMT
AN-X-Request-Uuid
5fbd8d68-5354-4acf-949b-a394a96b9d78
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=6748777306024888295
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame F73C
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FqOoCRZH3JG7ifdJRGaA2WiG
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FqOoCRZH3JG7ifdJRGaA2WiG
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FqOoCRZH3JG7ifdJRGaA2WiG
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame F73C
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FqOoCRZH3JG7ifdJRGaA2WiG
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FqOoCRZH3JG7ifdJRGaA2WiG
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Wed, 16 Nov 2022 08:08:13 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FqOoCRZH3JG7ifdJRGaA2WiG
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
RX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004
sync.targeting.unrulymedia.com/csync/ Frame F73C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1668586092543
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=593116797
  • https://sync.1rx.io/usersync/tradedesk/a305cbb0-ee0e-46fb-b1a3-d86687548c2e
  • https://sync.targeting.unrulymedia.com/csync/RX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004
0
0
sync
ads.servenobid.com/ Frame F73C
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=2018808912878082124
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=2018808912878082124
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=2018808912878082124
Date
Wed, 16 Nov 2022 08:08:12 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame F73C 		0
0
getuid
eb2.3lift.com/ Frame F73C
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F34449%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dfe1107db-7394-4f0e-ab1c-cfe84ec1bbba%26bidder%3Dtripleli...
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F34449%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dfe1107db-7394-4f0e-ab1c-cfe84ec1bbba%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F34449%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dfe1107db-7394-4f0e-ab1c-cfe84ec1bbba%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
date
Wed, 16 Nov 2022 08:08:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame F73C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A
date
Wed, 16 Nov 2022 08:08:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
redirectuser
ssp.disqus.com/ Frame F73C 		0
0
sync
ads.servenobid.com/ Frame F73C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A
date
Wed, 16 Nov 2022 08:08:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
async_usersync
ib.adnxs.com/ Frame 9869 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:12 GMT
AN-X-Request-Uuid
5bd648f3-f1a9-4c58-8f62-a33a76bc0b07
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2F98
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&expiration=1671178093&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&expiration=1671178093&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&expiration=1671178093&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 2F98
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3Saa33QhgtoJZ4KQlomnwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHZgZKNaEKEJBtc6VhSBpik&google_cver=1
0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 2F98
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENvYvX3LJafRrcmWAYSEZ9w&google_cver=1
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENvYvX3LJafRrcmWAYSEZ9w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0y0zv%2B1tJlnImUz1cN1azE5bNEgyBO8xRxF1lWBQo6ct7PMGqnz605B07fb%2F%2BArPBjqHgs%2FALjJN%2BreyUSMfyBGtPLMX49MdjvzHePnnNy6Q%2BQsK9PuCp9HlUFeh1aWNKVH%2BV18yJhy0qA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76aebcc77d4ea7ef-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENvYvX3LJafRrcmWAYSEZ9w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 2F98
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QDG26GCWY2JFDTPD854X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
511T039WXK995MZ7QJDW
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2F98 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.232.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-232-172.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
indexexchange
sync.adotmob.com/cookie/ Frame 2F98 		0
0
demconf.jpg
dpm.demdex.net/ Frame 2F98
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3Saa33QhgtoJZ4KQlomnwAA%264729?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y3Saa33QhgtoJZ4KQlomnwAA%264729
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y3Saa33QhgtoJZ4KQlomnwAA%264729
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
54.200.135.41 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0deece84a.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
aZbWJ5XvRIY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v041-007d5d85f.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
3sgp0xNAR80=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y3Saa33QhgtoJZ4KQlomnwAA%264729
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum.casalemedia.com/ Frame 2F98
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6748777306024888295
43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6748777306024888295
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GP7hvfAKcIrhzhr11jX%2FflbBIxqBX%2Fco5K7zLt3WR6J6SDa%2FpgRUYj5%2BOYM95LyDH2BnlAA6jYbzRjN%2BecjlwX7w5o%2BbOWdXakcp%2FVkXHTyAEQGULDsGIOZ1F%2F8Usn4g1vR%2BQVu4"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76aebcc9ebdbaaea-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:12 GMT
AN-X-Request-Uuid
453527c6-9d61-4d0f-aa60-2c531ae72676
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6748777306024888295
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 2F98 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y3Saa33QhgtoJZ4KQlomnwAA%264729
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:12 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
33990
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76aebcc8ebc0fb8c-AKL
content-length
43
expires
Thu, 17 Nov 2022 08:08:12 GMT
crum
dsum-sec.casalemedia.com/ Frame 33B8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6748777306024888295
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6748777306024888295
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:12 GMT
AN-X-Request-Uuid
ff8ce2f2-4d62-440d-9128-3658cd6782e1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6748777306024888295
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 33B8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2809913597948024367
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2809913597948024367
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2809913597948024367
pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 33B8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y3SabAAAARgOjQA7
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3SabAAAARgOjQA7&_test=Y3SabAAAARgOjQA7
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3SabAAAARgOjQA7&_test=Y3SabAAAARgOjQA7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-mel11229-MEL
pragma
no-cache
date
Wed, 16 Nov 2022 08:08:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668586093.179324,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3SabAAAARgOjQA7&_test=Y3SabAAAARgOjQA7
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 33B8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
54.254.232.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-232-172.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB
date
Wed, 16 Nov 2022 08:08:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 33B8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&expiration=1671178093&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&expiration=1671178093&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&expiration=1671178093&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 33B8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3Saa33QhgtoJZ4KQlomnwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHZgZKNaEKEJBtc6VhSBpik&google_cver=1
0
0
crum
dsum-sec.casalemedia.com/ Frame 33B8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=37ufWjzIITdMYdG91-gM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2MZXOVTFO...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=37ufWjzIITdMYdG91-gM
0
0
crum
dsum-sec.casalemedia.com/ Frame 33B8
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=12fk59hweldx
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=12fk59hweldx
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

lws
224
date
Wed, 16 Nov 2022 08:08:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
accept-encoding
utf-8
time-ms
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=12fk59hweldx
cache-control
no-cache, no-store
content-length
0
sync
ads.servenobid.com/ Frame 33B8 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y3Saa33QhgtoJZ4KQlomnwAAEnkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 7AA0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mHcoYA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 8C0A 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33418807&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
445cb6574f217336c5164f5c3b24b319c6c5d600b4a0c67af2537f4d2b2cdc43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 08:08:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 34E0
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhH97OM5U1kQuYyWFYjCwDje21qRI-mieJQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhH97OM5U1kQuYyWFYjCwDje21qRI-mieJQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhH97OM5U1kQuYyWFYjCwDje21qRI-mieJQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 34E0 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:12 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame 34E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDKk8FDKKHa7yBNkVk-xC68&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDKk8FDKKHa7yBNkVk-xC68&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEDKk8FDKKHa7yBNkVk-xC68&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 34E0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 16 Nov 2022 08:08:12 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x3 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Nov 2022 08:08:11 GMT
/
onetag-sys.com/match/ Frame 34E0
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LAJD2O8F-22-M9IW&gdpr=0
0
0
/
onetag-sys.com/match/ Frame 34E0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6748777306024888295
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6748777306024888295
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:12 GMT
AN-X-Request-Uuid
1a65156a-4ff8-4b2b-a074-5848efb7f0f9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6748777306024888295
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 34E0 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=5F5ALdvNJl9fsn1wttvRbLvgek8DIbMWg2MLdIWfmVg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 34E0
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=3999078817453058114
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=3999078817453058114
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=3999078817453058114
date
Wed, 16 Nov 2022 08:08:12 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 34E0
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RkHofUhu6JrrBlqZN228b_WLYPJfzazxMOTfM2qWRS4
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RkHofUhu6JrrBlqZN228b_WLYPJfzazxMOTfM2qWRS4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Nov 2022 08:08:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RH26DH46607GKWBTPHQ2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=RkHofUhu6JrrBlqZN228b_WLYPJfzazxMOTfM2qWRS4
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
SPug
image4.pubmatic.com/AdServer/ Frame 34E0
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6283F2D0-C982-4E1F-8433-BF8A6CE93024&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VyX3iGRE2uUIy9uW7V4x.ZDMvgUuVDU-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VyX3iGRE2uUIy9uW7V4x.ZDMvgUuVDU-~A&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VyX3iGRE2uUIy9uW7V4x.ZDMvgUuVDU-~A&gdpr=0&gdpr_consent=
date
Wed, 16 Nov 2022 08:08:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 34E0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A
date
Wed, 16 Nov 2022 08:08:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 34E0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
odr.mookie1.com/t/v2/ Frame 34E0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=652bab48-9cce-4cc9-a1c8-5d71394c1333&ssp=onetag&gdpr=0&gdpr_consent=
0
0
sync
ads.servenobid.com/ Frame 34E0 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=5F5ALdvNJl9fsn1wttvRbLvgek8DIbMWg2MLdIWfmVg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
generate_204
tpc.googlesyndication.com/ Frame C0A4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7WCGpQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
match
c1.adform.net/serving/cookie/ Frame 7531 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=6283F2D0-C982-4E1F-8433-BF8A6CE93024&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 16 Nov 2022 08:08:12 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame AB3D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
42 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 08:08:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 16 Nov 2022 08:08:12 GMT
Expires
Wed, 16 Nov 2022 08:08:11 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4629 97bee97 master hkg-pixel-x23 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
sync
x.bidswitch.net/ Frame 4E9C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3SabAAIfH-SGwAO&gdpr=0&gdpr_consent=&_test=Y3SabAAIfH-SGwAO
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 6245
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xu2f6jv3qwz
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame E7B0
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rQxK66JeS-m2BkTmqlpQ7KMGSuy2W0S5-ln__IdE
42 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rQxK66JeS-m2BkTmqlpQ7KMGSuy2W0S5-ln__IdE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 08:08:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 16 Nov 2022 08:08:12 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rQxK66JeS-m2BkTmqlpQ7KMGSuy2W0S5-ln__IdE
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 83CD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6748777306024888295&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6748777306024888295&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 08:08:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
42c3a0cf-9890-4c26-b5b3-4ab17f4c06bf
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Nov 2022 08:08:12 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6748777306024888295&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
sync
ads.servenobid.com/ Frame 95AF 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=6283F2D0-C982-4E1F-8433-BF8A6CE93024
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Wed, 16 Nov 2022 08:08:12 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8C0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YoPy0MmCTh-EM7-KbOkwJA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=68821
accept-ranges
bytes
content-length
5549
expires
Thu, 17 Nov 2022 03:15:14 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8C0A
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=6283F2D0-C982-4E1F-8433-BF8A6CE93024
  • https://pippio.com/api/sync?pid=5324&it=1&iv=99e8776a3ef33667a865de8342480748de4c7ce3cb178c435c68220b23808853791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5OWU4Nzc2YTNlZjMzNjY3YTg2NWRlODM0MjQ4MDc0OGRlNGM3Y2UzY2IxNzhjNDM1YzY4MjIwYjIzODA4ODUzNzkxNDI2YjU...
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 8C0A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=914f6374-9a69-4800-af7f-7b69775be572
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=914f6374-9a69-4800-af7f-7b69775be572
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 16 Nov 2022 08:08:12 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x5 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=914f6374-9a69-4800-af7f-7b69775be572
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Nov 2022 08:08:11 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8C0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjI4M0YyRDAtQzk4Mi00RTFGLTg0MzMtQkY4QTZDRTkzMDI0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 08:08:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8C0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMtAY0Ia_-RBw_-MTDgO2WQ&google_cver=1
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMtAY0Ia_-RBw_-MTDgO2WQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 08:08:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMtAY0Ia_-RBw_-MTDgO2WQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8C0A
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8F8DDC3F656A478BB8086C577919FB8F
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8F8DDC3F656A478BB8086C577919FB8F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 08:08:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 16 Nov 2022 08:08:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8F8DDC3F656A478BB8086C577919FB8F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 15 Nov 2022 08:08:12 GMT
6283F2D0-C982-4E1F-8433-BF8A6CE93024
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8C0A 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6283F2D0-C982-4E1F-8433-BF8A6CE93024?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.232.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-232-172.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 8C0A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=
42 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Nov 2022 08:08:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a305cbb0-ee0e-46fb-b1a3-d86687548c2e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
usync.js
eus.rubiconproject.com/ Frame EFBB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
89f2d25bf8e6781eeefcc2d75034007dd82c0cf52a8294ec7df4713fbea13362

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 08:08:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Nov 2022 23:46:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56256
Connection
keep-alive
Content-Length
10066
Expires
Wed, 16 Nov 2022 23:45:48 GMT
usync.js
eus.rubiconproject.com/ Frame 8926 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
89f2d25bf8e6781eeefcc2d75034007dd82c0cf52a8294ec7df4713fbea13362

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 08:08:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Nov 2022 23:46:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56256
Connection
keep-alive
Content-Length
10066
Expires
Wed, 16 Nov 2022 23:45:48 GMT
usersync
usersync.gumgum.com/ Frame B189
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6748777306024888295
0
0
usersync
usersync.gumgum.com/ Frame B189
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_ce0d04e8-0948-49c8-8420-406e295700c3&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=OLrMvzfozb0jsMKyP-zWuDawzLgj7cLtb-_FvIOQ
  • https://usersync.gumgum.com/usersync?b=bsw&i=652bab48-9cce-4cc9-a1c8-5d71394c1333
0
0
sync
sync.srv.stackadapt.com/ Frame B189 		0
0
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame B189
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_ce0d04e8-0948-49c8-8420-406e295700c3&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=37ufWjzIITdMYdG91-gM&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MZXOVTFO2T2JFEVIZCNLFSEOOJRFVTU2...
0
0
RX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004
sync.targeting.unrulymedia.com/csync/ Frame B189
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3713545615
  • https://sync.1rx.io/usersync/tradedesk/a305cbb0-ee0e-46fb-b1a3-d86687548c2e
  • https://sync.targeting.unrulymedia.com/csync/RX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004
0
0
usersync
usersync.gumgum.com/ Frame B189
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=88g70psShSQ2&ev=1&pid=558355
0
0
redirectObuid
sync.outbrain.com/ Frame B189 		0
0
usersync
usersync.gumgum.com/ Frame B189
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=5e82ff71-0cf2-4c62-9272-e02f01cee088
0
0
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame B189 		0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame B189 		0
0
services
sync.technoratimedia.com/ Frame B189 		0
0
142
match.deepintent.com/usersync/ Frame B189 		0
0
server_match
ad.360yield.com/ Frame B189 		0
0
sync
ssbsync.smartadserver.com/api/ Frame B189 		0
0
sync
ads.servenobid.com/ Frame B189 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F6AF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=68822
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 08:08:12 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 17 Nov 2022 03:15:14 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame F619
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=a305cbb0-ee0e-46fb-b1a3-d86687548c2e
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=a305cbb0-ee0e-46fb-b1a3-d86687548c2e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 16 Nov 2022 08:08:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Wed, 16 Nov 2022 08:08:12 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=a305cbb0-ee0e-46fb-b1a3-d86687548c2e
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 69B2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
0
0
usersync
usersync.gumgum.com/ Frame 43E2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y3SabQAAAYTuAgAr
  • https://usersync.gumgum.com/usersync?b=atm&i=Y3SabQAAAYTuAgAr&gdpr=0&gdpr_consent=&_test=Y3SabQAAAYTuAgAr
0
0
pixel
cm.g.doubleclick.net/ Frame 31A7 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9jZTBkMDRlOC0wOTQ4LTQ5YzgtODQyMC00MDZlMjk1NzAwYzM=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 08:08:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame F62B 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.238.86 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 16 Nov 2022 08:08:13 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 43B4
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y3SaacCo5sIAAEp3HzsAAAAA
0
0
gumgum
cs.admanmedia.com/sync/ Frame CCB8 		0
0
usersync
usersync.gumgum.com/ Frame A8D7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y3Saa33QhgtoJZ4KQlomnwAA%264729
0
0
cm-notify
creativecdn.com/ Frame AD37 		0
0
usync.html
eus.rubiconproject.com/ Frame 082F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Nov 2022 08:08:13 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 16 Nov 2022 08:08:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame B9C3 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=7448250904070072569&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.45.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-45-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
9.gif
id5-sync.com/i/102/ Frame B9C3 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame B9C3
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=nlhkNJEKZTaFUmo5mQ5-M5BSZDOFD2pmyQ328MSp
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=nlhkNJEKZTaFUmo5mQ5-M5BSZDOFD2pmyQ328MSp
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 16 Nov 2022 08:08:13 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=nlhkNJEKZTaFUmo5mQ5-M5BSZDOFD2pmyQ328MSp
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
v1
match.sharethrough.com/sync/ Frame B9C3
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=7448250904070072569&gdpr=0&gdpr_consent=
0
0
/
rtb-csync.smartadserver.com/redir/ Frame B9C3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 16 Nov 2022 08:08:13 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Wed, 16 Nov 2022 08:08:13 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x18 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 16 Nov 2022 08:08:12 GMT
cs
cs.minutemedia-prebid.com/ Frame 0020
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y3Saa33QhgtoJZ4KQlomnwAA%264729
0
0
cs
cs.minutemedia-prebid.com/ Frame 0020
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g7a9875c727791309c1b&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
0
0
us
sync.go.sonobi.com/ Frame 0020 		0
0
3e1ed898b08f9e935ca99407796b46c0.gif
cs.iqzone.com/ Frame 0020 		0
0
cs
cs.minutemedia-prebid.com/ Frame 0020
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER...
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=e9a6b5b594998abf15a34e037e0cbe0b
0
0
/
ssc-cms.33across.com/ps/ Frame 0020 		0
0
cs
cs.minutemedia-prebid.com/ Frame 0020
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A&gdpr=0&gdpr_consent=
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 0020
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6283F2D0-C982-4E1F-8433-BF8A6CE93024&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VyX3iGRE2uUIy9uW7V4x.ZDMvgUuVDU-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VyX3iGRE2uUIy9uW7V4x.ZDMvgUuVDU-~A&gdpr=0&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VyX3iGRE2uUIy9uW7V4x.ZDMvgUuVDU-~A&gdpr=0&gdpr_consent=
date
Wed, 16 Nov 2022 08:08:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
syncb
sync.bfmio.com/ Frame 0020 		0
0
6185b9cf4d72f7e454746134b8c78716.gif
cs.krushmedia.com/ Frame 0020 		0
0
server_match
ad.360yield.com/ Frame 0020 		0
0
v1
match.sharethrough.com/universal/ Frame 0020 		0
0
redirectuser
ssp.disqus.com/ Frame 0020 		0
0
rmpssp
sync.1rx.io/usersync2/ Frame 0020 		0
0
getuid
eb2.3lift.com/ Frame 0020 		0
0
getuid
secure.adnxs.com/ Frame 0020 		0
0
pixel
ap.lijit.com/ Frame 0020 		0
0
match
ads.betweendigital.com/ Frame 0020 		0
0
minute_media
cs.admanmedia.com/sync/ Frame 0020 		0
0
rtset
bh.contextweb.com/bh/ Frame 0020 		0
0
0
prebid.a-mo.net/cchain/ Frame 0020 		0
0
services
sync.technoratimedia.com/ Frame 0020 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 0020 		0
0
cm
u.openx.net/w/1.0/ Frame 0020 		0
0
sync
rtb.mfadsrvr.com/ Frame 0020 		0
0
sync
ads.servenobid.com/ Frame 0020 		0
0
/
onetag-sys.com/usync/ Frame ACC2 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
3104b5613a9b29941340ecd954031a4d83569d83d7ffefa53a0cf7a8c68a3a11
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1315
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
19fc6daa3a926256
ads.us.e-planning.net/uspd/1/ Frame B583
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
0
0
usync.html
eus.rubiconproject.com/ Frame AC1D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Nov 2022 08:08:13 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 16 Nov 2022 08:08:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame EFBB 		0
0
cksync.php
contextual.media.net/ Frame 8926
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LAJD2O8F-22-M9IW
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAJD2O8F-22-M9IW
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAJD2O8F-22-M9IW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 16 Nov 2022 08:08:13 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 16 Nov 2022 08:08:13 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAJD2O8F-22-M9IW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb90&_p=5158&cid=287406375.1668586088&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1668586088&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&dt=%E7%A7%81%E5%AF%86%E8%99%95%E5%88%86%E6%B3%8C%E7%89%A9%EF%BC%8C%20%E5%8E%9F%E4%BE%86%E9%80%99%E6%A8%A3%E6%98%AF%E7%95%B0%E5%B8%B8%E7%9A%84%EF%BC%8110%E7%A8%AE%E5%AF%A6%E7%94%A8%E4%BF%9D%E5%81%A5%E6%B3%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Nov 2022 08:08:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 082F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
89f2d25bf8e6781eeefcc2d75034007dd82c0cf52a8294ec7df4713fbea13362

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 08:08:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Nov 2022 23:46:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56255
Connection
keep-alive
Content-Length
10066
Expires
Wed, 16 Nov 2022 23:45:48 GMT
711916.gif
id.rlcdn.com/ Frame ACC2 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
ecm3
s.amazon-adsystem.com/ Frame ACC2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=GkD5TnA7_i4jjRVwjRvo01z74FcHRctrNUCwlpCPpJs
0
0
sync
x.bidswitch.net/ Frame ACC2 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Nov 2022 08:08:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
onetag-sys.com/match/ Frame ACC2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=914f6374-9a69-4800-af7f-7b69775be572&gdpr=1&gdpr_consent=
0
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame ACC2 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame ACC2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6748777306024888295
0
0
tap.php
pixel.rubiconproject.com/ Frame ACC2 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=RkHofUhu6JrrBlqZN228b_WLYPJfzazxMOTfM2qWRS4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame ACC2 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame ACC2 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 08:08:13 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame ACC2 		0
0
cs
cs.minutemedia-prebid.com/ Frame ACC2 		0
0
usync.js
eus.rubiconproject.com/ Frame AC1D 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 082F 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=8&ovsid=37ufWjzIITdMYdG91-gM&refUrl=&type=zem&vid=85860917083115876917443742000V10&vsid=3115876917443742000V10
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3115876917443742000V10
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHZgZKNaEKEJBtc6VhSBpik&google_cver=1
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHZgZKNaEKEJBtc6VhSBpik&google_cver=1
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=37ufWjzIITdMYdG91-gM
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=2&uid=LAJD2O8F-22-M9IW&gdpr=0
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=652bab48-9cce-4cc9-a1c8-5d71394c1333&ssp=onetag&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5OWU4Nzc2YTNlZjMzNjY3YTg2NWRlODM0MjQ4MDc0OGRlNGM3Y2UzY2IxNzhjNDM1YzY4MjIwYjIzODA4ODUzNzkxNDI2YjU0MTdkY2UyMRAAGgwI7bTSmwYSBAgCEABCAEoA
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=apn&i=6748777306024888295
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=bsw&i=652bab48-9cce-4cc9-a1c8-5d71394c1333
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MZXOVTFO2T2JFEVIZCNLFSEOOJRFVTU2JTVONPXA4TJOZQWG6J5GEWS2LI
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=pln&i=88g70psShSQ2&ev=1&pid=558355
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=opx&i=5e82ff71-0cf2-4c62-9272-e02f01cee088
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=309&uid=a_ce0d04e8-0948-49c8-8420-406e295700c3
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=mmh&i=914f6374-9a69-4800-af7f-7b69775be572&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=atm&i=Y3SabQAAAYTuAgAr&gdpr=0&gdpr_consent=&_test=Y3SabQAAAYTuAgAr
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sus&i=Y3SaacCo5sIAAEp3HzsAAAAA
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=iex&i=Y3Saa33QhgtoJZ4KQlomnwAA%264729
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum
Domain
id5-sync.com
URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=7448250904070072569&gdpr=0&gdpr_consent=
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y3Saa33QhgtoJZ4KQlomnwAA%264729
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g7a9875c727791309c1b&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/3e1ed898b08f9e935ca99407796b46c0.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21508%26puid%3D[UID]
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21502&id=e9a6b5b594998abf15a34e037e0cbe0b
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A&gdpr=0&gdpr_consent=
Domain
sync.bfmio.com
URL
https://sync.bfmio.com/syncb?pid=186
Domain
cs.krushmedia.com
URL
https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21483%26id%3D%5BUSER_ID%5D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
Domain
u.openx.net
URL
https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=minutemedia
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=348&uid=OreyhHSaC_mm
Domain
ads.us.e-planning.net
URL
https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LAJD2O8F-22-M9IW
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=GkD5TnA7_i4jjRVwjRvo01z74FcHRctrNUCwlpCPpJs
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=1&uid=914f6374-9a69-4800-af7f-7b69775be572&gdpr=1&gdpr_consent=
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6748777306024888295
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21493&id=RkHofUhu6JrrBlqZN228b_WLYPJfzazxMOTfM2qWRS4
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LAJD2O8F-22-M9IW

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString function| setImmediate function| clearImmediate object| adRecover number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter undefined| $ undefined| jQuery function| jqAlias string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| criteo_syncframe_state object| _qevents object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries function| quantserve function| __qc object| ezt object| _qoptions boolean| descriptionPage object| google_reactive_ads_global_state object| dataLayer function| gtag object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

128 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQo-Ps-8cwCgoIgQIQo-Ps-8cwCgoI4gEQo-Ps-8cwCgoI5gEQo-Ps-8cwCgoIhwIQo-Ps-8cwCgkICRCj4-z7xzAKCQg6EKPj7PvHMAoKCIwCEKPj7PvHMAoJCF8Qo-Ps-8cwCgkIHxCj4-z7xzA=
.aralego.com/ Name: sspid
Value: 0eab936f-e555-3ade-b0c8-6ca2d00c2fea
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: 72191f34-ba3d-4fbf-bf39-24f891c35322
www.bg3.co/ Name: CFFPCKUUID
Value: 6902-gHTlrNNUXmF8MQPhl5xfwGyImbmw15qO
.www.bg3.co/ Name: CFFPCKUUIDMAIN
Value: 933-wRRS8LeNJ5cjrPnsjHeLX3cw9byQeVKz
.hinet.net/ Name: uuid
Value: 8fc5bb7b-95f9-4b29-b30e-a9efc2ad2d23
.adpushup.com/ Name: ap_uid
Value: cbc9d010-6585-11ed-bf86-000d3aa22032
.adpushup.com/ Name: ap_usid
Value: cbc9d011-6585-11ed-bf86-000d3aa22032
.bg3.co/ Name: __htid
Value: 8fc5bb7b-95f9-4b29-b30e-a9efc2ad2d23
.bg3.co/ Name: _ht_em
Value: 1
.bg3.co/ Name: _ht_50ef57
Value: 1
.holmesmind.com/ Name: Vision
Value: 20221116-23:59,20221116-19,20221116-19,20221116-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.holmesmind.com/ Name: P
Value: 578014-KaEjVviNlhQq1Ju5X9Px9Wwj9yDs6vvQ
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 7a136458-8d60-4bc3-afdf-382aadb9d233
.c.appier.net/ Name: _auid
Value: Y4mntHZmClyi1tVQZZp0Yw
.openx.net/ Name: i
Value: 7a136458-8d60-4bc3-afdf-382aadb9d233|1668586086
.rubiconproject.com/ Name: khaos
Value: LAJD2O8F-22-M9IW
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEw5rTSmwY4AUABSAEQ5rTSmwYYAA..
.adnxs.com/ Name: uuid2
Value: 6748777306024888295
.quantserve.com/ Name: mc
Value: 63749a66-9991e-38973-d9faf
.bg3.co/ Name: __qca
Value: P0-1577351276-1668586085772
.teads.tv/ Name: tt_viewer
Value: c9016be3-4fe7-47a0-969b-e2ae1dabdf77
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1668586088.1.0.1668586088.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.287406375.1668586088
.bg3.co/ Name: __gads
Value: ID=6b8e00d638da195e:T=1668586087:S=ALNI_Ma3WuRNymhg_-bmk7gxcrRYipmI2Q
.bg3.co/ Name: __gpi
Value: UID=00000b7d102da719:T=1668586087:RT=1668586087:S=ALNI_MamodxDxAeEr-F8orFmSM6a1_B5kQ
.doubleclick.net/ Name: IDE
Value: AHWqTUkqCCHlFvcBJ7PvADA4y3aPchyRRc2Z3hAFOb4RKNugTvlBf95sqFkQjaLrXrE
.adsrvr.org/ Name: TDID
Value: a305cbb0-ee0e-46fb-b1a3-d86687548c2e
.ctnsnet.com/ Name: cid_6f0a47d4bb4a441f92e59e27c6a4ad0f
Value: 1
.ctnsnet.com/ Name: gid_CAESEMiKBRVNTCU3NGLQQO-LdvE
Value: 1
.dap.fw-ad.jp/ Name: user
Value: 06f86ed9-6de5-3925-be76-bc596f98cf15
.dap.fw-ad.jp/ Name: gcm_usec
Value: 1668586089528000
.yahoo.com/ Name: A3
Value: d=AQABBGmadGMCEOCpdVu9O6zXo5Jg9oV6QJsFEgEBAQHrdWN-YwAAAAAA_eMAAA&S=AQAAAhcyEsKpwTwDpor_Bo4G12M
.socdm.com/ Name: SOC
Value: Y3SaacCo5sIAAEp3HzsAAAAA
.ctnsnet.com/ Name: cid_373f74f7bd99420589fd23d31a915633
Value: 1
.ctnsnet.com/ Name: gid_CAESEOO-_qyifxbXd6clGJhhbHw
Value: 1
.mathtag.com/ Name: mt_mop
Value: 4:1668586089
.fout.jp/ Name: uid
Value: 3eWAFREcoNKBOkbQhtSndal7wI4
.send.microad.jp/ Name: TR
Value: 9cfd721f3a8599211fd5ad224f9d301727490fb57ece76ca
.simpli.fi/ Name: suid
Value: 8F8DDC3F656A478BB8086C577919FB8F
.bidswitch.net/ Name: tuuid
Value: 652bab48-9cce-4cc9-a1c8-5d71394c1333
.bidswitch.net/ Name: c
Value: 1668586089
.bidswitch.net/ Name: tuuid_lu
Value: 1668586089
.ad-m.asia/ Name: uid
Value: U2qARUrMGL
.mathtag.com/ Name: uuid
Value: 914f6374-9a69-4800-af7f-7b69775be572
.3lift.com/ Name: tluid
Value: 850862444308001696938
.uuidksinc.net/ Name: jcsuuid
Value: KtD6dfI1CGJIqfrRtrog
.c.appier.net/ Name: _gu
Value: CAESEBjBHu7F8mWNyXCRS6IJyn8
.adingo.jp/ Name: ID
Value: 55d43ac19e59705a2c42d7f0ba432ac8
.yahoo.co.jp/ Name: XA
Value: aeuepqdhn96ja&sd=B&t=1668586090&u=1668586090&v=1
.yahoo.co.jp/ Name: XB
Value: aeuepqdhn96ja&b=3&s=9o
.reemo-ad.jp/ Name: deviceIdentifier
Value: FHBZOSgPQmmiSxnlgfPcsjGIPJGfKlmp
.reemo-ad.jp/ Name: sync_gadx
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6283F2D0-C982-4E1F-8433-BF8A6CE93024
.uncn.jp/ Name: t
Value: v_df5be37b-e3c9-461a-8909-06f577bf3703
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A5900175048819371639
.zemanta.com/ Name: zuid
Value: 37ufWjzIITdMYdG91-gM
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22a305cbb0-ee0e-46fb-b1a3-d86687548c2e%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-10-16T08%3A08%3A11%22%7D
.openx.net/ Name: pd
Value: v2|1668586090|jElYiuvOiahI
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A5900175048819371639
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY4NTg2MDkxfQ
.inmobi.com/ Name: idsp_c
Value: c006ceca-2761-4dcd-9cce-ccb930ce2b25
.openx.net/ Name: univ_id
Value: 537072971|a305cbb0-ee0e-46fb-b1a3-d86687548c2e|1668586091319162
.media.net/ Name: visitor-id
Value: 3115876917443742000V10
.linkedin.com/ Name: li_sugr
Value: cfc39a69-2e78-488f-9d27-119bd8c83ff0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&5a87534c-f9b7-4870-860f-7c9477ff4e9d"
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2543:u=1:x=1:i=1668586091:t=1668672491:v=2:sig=AQGTCNt_XZaOQugGHAn0K98VRuW0Nz38"
.casalemedia.com/ Name: CMID
Value: Y3Saa33QhgtoJZ4KQlomnwAA
.casalemedia.com/ Name: CMPS
Value: 4729
.casalemedia.com/ Name: CMPRO
Value: 4729
.turn.com/ Name: uid
Value: 2809913597948024367
.ladsp.com/ Name: cr
Value: 1
.bing.com/ Name: MUID
Value: 3A9B4C7ABD6F655B23EF5E24BCFF644D
.c.bing.com/ Name: MR
Value: 0
.adform.net/ Name: C
Value: 1
.bg3.co/ Name: cto_bundle
Value: gtTWj19CbXBHNmlJNXpQdCUyQkFoJTJGaCUyQmtmYTJGVGFEWWZtJTJGNUVQZHZleWtFR0pCSTklMkY1bWNvdyUyQmFFZERpQVlSakkzSTg1UFd1Q1B1QVBleTZQa3NSMnROV3lzSUxHRDd1VnBSMzBIZUx6b0ExWXh3ayUzRA
.bg3.co/ Name: cto_bidid
Value: arMbIV95ZTlGNFR2a0tOZDFQVXdxNm8ycnl5cWJHMGhKd3lCSFNmNjhnSVVkR2dxelZIdkt4SkZmTjJBbDM5SiUyRnlKbFEycFJoQVNKUnZBaWJkdmdmcTN3bDFBJTNEJTNE
.ladsp.com/ Name: smn_uid
Value: iozHBZ-LoTHqsXYH1fBSAA7--kQn0_8
.ladsp.com/ Name: lum
Value: COLs7PvHMBIFCAMQ0AU
.media.net/ Name: data-mm
Value: 914f6374-9a69-4800-af7f-7b69775be572~~8
.rlcdn.com/ Name: rlas3
Value: WQv9GmRPdWaOhTYacd+N+LxgWkUbIRdo4GAneMEOZzU=
.adform.net/ Name: uid
Value: 1782628806885734110
.prebid.a-mo.net/ Name: _sv3_11
Value: 1
.a-mo.net/ Name: amuid2
Value: fe1107db-7394-4f0e-ab1c-cfe84ec1bbba
.prebid.a-mo.net/ Name: sd_amuid2
Value: fe1107db-7394-4f0e-ab1c-cfe84ec1bbba
.onetag-sys.com/ Name: OTP
Value: RkHofUhu6JrrBlqZN228b_WLYPJfzazxMOTfM2qWRS4
.ads.pubmatic.com/ Name: KCCH
Value: YES
.media.net/ Name: data-o
Value: 6193329e-8fe7-4ed4-9646-8eac7b717312~~8
.media.net/ Name: data-a
Value: 6748777306024888295~~8
.adsymptotic.com/ Name: U
Value: 7766d5f5557dedda9c7814cb041f3d56
.w55c.net/ Name: wfivefivec
Value: 7pBKhEm51OVdsU5
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 162412:3
.pubmatic.com/ Name: DPSync3
Value: 1669161600%3A164%7C1668643200%3A174%7C1669766400%3A197_201
.pubmatic.com/ Name: SyncRTB3
Value: 1669766400%3A3_247_8_13_71_7_54_22_220_21
.media.net/ Name: data-g
Value: CAESEEt_yULbAZP9i7lK0yGemUc~~8
.servenobid.com/ Name: pid_337
Value: y-UhLGbSlE2uEe.yOMZal1lvE3xznioDcxAnyWtuU-~A
.gumgum.com/ Name: vst
Value: a_ce0d04e8-0948-49c8-8420-406e295700c3
.servenobid.com/ Name: pid_312
Value: 6748777306024888295
.smartadserver.com/ Name: pid
Value: 7448250904070072569
.w55c.net/ Name: matchmedianet
Value: 5
.casalemedia.com/ Name: CMTS
Value: 4689
.lijit.com/ Name: ljt_reader
Value: FqOoCRZH3JG7ifdJRGaA2WiG
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIqJvHv_fsozsQBRIWCgdydWJpY29uEgsIhpSs2ffsozsQBRIVCgZjYXNhbGUSCwjC38_c9-yjOxAFGAEgASgCMgsIwLrwjY7tozsQBTgBWgZndW1ndW1gAg..
.quantserve.com/ Name: d
Value: EKwBCwHLJ_ijAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~28bk:196n~28bk:175w~28bk:198o~28bk"
.media.net/ Name: data-ttd
Value: a305cbb0-ee0e-46fb-b1a3-d86687548c2e~~1
.minutemedia-prebid.com/ Name: wrvUserID
Value: OreyhHSaC_mm
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.rlcdn.com/ Name: pxrc
Value: COy00psGEgUI6EcQAA==
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJ5+j2qMQsqpHXrd8oPN4aCz1y28sZufETUdIhPAgIwaytzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.gammaplatform.com/ Name: _aCMR_1
Value: 5
.gammaplatform.com/ Name: _aGeoIp
Value: NZ|Auckland
.gammaplatform.com/ Name: _aUID
Value: 12fk59hweldx
.amazon-adsystem.com/ Name: ad-id
Value: A8AbLY5m_kj3s1EpEtkbujw
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmZhamFmYGlkaWEAAKEMuokQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjIwtLAwsLA0NLIwB9JGhkYmQnyGuoWFhc7mRgVV6YaVwQD6ehuEJQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjIwtLAwsLA0NLIwB9JGhkYmQnyGuoWFhc7mRgVV6YaVwQD6ehuEJQAAAA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-13e3e65d-a3c1-4dae-9783-cc636626f4aa-004%22%2C%22zdxidn%22%3A%222057.4%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3115876917443742000V10%26type%3Dr1%26refUrl%3D%26vid%3D85860917083115876917443742000V10%26ovsid%3D%5BRX_UUID%5D%22%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y3SabAAIfH-SGwAO

33 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/63c3d4f22dbc75c135eacf653472c7d1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/45b831a1c42cded29273418753f5ab06.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/5d9eb2e9bde601ec6c78552a61dfb279.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/9ac1baf7d01dd3adbb332582e7dab148.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/bee77bc2845391d5a3bc63943213379e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/9470e70b4b75c2a80dd4fa88b385f3aa.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/089647b39a8806ee4807bfd16614266b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/5595ee6cece79904d433cfd510001a91.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/96f9b96b296ca08728af83df67f81cc2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/7a801ebd356622e389d3a8311f6ad4d8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/226be64d066084cadbdfc691ea70c073.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/0855ee8168b0de814f7b31b06063c244.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/744412612447135dd06e54f850a68371.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/7bc2cfeff8eadb0122ecd0b79361ac17.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/896b63edf8d35c2d9751432932f011a9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/417700b79aa68bf6fded8b9cee705c05.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/5de545face37de1cbcf0a2f0fdbf1067.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/794554744e87bda0ac7751f24222a83c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/1a91352d2d72896de7313e0e98cd79e5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/add2215e4a199d6e0176dcd88de1df5e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/de58794547bfc80fd6f813ef0b241736.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/b61c883cb5f0da9ee430e57e239b0268.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/3acdd6cf515f86d90527c3d114dd515a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://www.bg3.co/a/si-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html
Message:
Access to XMLHttpRequest at 'https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F' from origin 'https://www.bg3.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cdn.adpushup.com/42753/L2Evc2ktbWktY2h1LWZlbi1taS13dS15dWFuLWxhaS16aGUteWFuZy1zaGkteWktY2hhbmctZGUtMTBjaG9uZy1zaGkteW9uZy1iYW8tamlhbi1mYS5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668586087&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fsi-mi-chu-fen-mi-wu-yuan-lai-zhe-yang-shi-yi-chang-de-10chong-shi-yong-bao-jian-fa.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668586086809&bpp=18&bdt=1156&idt=769&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=6088305321440&frm=23&ife=1&pv=2&ga_vid=1144798396.1668586088&ga_sid=1668586088&ga_hid=1252755616&ga_fc=0&ga_cid=amp-8Twq7C3_VFemPe13nrkhFA&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3148&biw=1600&bih=1200&isw=336&ish=280&ifk=3934395809&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C21066428%2C31070762%2C44770880%2C31070950&oid=2&pvsid=4213802077170865&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kquqipdbfgw&btvi=1&fsb=1&dtd=789
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://fcm.holmesmind.com/cm.php
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEA-AhF_hY2G07vpK8thQJno&google_cver=1&google_push=ASkJ3FYGGw8sGXg3mtqJ0cgCiVRFnqpUaY_Rl52U0KKLuj6fZIj55R7pjblbFYnu6DMgAXpzqTph5B5kFJpQBoYXsGF-SRr9Q58dt9M6hcCZOMZEyAq3tWDXZ7h4s6OREYvp39LdIeecgLyWdKl0x1j8R-k
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://fcm.holmesmind.com/cm.php
Message:
Failed to load resource: the server responded with a status of 502 ()
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

40b6da1645e64147d6f7c35bda4143df.safeframe.googlesyndication.com
8ce7a64f443c6c43c603aba7d4dbbba3.safeframe.googlesyndication.com
8fc5bb7b-95f9-4b29-b30e-a9efc2ad2d23.t.ssp.hinet.net
92970b96c11ec10c9f747f8df2fc1dea.safeframe.googlesyndication.com
a.c.appier.net
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.holmesmind.com
ad.turn.com
ad2.apx.appier.net
adcdn.holmesmind.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.us.e-planning.net
adservice.google.co.nz
adservice.google.com
aid.send.microad.jp
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bi.adpushup.com
bidder.criteo.com
c.bing.com
c.holmesmind.com
c1.adform.net
campaign.adpushup.com
cat.sg1.as.criteo.com
cc.adingo.jp
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.holmesmind.com
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cksync.yahoo.co.jp
cm-supply-web.gammaplatform.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
cs.iqzone.com
cs.krushmedia.com
cs.media.net
cs.minutemedia-prebid.com
csm.as.criteo.net
d-41239213303798795131.ampproject.net
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
ds.uncn.jp
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fcm.holmesmind.com
fp.holmesmind.com
g2.gumgum.com
gocm.c.appier.net
google.dap.fw-ad.jp
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mweb.ck.inmobi.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.scupio.com
public.servenobid.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.amazon-adsystem.com
s.uuidksinc.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.bfmio.com
sync.dsp.reemo-ad.jp
sync.fout.jp
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.ssp.hinet.net
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.betweendigital.com
ads.servenobid.com
ads.us.e-planning.net
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
cs.admanmedia.com
cs.iqzone.com
cs.krushmedia.com
cs.minutemedia-prebid.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
hb-api.omnitagjs.com
id5-sync.com
image8.pubmatic.com
match.deepintent.com
match.sharethrough.com
odr.mookie1.com
onetag-sys.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
rtb.mfadsrvr.com
s.amazon-adsystem.com
secure.adnxs.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
sync.1rx.io
sync.adotmob.com
sync.bfmio.com
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
u.openx.net
ups.analytics.yahoo.com
usersync.gumgum.com
x.bidswitch.net
103.132.192.30
103.229.10.171
103.229.206.240
103.231.98.197
103.3.63.48
104.16.87.20
104.18.33.19
104.18.99.194
104.211.156.162
104.26.2.91
104.45.178.220
13.107.21.200
13.107.42.14
13.33.33.38
13.33.33.78
13.33.88.32
13.33.88.40
13.76.45.37
139.162.40.113
139.5.84.243
142.250.4.104
142.250.4.157
142.251.10.156
142.251.12.132
142.251.12.155
142.251.12.156
145.40.89.200
150.95.47.242
151.101.65.108
151.101.66.49
152.199.39.108
172.217.194.132
172.217.194.157
172.217.194.94
172.64.151.162
172.64.154.237
172.67.71.254
174.137.133.49
18.136.83.14
18.155.68.93
18.179.87.8
18.180.4.123
182.161.73.129
182.161.73.132
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
183.79.249.252
185.84.60.20
198.8.71.131
2.20.137.181
20.212.157.225
202.131.200.84
202.232.238.37
202.233.84.1
202.241.208.100
203.75.214.136
209.191.163.208
209.191.163.209
209.54.182.161
209.58.188.181
210.59.219.181
216.239.36.178
23.106.127.38
23.106.127.39
23.195.152.23
23.195.153.54
23.36.252.26
23.72.44.196
23.75.85.227
31.220.27.135
34.107.148.139
34.117.219.39
34.246.45.103
34.83.125.63
34.95.67.231
34.96.119.68
34.98.64.218
35.186.193.173
35.190.60.146
35.201.76.93
35.213.117.18
35.213.12.39
35.244.159.8
35.71.131.137
35.71.178.8
35.73.78.161
35.74.84.83
35.76.245.45
42.99.140.161
42.99.140.201
50.116.239.135
50.16.238.86
51.79.234.101
52.196.5.119
52.220.229.2
52.222.158.9
52.45.175.185
52.74.13.196
52.77.135.113
54.200.135.41
54.238.120.71
54.254.232.172
64.74.236.63
67.199.150.81
67.199.150.85
67.199.150.86
68.67.161.182
68.67.178.10
69.16.175.10
69.173.144.139
69.173.158.64
69.173.158.65
74.125.24.154
74.125.24.156
74.125.24.97
84.17.37.44
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
026bffe13ada672844309676b4fc96968f5c8e4f15d478ff064416b16069bf83
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
0535100df27c6d49a6d1c06b7f98455bf0cdef6ae63c4c168b5cf1f170c14c51
0622b24ae21b906c69f5d790740693e1cc4431f7208a8087625894401bb4a4f7
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e74fbb4c49a44d222a938012bf4284b6f9484ceb05c828d39b7c84828f1629e
14c993237d4dd4abe952f398aae78375e76629f22f6d51a910e194be4a373e6a
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1d06186935333e9e0054906d58a51794a743376d1b71dc55df78e65debcc9820
1db1bed3d7eeaa51da932edf9982644f94bc4be5d06180bd26da220689235a52
20707f9920bfce99c4dcc27ec009acd915ead8b82684371ad28f00f8d691b474
213d9ae144d1afc40c8f967b9489cffbd280abac0512d461f0f6c945a929fc06
21e4d3688c0f8a04bf486c0f8784fe3f61b6a790f1a868a0ef2c4d62b60e6c16
235946cd53b32786a30d9e9374386897bf27827dfbbad252dac649e05d68e992
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
27b6a1a1b9fce1c609e64c20eae9ad7839a2209b110663d4d42368186fc309ad
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
294710229b135e49d64c6367e5f6e2f9a9b3987f9333cc89310e6574d5cd65ba
2c71445ec9538a4d031b32ba0f044ae793aac625896846f838f9c8abace99c08
2f5d50507085a96531fbecdaf80f523275621542620c4a77381ddefb5bc36665
3104b5613a9b29941340ecd954031a4d83569d83d7ffefa53a0cf7a8c68a3a11
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c
3b1e123fa7a59f887749f1d077b789c560fd1ace3fe3233258acca0960177807
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e76fa5f8f7b53855ef3a64bb458a6ff4a09da9a814e81d844c973008139f527
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43651d9987d330a8113243857b3e376194303e4ec962c2590676657b639ae99e
445cb6574f217336c5164f5c3b24b319c6c5d600b4a0c67af2537f4d2b2cdc43
4613bb4f7d48662c9e73eab55b9472acf5297f231427a56b2e7d5f05c9ee7d2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b23cb4468f2421440ab2fcfd445092a9e38cb56682b953bc83012a1bdf5edab
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f04b5c83fea3f3eba3aa7ebb2e93bbb6bae3e3a357eb6390a7805e52799ee17
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
508576136d24e6571949b7e4c353ed7854dcad76560628cd5ce53975098104ee
51ea63533ada918dc8595d04b77e0249c4144a65f8c819061d8f76bc0bd07985
522a32b55b17792e9e619821a38211d6bfe506c81dd75baa6a5a12732efced71
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55240e190af93c329c339c44aef4e37701f7cac83c65df0afb7e801b7eead39f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
587699d319ba902488fbadcf1bcadf78c821fc5c1266a234af41be6469b4e7e1
5883eb7fe40b1f46934ef7d8d954ae66d71278ff1d476c5cf85d2ef9d09a35fd
59137467b97878a05285b5b6ccb9a0e0d0b3453b550ddbb712b220a53e26fb5f
5983e4e959353ad972f456b3a23f9b43b1b03a5530530df67caab1c7e190826c
5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3
5b9d480de80672f10fcf85c4f718d224e6ef92ca908fcb2ab281c0e1af46e3f0
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6348da6b652de2baefe437f72327f5bf10ed982630d4c0d092e627485169555d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c55a2eeab76b7ba07ede1009a37794e6907b1fc0b94df2f67afc72388b1e59a
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
7190818ec354818df8397595b2280323490e5c9473f99d9ed64399781aae8461
725b46f7e731a74485fb7e18032afe30b4abd1b488558f5bff3195c02af351bf
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
751502514b4e1c5430b219edd586c8834bb17bfb42a6d780e78deab6da68fbbb
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
79277123809e51ee81022355e8135a77f5f173eb9d4b861121c6aba17f196975
80da68138a2df0a4cd29367b005878c808ae3db9a778551a1f679c26a563574d
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
8260f4549e1b95322f11e02dc3872950de2b71f3b12d716317f5f9e543a02f18
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839ae361d476afc38b42db367a9d014371e2eb9bd444cb089608b0de69cf1dbe
8478418d94b0505befafa231e64faf85d57197802ed303c677bafa0046fbf988
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
878674d3e2986e2a0da06a414498ebe39c165c2e22624600ee179ec9df149105
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
89aad8f50f137d35f2b7b49e6ad90f29a573e04337f0a61547e857a56cb2e17f
89f2d25bf8e6781eeefcc2d75034007dd82c0cf52a8294ec7df4713fbea13362
8a95d8e5eef4f82f55f3b81fde9efcc42a824b2df26435ebffb9242796fa3576
8c9227d7f994de902f7c5197a16ac999fb2a37a6906caf65b18c3efee8149a25
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
90a951e4e6f51ca091aa6bc4caac831ad00b4a9d281998875b350115837b69e5
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
92087e6760d4136f17162bffdd822b9194598567897c8f40c599335786c0b0a7
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9367980d1a2a729754c9a6777d7236e9d49c662a197f00e210ba276d7e0aa6ac
95bdea58ff69ee6eb1f597ed9fc0b1de4cb3eb78b77e6d75c8b448f293daf2db
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
96e01b7b57816c274e0c47f5194dc6ec81291a15c11ffe624c439085ceaad3de
98e0152a25b85e801108d94fdf52c914cd62d09629e3dfc1a1f19c8cf60ac109
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a021ddf0a5dc3c01fe8d8af486917580010c5121f17a3f9666269b13ba27eba
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a89c99a73b3c1f0c7a3977dd68ceba2286f13385d81aa1bf2c6811bce17f84fd
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa391585461254bcdad0d85f6525155612c9496b67503ab5e3ffd1eada1e3799
aa76dd015baf6525e2717fc75cac917cb6ff47e37419a721e382618e66818ac6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4f3cae6beb63f925d4fb738f7d884ac1f5279a0646eda338c9b105a2fa15c9b
bae1aa292dc7206226ef5b9cdb55d41a9fb35154e9217657f2c95f9afb4c342e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be946869936f642674f2073b89f18c15e1e1db3c37b48470fb87335e861bc920
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c18a525d02460dcbbf00a4f1c52440779150c20584e79e03c892a04189070c83
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c241581f081a69f1f23be04915a3271b27e7a64deda81dd6989aa048fd8a5145
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3eb4ba7978b0c89ef74df200f23f3fd1f4eddc5889a9976cdb9aebef14ec67e
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d997fe7132448a6852bb71a30154f20600919be2635ea5f75b9ccf2722c30e2a
d9cf1bdc04ec9e82f94d73bc3841aa4dbd39309e1f7f647b7b01108eaad00c24
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f
dcd6224108230aec446f13cd6b484c803211bf494084773556a30a91479bcbe4
ddf6ed74e0df01a68599b97d617e93cf022a7d4d89442661dedca0b2b3c7bcd8
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
dfba51e1a3dd938ef659716376199cdac72bebf340d80e7e5793a8a55b405a3d
e005bd498c71a1e59de4a20aec621c9a51451e498778fb049957e17fca316f8c
e05fefda78071d16d99a6dc741beb79ddfb319a09cdf44de460961ac5d8844a0
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72258a869ee64d7996fee5404117c0e3de182080478d854c1239cce87d38851
e74f669bd829be45d45165e47dbd129e3bdbfce07c573ec94211d072c7bf5a1a
e9c17d5c68c3f5dcce8afebe510ae4c7de3ecfafaed4617eca4ee3b01d8666c0
eaa4c358dc4bc1f7d9e69bbe3a811dbb0173b33a1a03ed9bf4537f8d3225e61c
eab106d6ee70b0701ec324df38541deb3fffd7f5f07ec6c1e7e78a765cea6c9b
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
edeec4bb88bbd406844580f1be7a835362552d4122b6a8141bd16fd78ca8d0c4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4b583c4b292fd9a15a1fce0af1a41c4216af6a6a64c056e6de0e8f39ef8c27
ef61de62bdd4d685961d0da741d164c50e531c9d98376158e47bb777363970f6
f033b14ac8b9383d2a41767657156498db3adc2d25258efc822cefb7eedc94df
f0b6324bb1feefa8f0b28804f8333511a5e869501ae7b4ef23ab434f1a2d6c54
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f8197cd7d02ab903d1eed22c6c828632425232993698b71d785d2bb0136c9a3c
f9dcdf4f0cf903fd3e6e52fe353a5e069983621048f82ce4b3f45b695651e33e
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fb7695ab4030c30f85825fe0c84e612c7c755db1ebb442f8316aad6efccbbf9b
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458
fe3c7ec526b387428a2493b4e8d799feaef879057164e9e5ab3055322f3dd7e3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e